SB2018113008 - Denial of service in Wireshark

Description

This security bulletin contains information about 7 secuirty vulnerabilities.

1) Improper input validation (CVE-ID: CVE-2018-19625)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can inject a malformed packet into a network, to be processed by the affected application, or trick the victim into opening a malicious packet trace file and cause the Wireshark dissection engine to crash.

2) Improper input validation (CVE-ID: CVE-2018-19626)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can inject a malformed packet into a network, to be processed by the affected application, or trick the victim into opening a malicious packet trace file and cause the DCOM dissector to crash.

3) Improper input validation (CVE-ID: CVE-2018-19623)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can inject a malformed packet into a network, to be processed by the affected application, or trick the victim into opening a malicious packet trace file and cause the DLBMPDM dissector to crash.

4) Infinite loop (CVE-ID: CVE-2018-19622)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to infinite loop when handling user-supplied input. A remote attacker can inject a malformed packet into a network, to be processed by the affected application, or trick the victim into opening a malicious packet trace file and cause the MMSE dissector to crash.

5) Improper input validation (CVE-ID: CVE-2018-19627)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can inject a malformed packet into a network, to be processed by the affected application, or trick the victim into opening a malicious packet trace file and cause the IxVeriWave file parser to crash.

6) Improper input validation (CVE-ID: CVE-2018-19624)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can inject a malformed packet into a network, to be processed by the affected application, or trick the victim into opening a malicious packet trace file and cause the PVFS dissector to crash.

7) Improper input validation (CVE-ID: CVE-2018-19628)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can inject a malformed packet into a network, to be processed by the affected application, or trick the victim into opening a malicious packet trace file and cause the ZigBee ZCL dissector to crash.

Remediation

Install update from vendor's website.

References

• https://www.wireshark.org/security/wnpa-sec-2018-51.html
• https://www.wireshark.org/security/wnpa-sec-2018-52.html
• https://www.wireshark.org/security/wnpa-sec-2018-53.html
• https://www.wireshark.org/security/wnpa-sec-2018-54.html
• https://www.wireshark.org/security/wnpa-sec-2018-55.html
• https://www.wireshark.org/security/wnpa-sec-2018-56.html
• https://www.wireshark.org/security/wnpa-sec-2018-57.html