Detections
Analytics
Wireshark 2.0.x < 2.0.3 Multiple Vulnerabilities
medium Nessus Plugin ID 90787
Language:
Synopsis
An application installed on the remote Windows host is affected by multiple vulnerabilities.Description
The version of Wireshark installed on the remote Windows host is prior to 2.0.3. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.0.3 advisory.- Integer signedness error in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.3 allows remote attackers to cause a denial of service (integer overflow and application crash) via a crafted packet that triggers an unexpected array size. (CVE-2016-4084)
- epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 2.0.x before 2.0.3 does not properly initialize memory for search patterns, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. (CVE-2016-4076)
- epan/reassemble.c in TShark in Wireshark 2.0.x before 2.0.3 relies on incorrect special-case handling of truncated Tvb data structures, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet. (CVE-2016-4077)
- The IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not properly restrict element lists, which allows remote attackers to cause a denial of service (deep recursion and application crash) via a crafted packet, related to epan/dissectors/packet-capwap.c and epan/dissectors/packet-ieee80211.c. (CVE-2016-4078)
- epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not verify BER identifiers, which allows remote attackers to cause a denial of service (out-of- bounds write and application crash) via a crafted packet. (CVE-2016-4079)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to Wireshark version 2.0.3 or later.See Also
https://gitlab.com/wireshark/wireshark/-/issues/11591
https://gitlab.com/wireshark/wireshark/-/issues/11799
https://gitlab.com/wireshark/wireshark/-/issues/11824
https://gitlab.com/wireshark/wireshark/-/issues/12187
https://gitlab.com/wireshark/wireshark/-/issues/12206
https://gitlab.com/wireshark/wireshark/-/issues/12242
https://gitlab.com/wireshark/wireshark/-/issues/12260
https://gitlab.com/wireshark/wireshark/-/issues/12268
https://gitlab.com/wireshark/wireshark/-/issues/12278
https://gitlab.com/wireshark/wireshark/-/issues/12341
https://www.wireshark.org/docs/relnotes/wireshark-2.0.3.html
https://www.wireshark.org/security/wnpa-sec-2016-19
https://www.wireshark.org/security/wnpa-sec-2016-20
https://www.wireshark.org/security/wnpa-sec-2016-21
https://www.wireshark.org/security/wnpa-sec-2016-22
https://www.wireshark.org/security/wnpa-sec-2016-23
https://www.wireshark.org/security/wnpa-sec-2016-24
https://www.wireshark.org/security/wnpa-sec-2016-25
Plugin Details
Severity: Medium
ID: 90787
File Name: wireshark_2_0_3.nasl
Version: 1.11
Type: Local
Agent: windows
Family: Windows
Published: 4/29/2016
Updated: 5/1/2026
Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: Medium
Base Score: 4.3
Temporal Score: 3.4
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS Score Source: CVE-2016-4084
CVSS v3
Risk Factor: Medium
Base Score: 5.9
Temporal Score: 5.3
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
CVSS Score Source: manual
Vulnerability Information
CPE: cpe:/a:wireshark:wireshark
Required KB Items: SMB/Registry/Enumerated, installed_sw/Wireshark
Exploit Ease: No known exploits are available
Patch Publication Date: 4/22/2016
Vulnerability Publication Date: 2/24/2016
Reference Information
CVE: CVE-2016-4006, CVE-2016-4076, CVE-2016-4077, CVE-2016-4078, CVE-2016-4079, CVE-2016-4080, CVE-2016-4081, CVE-2016-4082, CVE-2016-4083, CVE-2016-4084