Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce - Wireshark: four denials of service via the protocol dissectors

August 2014 by Vigil@nce

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker can trigger a fault in some dissectors, in order to
trigger a denial of service or mask illicit network traffic.

Impacted products: Debian, Fedora, MBS, Wireshark

Severity: 2/4

Creation date: 01/08/2014

Revision date: 01/08/2014

DESCRIPTION OF THE VULNERABILITY

The Wireshark program captures and displays network packets.
Protocols are decoded by dissectors.

Four vulnerabilities were announced in Wireshark.

An attacker can trigger a fault in the Catapult DCT2000 and IrDA
dissectors of Wireshark, in order to trigger a denial of service
or mask illicit network traffic. [severity:2/4; CVE-2014-5161,
CVE-2014-5162, wnpa-sec-2014-08]

An attacker can trigger a fault in the GTP and GSM Management
dissector of Wireshark, in order to trigger a denial of service or
mask illicit network traffic. [severity:2/4; CVE-2014-5163,
wnpa-sec-2014-09]

An attacker can trigger a fault in the RLC dissector of Wireshark,
in order to trigger a denial of service or mask illicit network
traffic. [severity:2/4; CVE-2014-5164, wnpa-sec-2014-10]

An attacker can trigger a fault in the ASN.1/BER decoder of
Wireshark, in order to trigger a denial of service or mask illicit
network traffic. [severity:2/4; CVE-2014-5165, wnpa-sec-2014-11]

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/Wireshark-four-denials-of-service-via-the-protocol-dissectors-15115


See previous articles

    

See next articles












Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts