SB2016042505 - Multiple vulnerabilities in Wireshark
Published: April 25, 2016 Updated: March 24, 2022
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 4 secuirty vulnerabilities.
1) Input validation error (CVE-ID: CVE-2016-4084)
The vulnerability allows remote attackers to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service (integer overflow and application crash) via a crafted packet that triggers an unexpected array size.
2) Input validation error (CVE-ID: CVE-2016-4083)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.3 does not ensure that data is available before array allocation, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
3) Input validation error (CVE-ID: CVE-2016-4077)
The vulnerability allows remote attackers to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service (use-after-free and application crash) via a crafted packet.
4) Improper access control (CVE-ID: CVE-2016-4076)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 2.0.x before 2.0.3 does not properly initialize memory for search patterns, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Remediation
Install update from vendor's website.
References
- http://www.securitytracker.com/id/1035685
- http://www.wireshark.org/security/wnpa-sec-2016-27.html
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12341
- https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=66417b17b3570b163a16ca81f71ce5bcb10548d2
- http://www.wireshark.org/security/wnpa-sec-2016-20.html
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11799
- https://code.google.com/p/google-security-research/issues/detail?id=651
- https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c5b2c1e8f40cee913bd70fcc00284483b3c92fcd
- http://www.wireshark.org/security/wnpa-sec-2016-19.html
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11591
- https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=ea8e6955fcff21333c203bc00f69d5025761459b