Vigil@nce - Wireshark: four denials of service via the protocol dissectors
August 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can trigger a fault in some dissectors, in order to
trigger a denial of service or mask illicit network traffic.
Impacted products: Debian, Fedora, MBS, Wireshark
Severity: 2/4
Creation date: 01/08/2014
Revision date: 01/08/2014
DESCRIPTION OF THE VULNERABILITY
The Wireshark program captures and displays network packets.
Protocols are decoded by dissectors.
Four vulnerabilities were announced in Wireshark.
An attacker can trigger a fault in the Catapult DCT2000 and IrDA
dissectors of Wireshark, in order to trigger a denial of service
or mask illicit network traffic. [severity:2/4; CVE-2014-5161,
CVE-2014-5162, wnpa-sec-2014-08]
An attacker can trigger a fault in the GTP and GSM Management
dissector of Wireshark, in order to trigger a denial of service or
mask illicit network traffic. [severity:2/4; CVE-2014-5163,
wnpa-sec-2014-09]
An attacker can trigger a fault in the RLC dissector of Wireshark,
in order to trigger a denial of service or mask illicit network
traffic. [severity:2/4; CVE-2014-5164, wnpa-sec-2014-10]
An attacker can trigger a fault in the ASN.1/BER decoder of
Wireshark, in order to trigger a denial of service or mask illicit
network traffic. [severity:2/4; CVE-2014-5165, wnpa-sec-2014-11]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN