Synopsis
An application installed on the remote macOS or Mac OS X host is affected by multiple denial of service vulnerabilities.
Description
The version of Wireshark installed on the remote macOS or Mac OS X host is 2.0.x prior to 2.0.12 or 2.2.x prior to 2.2.6. It is, therefore, affected by multiple denial of service vulnerabilities :
- An infinite loop condition condition exists in the NetScaler file parser within file wiretap/netscaler.c when handling specially crafted capture files. An unauthenticated, remote attacker can exploit this to cause excessive consumption of CPU resources, resulting in a denial of service condition. (CVE-2017-7700)
- An infinite loop condition condition exists in the BGP dissector within file epan/dissectors/packet-bgp.c when handling specially crafted packets or trace files. An unauthenticated, remote attacker can exploit this to cause excessive consumption of CPU resources, resulting in a denial of service condition. (CVE-2017-7701)
- An infinite loop condition condition exists in the WBXML dissector within file epan/dissectors/packet-wbxml.c when handling specially crafted packets or trace files.
An unauthenticated, remote attacker can exploit this to cause excessive consumption of CPU resources, resulting in a denial of service condition. (CVE-2017-7702)
- A denial of service vulnerability exists in the IMAP dissector within file epan/dissectors/packet-imap.c when handling specially crafted packets or trace files. An unauthenticated, remote attacker can exploit this to crash the program. (CVE-2017-7703)
- An infinite loop condition condition exists in the DOF dissector within file epan/dissectors/packet-dof.c when handling specially crafted packets or trace files. An unauthenticated, remote attacker can exploit this to cause excessive consumption of CPU resources, resulting in a denial of service condition. Note that this issue only applies to the 2.2.x version. (CVE-2017-7704)
- An infinite loop condition condition exists in the RPC over RDMA dissector within file epan/dissectors/packet-rpcrdma.c when handling specially crafted packets or trace files. An unauthenticated, remote attacker can exploit this to cause excessive consumption of CPU resources, resulting in a denial of service condition. (CVE-2017-7705)
- An infinite loop condition condition exists in the SIGCOMP dissector within file epan/dissectors/packet-sigcomp.c when handling specially crafted packets or trace files. An unauthenticated, remote attacker can exploit this to cause excessive consumption of CPU resources, resulting in a denial of service condition. (CVE-2017-7745)
- An infinite loop condition condition exists in the SLSK dissector in the dissect_slsk_pdu() function within file epan/dissectors/packet-slsk.c, when handling specially crafted packets or trace files. An unauthenticated, remote attacker can exploit this to cause excessive consumption of CPU resources, resulting in a denial of service condition. (CVE-2017-7746)
- An out-of-bounds read error exists in the PacketBB dissector in the dissect_pbb_addressblock() function within file epan/dissectors/packet-packetbb.c when handling specially crafted packets or trace files. An unauthenticated, remote attacker can exploit this to crash the program. (CVE-2017-7747)
- An infinite loop condition condition exists in the WSP dissector within file epan/dissectors/packet-wsp.c when handling specially crafted packets or trace files. An unauthenticated, remote attacker can exploit this to cause excessive consumption of CPU resources, resulting in a denial of service condition. (CVE-2017-7748)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to Wireshark version 2.0.12 / 2.2.6 or later.