Wireshark 1.10.x < 1.10.11 Multiple DoS Vulnerabilities

Medium Nessus Plugin ID 79251


The remote Windows host contains an application that is affected by multiple denial of service vulnerabilities.


The remote Windows host has a version of Wireshark installed that is 1.10.x prior to 1.10.11. It is, therefore, affected by multiple denial of service vulnerabilities in following dissectors :

- AMQP (CVE-2014-8711)
- NCP (CVE-2014-8712, CVE-2014-8713)
- SigComp (CVE-2014-8710)
- TN5250 (CVE-2014-8714)

A remote attacker, using a specially crafted packet, can cause the application to crash.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.


Upgrade to Wireshark version 1.10.11 or later.

See Also






Plugin Details

Severity: Medium

ID: 79251

File Name: wireshark_1_10_11.nasl

Version: $Revision: 1.4 $

Type: local

Agent: windows

Family: Windows

Published: 2014/11/14

Modified: 2015/01/18

Dependencies: 34112

Risk Information

Risk Factor: Medium


Base Score: 4.3

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:wireshark:wireshark

Required KB Items: installed_sw/Wireshark

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2014/11/12

Vulnerability Publication Date: 2014/11/12

Reference Information

CVE: CVE-2014-8710, CVE-2014-8711, CVE-2014-8712, CVE-2014-8713, CVE-2014-8714

BID: 71069, 71070, 71071, 71072, 71073

OSVDB: 114572, 114573, 114574, 114579, 114580