Detections
Analytics
Wireshark 2.0.x < 2.0.4 Multiple Vulnerabilities
high Nessus Plugin ID 91821
Language:
Synopsis
An application installed on the remote Windows host is affected by multiple vulnerabilities.Description
The version of Wireshark installed on the remote Windows host is prior to 2.0.4. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.0.4 advisory.- epan/dissectors/packet-pktap.c in the Ethernet dissector in Wireshark 2.x before 2.0.4 mishandles the packet-header data type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. (CVE-2016-5358)
- epan/dissectors/packet-dcerpc-spoolss.c in the SPOOLS component in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles unexpected offsets, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. (CVE-2016-5350)
- epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles the lack of an EAPOL_RSN_KEY, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. (CVE-2016-5351)
- epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.4 mishandles certain length values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. (CVE-2016-5352)
- epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles the reserved C/T value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. (CVE-2016-5353)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to Wireshark version 2.0.4 or later.See Also
https://gitlab.com/wireshark/wireshark/-/issues/12395
https://gitlab.com/wireshark/wireshark/-/issues/12396
https://gitlab.com/wireshark/wireshark/-/issues/12440
https://www.wireshark.org/security/wnpa-sec-2016-30
https://www.wireshark.org/security/wnpa-sec-2016-31
https://www.wireshark.org/security/wnpa-sec-2016-32
https://www.wireshark.org/security/wnpa-sec-2016-33
https://www.wireshark.org/security/wnpa-sec-2016-34
https://www.wireshark.org/security/wnpa-sec-2016-35
https://www.wireshark.org/security/wnpa-sec-2016-36
https://www.wireshark.org/security/wnpa-sec-2016-37
https://www.wireshark.org/docs/relnotes/wireshark-2.0.4.html
https://www.wireshark.org/security/wnpa-sec-2016-29
https://gitlab.com/wireshark/wireshark/-/issues/11585
https://gitlab.com/wireshark/wireshark/-/issues/12175
https://gitlab.com/wireshark/wireshark/-/issues/12191
Plugin Details
Severity: High
ID: 91821
File Name: wireshark_2_0_4.nasl
Version: 1.10
Type: Local
Agent: windows
Family: Windows
Published: 6/24/2016
Updated: 5/1/2026
Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: Medium
Base Score: 4.3
Temporal Score: 3.4
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS Score Source: CVE-2016-5358
CVSS v3
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
CVSS Score Source: manual
Vulnerability Information
CPE: cpe:/a:wireshark:wireshark
Required KB Items: SMB/Registry/Enumerated, installed_sw/Wireshark
Exploit Ease: No known exploits are available
Patch Publication Date: 6/7/2016
Vulnerability Publication Date: 4/29/2016
Reference Information
CVE: CVE-2016-5350, CVE-2016-5351, CVE-2016-5352, CVE-2016-5353, CVE-2016-5354, CVE-2016-5355, CVE-2016-5356, CVE-2016-5357, CVE-2016-5358