Vigil@nce - Wireshark: nine vulnerabilities
February 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
Several vulnerabilities of Wireshark can be used by a remote
attacker to create a denial of service.
Impacted products: openSUSE, Wireshark
Severity: 2/4
Creation date: 30/01/2013
DESCRIPTION OF THE VULNERABILITY
The Wireshark program captures and displays network packets.
Protocols are decoded by dissectors. They are impacted by several
vulnerabilities.
An attacker can trigger infinite loops in the Bluetooth HCI,
CSN.1, DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols, MPLS,
R3, RTPS, SDP and SIP dissectors. [severity:1/4; BID-57616,
CVE-2013-1572, CVE-2013-1573, CVE-2013-1574, CVE-2013-1575,
CVE-2013-1576, CVE-2013-1577, CVE-2013-1578, CVE-2013-1579,
CVE-2013-1580, CVE-2013-1581, wnpa-sec-2013-01]
An attacker can stop the CLNP dissector. [severity:1/4; BID-57625,
CVE-2013-1582, wnpa-sec-2013-02]
An attacker can stop the DTN dissector. [severity:1/4; BID-57626,
BID-57647, CVE-2013-1583, CVE-2013-1584, wnpa-sec-2013-03]
An attacker can stop the MS-MMC dissector. [severity:1/4;
BID-57620, CVE-2013-1585, wnpa-sec-2013-04]
An attacker can stop the DTLS dissector. [severity:1/4;
CVE-2013-1586, DTLS-57621, wnpa-sec-2013-05]
An attacker can stop the ROHC dissector. [severity:1/4; BID-57619,
CVE-2013-1587, wnpa-sec-2013-06]
An attacker can stop the DCP-ETSI dissector. [severity:1/4;
BID-57615, CVE-2013-1588, wnpa-sec-2013-07]
An attacker can stop the dissection engine. [severity:1/4;
BID-57622, CVE-2013-1589, wnpa-sec-2013-08]
An attacker can trigger a buffer overflow in the NTLMSSP
dissector. [severity:2/4; BID-57618, CVE-2013-1590,
wnpa-sec-2013-09]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Wireshark-nine-vulnerabilities-12356