Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce - Wireshark 2: eighteen vulnerabilities

April 2016 by Vigil@nce

SYNTHESIS OF THE VULNERABILITY

An attacker can use several vulnerabilities of Wireshark 2.

Impacted products: Solaris, Wireshark.

Severity: 2/4.

Creation date: 29/02/2016.

DESCRIPTION OF THE VULNERABILITY

Several vulnerabilities were announced in Wireshark 2.

An attacker can use a DLL Hijacking vulnerability, in order to run
code. [severity:2/4; CVE-2016-2521, wnpa-sec-2016-01]

An attacker can send a malicious ASN.1 BER packet, in order to
trigger a denial of service. [severity:2/4; CVE-2016-2522,
wnpa-sec-2016-02]

An attacker can generate an infinite loop in DNP3, in order to
trigger a denial of service. [severity:2/4; CVE-2016-2523,
wnpa-sec-2016-03]

An attacker can send a malicious X.509AF packet, in order to
trigger a denial of service. [severity:2/4; CVE-2016-2524,
wnpa-sec-2016-04]

An attacker can send a malicious HTTP/2 packet, in order to
trigger a denial of service. [severity:2/4; CVE-2016-2525,
wnpa-sec-2016-05]

An attacker can send a malicious HiQnet packet, in order to
trigger a denial of service. [severity:2/4; CVE-2016-2526,
wnpa-sec-2016-06]

An attacker can trigger a fatal error in 3GPP TS 32.423 Trace, in
order to trigger a denial of service. [severity:1/4;
CVE-2016-2527, wnpa-sec-2016-07]

An attacker can send a malicious LBMC packet, in order to trigger
a denial of service. [severity:2/4; CVE-2016-2528,
wnpa-sec-2016-08]

An attacker can trigger a fatal error in iSeries, in order to
trigger a denial of service. [severity:1/4; CVE-2015-2529,
wnpa-sec-2016-09]

An attacker can send a malicious RSL packet, in order to trigger a
denial of service. [severity:2/4; CVE-2016-2530, CVE-2016-2531,
wnpa-sec-2016-10]

An attacker can send a malicious LLRP packet, in order to trigger
a denial of service. [severity:2/4; CVE-2016-2532,
wnpa-sec-2016-11]

An attacker can trigger a fatal error in Ixia IxVeriWave, in order
to trigger a denial of service. [severity:1/4; wnpa-sec-2016-12]

An attacker can send a malicious IEEE 802.11 packet, in order to
trigger a denial of service. [severity:2/4; wnpa-sec-2016-13]

An attacker can send a malicious GSM A-bis OML packet, in order to
trigger a denial of service. [severity:2/4; wnpa-sec-2016-14]

An attacker can send a malicious ASN.1 BER packet, in order to
trigger a denial of service. [severity:2/4; wnpa-sec-2016-15]

An attacker can generate an infinite loop in SPICE, in order to
trigger a denial of service. [severity:1/4; wnpa-sec-2016-16]

An attacker can send a malicious NFS packet, in order to trigger a
denial of service. [severity:2/4; wnpa-sec-2016-17]

An attacker can send a malicious ASN.1 BER packet, in order to
trigger a denial of service. [severity:2/4; wnpa-sec-2016-18]

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

https://vigilance.fr/vulnerability/Wireshark-2-eighteen-vulnerabilities-19042


See previous articles

    

See next articles












Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts