The version of Wireshark installed on the remote Windows host is prior to 2.0.3. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.0.3 advisory.

  - Integer signedness error in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x     before 2.0.3 allows remote attackers to cause a denial of service (integer overflow and application crash)     via a crafted packet that triggers an unexpected array size. (CVE-2016-4084)

  - epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 2.0.x before 2.0.3 does not properly     initialize memory for search patterns, which allows remote attackers to cause a denial of service     (application crash) via a crafted packet. (CVE-2016-4076)

  - epan/reassemble.c in TShark in Wireshark 2.0.x before 2.0.3 relies on incorrect special-case handling of     truncated Tvb data structures, which allows remote attackers to cause a denial of service (use-after-free     and application crash) via a crafted packet. (CVE-2016-4077)

  - The IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not properly     restrict element lists, which allows remote attackers to cause a denial of service (deep recursion and     application crash) via a crafted packet, related to epan/dissectors/packet-capwap.c and     epan/dissectors/packet-ieee80211.c. (CVE-2016-4078)

  - epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before     2.0.3 does not verify BER identifiers, which allows remote attackers to cause a denial of service (out-of-     bounds write and application crash) via a crafted packet. (CVE-2016-4079)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Wireshark 2.0.x < 2.0.3 Multiple Vulnerabilities

medium Nessus Plugin ID 90787

Version 1.11