Wireshark 1.12.x < 1.12.7 Multiple DoS (Mac OS X)

medium Nessus Plugin ID 85404

Synopsis

The remote Mac OS X host has an application installed that is affected by multiple denial of service vulnerabilities.

Description

The version of Wireshark installed on the remote Mac OS X host is 1.12.x prior to 1.12.7. It is, therefore, affected by multiple denial of service vulnerabilities :

- An unspecified flaw exists that is triggered when adding an item to the protocol tree. A remote attacker can exploit this, via a specially crafted packet or packet trace file, to cause the application to crash, resulting in a denial of service condition.

- An invalid memory freeing flaw exists in the Memory Manager. A remote attacker can exploit this, via a specially crafted packet or packet trace file, to cause the application to crash, resulting in a denial of service condition.

- An unspecified flaw exists when searching for a protocol dissector. A remote attacker can exploit this, via a specially crafted packet or packet trace file, to cause the application to crash, resulting in a denial of service condition.

- An unspecified flaw exists in the ZigBee dissector. A remote attacker can exploit this, via a specially crafted packet or packet trace file, to cause the application to crash, resulting in a denial of service condition.

- A flaw exists in the GSM RLC/MAC dissector that results in an infinite loop. A remote attacker can exploit this, via a specially crafted packet or packet trace file, to cause the application to crash, resulting in a denial of service condition.

- An unspecified flaw exists in the WaveAgent dissector. A remote attacker can exploit this, via a specially crafted packet or packet trace file, to cause the application to crash, resulting in a denial of service condition.

- A flaw exists in the OpenFlow dissector that results in an infinite loop. A remote attacker can exploit this, via a specially crafted packet or packet trace file, to consume excessive CPU resources, resulting in a denial of service condition.

- A flaw exists due to improper validation of ptvcursor lengths. A remote attacker can exploit this, via a specially crafted packet or packet trace file, to cause the application to crash, resulting in a denial of service condition.

- An unspecified flaw exists in the WCCP dissector. A remote attacker can exploit this, via a specially crafted packet or packet trace file, to cause the application to crash, resulting in a denial of service condition.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Wireshark version 1.12.7 or later.

See Also

https://www.wireshark.org/security/wnpa-sec-2015-21.html

https://www.wireshark.org/security/wnpa-sec-2015-22.html

https://www.wireshark.org/security/wnpa-sec-2015-23.html

https://www.wireshark.org/security/wnpa-sec-2015-24.html

https://www.wireshark.org/security/wnpa-sec-2015-25.html

https://www.wireshark.org/security/wnpa-sec-2015-26.html

https://www.wireshark.org/security/wnpa-sec-2015-27.html

https://www.wireshark.org/security/wnpa-sec-2015-28.html

https://www.wireshark.org/security/wnpa-sec-2015-29.html

https://www.wireshark.org/docs/relnotes/wireshark-1.12.7.html

Plugin Details

Severity: Medium

ID: 85404

File Name: macosx_wireshark_1_12_7.nasl

Version: 1.6

Type: local

Agent: macosx

Published: 8/14/2015

Updated: 1/2/2019

Supported Sensors: Nessus Agent, Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/a:wireshark:wireshark

Required KB Items: installed_sw/Wireshark

Patch Publication Date: 8/11/2015

Vulnerability Publication Date: 6/25/2015