Wireshark 1.8.x < 1.8.5 Multiple Vulnerabilities
High Nessus Plugin ID 64362
SynopsisThe remote Windows host contains an application that is affected by multiple vulnerabilities.
DescriptionThe installed version of Wireshark 1.8 is earlier than 1.8.5. It is, therefore, affected by the following vulnerabilities :
- Errors exist related to the Bluetooth HCI, CSN.1, DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols, MPLS, R3, RTPS, SDP, and SIP dissectors that could allow the application to enter infinite or large loops, thereby consuming excessive CPU resources. (Bugs 8036, 8037, 8038, 8040, 8041, 8042, 8043, 8198, 8199, 8222)
- Errors exist related to the DCP-ETSI, ROHC, DTLS, MS-MMC, DTN, CLNP dissectors that could allow them to crash. (Bugs 7679, 7871, 7945, 8111, 8112, 8213)
- An unspecified error could allow the dissection engine to crash. (Bug 8197)
- An unspecified buffer overflow exists in the NTLMSSP dissector that has an unspecified impact.
SolutionUpgrade to Wireshark version 1.8.5 or later.