Vigil@nce - Wireshark: thirteen vulnerabilities
August 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
Several vulnerabilities of Wireshark can be used by a remote
attacker to create a denial of service or to execute code.
Severity: 2/4
Creation date: 16/08/2012
IMPACTED PRODUCTS
– Fedora
– Mandriva Enterprise Server
– Mandriva Linux
– openSUSE
– Wireshark
DESCRIPTION OF THE VULNERABILITY
The Wireshark program captures and displays network packets.
Protocols are decoded by dissectors. They are impacted by several
vulnerabilities.
An attacker can generate a division by zero in the DCP ETSI
dissector. [severity:1/4; CVE-2012-4285, wnpa-sec-2012-13]
An attacker can generate a large loop in the MongoDB dissector.
[severity:1/4; CVE-2012-4287, wnpa-sec-2012-14]
An attacker can generate a large loop in the XTP dissector.
[severity:1/4; CVE-2012-4288, wnpa-sec-2012-15]
An attacker can generate a buffer overflow in the ERF dissector.
[severity:2/4; CVE-2012-4294, CVE-2012-4295, wnpa-sec-2012-16]
An attacker can generate a large loop in the AFP dissector.
[severity:1/4; CVE-2012-4289, wnpa-sec-2012-17]
An attacker can generate a buffer overflow in the RTPS2 dissector.
[severity:2/4; CVE-2012-4296, wnpa-sec-2012-18]
An attacker can generate a buffer overflow in the GSM RLC MAC
dissector. [severity:2/4; CVE-2012-4297, wnpa-sec-2012-19]
An attacker can use all the memory via the CIP dissector.
[severity:1/4; CVE-2012-4291, wnpa-sec-2012-20]
An attacker can stop the STUN dissector. [severity:1/4;
CVE-2012-4292, wnpa-sec-2012-21]
An attacker can stop the EtherCAT Mailbox dissector.
[severity:1/4; CVE-2012-4293, wnpa-sec-2012-22]
An attacker can generate a large loop in the CTDB dissector.
[severity:1/4; CVE-2012-4290, wnpa-sec-2012-23]
An attacker can generate a division by zero when a pcap-ng file is
parsed. [severity:1/4; CVE-2012-4286, wnpa-sec-2012-24]
An attacker can generate a buffer overflow in the Ixia IxVeriWave
dissector. [severity:2/4; CVE-2012-4298, wnpa-sec-2012-25]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Wireshark-thirteen-vulnerabilities-11861