| VID |
50432 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The version of Wireshark installed on the remote Windows host is prior to 4.2.11. It is, therefore, affected by a vulnerability as referenced in the wireshark-4.2.11 advisory.
- The Bundle Protocol and CBOR dissectors could crash. Fixed in master: 83c73a83ad Fixed in release-4.4:
73d7d46bcc Fixed in release-4.2: 2e5e8c1d9a Discovered by OSS-Fuzz. We are unaware of any exploits for this issue. It may be possible to make Wireshark crash consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.(CVE-2025-1492)
* References:
https://www.wireshark.org/docs/relnotes/wireshark-4.2.11.html
https://gitlab.com/wireshark/wireshark/-/issues/20373
https://www.wireshark.org/security/wnpa-sec-2025-01
* Platforms Affected:
Wireshark versions 4.2.x prior to 4.2.11
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version Wireshark (4.2.11 or later), available from the Wireshark.org Web site at https://www.wireshark.org/download/win32/all-versions/ |
| Related URL |
CVE-2025-1492 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
