SynopsisThe remote Windows host contains an application that is affected by multiple vulnerabilities.
DescriptionThe installed version of Wireshark is 1.8.x before 1.8.2. This version is affected by the following vulnerabilities :
- The 'DCP ETSI' dissector and 'pcap-ng' parser can attempt a divide by zero operation leading to an application crash. (CVE-2012-4285, CVE-2012-4286)
- The 'MongoDB', 'XTP', 'AFP', and 'CTDB' dissectors can be caused to large or infinite loops. (CVE-2012-4287, CVE-2012-4288, CVE-2012-4289, CVE-2012-4290)
- The 'CIP' dissector can be caused to exhaust system memory. (CVE-2012-4291)
- The 'STUN' dissector can be caused to crash.
- The 'EtherCAT Mailbox' dissector can be caused to abort. (CVE-2012-4293)
- A buffer overflow exists related to the 'ERF', 'RTPS2' and 'GSM RLC MAC' dissectors. (CVE-2012-4294, CVE-2012-4295, CVE-2012-4296, CVE-2012-4297)
- A file parsing error related to 'Ixia IxVeriWave' processing can allow a buffer overflow. (CVE-2012-4298)
SolutionUpgrade to Wireshark version 1.8.2 or later.