Detections
Analytics

Wireshark 1.12.x < 1.12.13 Multiple Vulnerabilities (macOS)

high Nessus Plugin ID 311401

Synopsis

An application installed on the remote macOS / Mac OS X host is affected by multiple vulnerabilities.

Description

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 1.12.13. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-1.12.13 advisory.

 - The NDS dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (wireshark-bug-12576)

 - The PacketBB dissector could divide by zero. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (wireshark- bug-12577)

 - The WSP dissector could go into an infinite loop. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (wireshark-bug-12594)

 - The MMSE dissector could go into an infinite loop. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (wireshark-bug-12624)

 - The RLC dissector could go into a long loop. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (wireshark-bug-12660)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Wireshark version 1.12.13 or later.

See Also

https://www.wireshark.org/docs/relnotes/wireshark-1.12.13.html

https://gitlab.com/wireshark/wireshark/-/issues/12576

https://www.wireshark.org/security/wnpa-sec-2016-40

https://gitlab.com/wireshark/wireshark/-/issues/12577

https://www.wireshark.org/security/wnpa-sec-2016-41

https://gitlab.com/wireshark/wireshark/-/issues/12594

https://www.wireshark.org/security/wnpa-sec-2016-42

https://gitlab.com/wireshark/wireshark/-/issues/12624

https://www.wireshark.org/security/wnpa-sec-2016-43

https://gitlab.com/wireshark/wireshark/-/issues/12660

https://www.wireshark.org/security/wnpa-sec-2016-44

https://gitlab.com/wireshark/wireshark/-/issues/12662

https://www.wireshark.org/security/wnpa-sec-2016-45

https://gitlab.com/wireshark/wireshark/-/issues/12664

https://www.wireshark.org/security/wnpa-sec-2016-46

https://gitlab.com/wireshark/wireshark/-/issues/12659

https://www.wireshark.org/security/wnpa-sec-2016-47

Plugin Details

Severity: High

ID: 311401

File Name: macosx_wireshark_1_12_13.nasl

Version: 1.1

Type: Local

Agent: macosx

Published: 5/1/2026

Updated: 5/1/2026

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Nessus

Vulnerability Information

CPE: cpe:/a:wireshark:wireshark

Required KB Items: installed_sw/Wireshark, Host/MacOSX/Version, Host/local_checks_enabled

Exploit Ease: No known exploits are available

Patch Publication Date: 7/27/2016

Vulnerability Publication Date: 7/27/2016