| VID |
50062 |
| Severity |
30 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The installed version of Wireshark 1.10 is earlier than 1.10.1. It is, therefore, affected by denial of service vulnerabilities in the following dissectors :
- ASN.1 PER (Bug #8722)
- Bluetooth OBEX (Bug #8875)
- Bluetooth SDP (Bug #8831)
- DCOM ISystemActivator (Bug #8828)
- DCP ETSI (Bug #8717)
- DIS (Bug #8911)
- DVB-CI (Bug #8916)
- GSM A Common (Bug #8940)
- GSM RR (Bug #8923)
- Netmon file parser (Bug #8742)
- P1 (Bug #8826)
- PROFINET Real-Time (Bug #8904)
- Radiotap (Bug #8830)
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.wireshark.org/security/wnpa-sec-2013-41.html
http://www.wireshark.org/security/wnpa-sec-2013-42.html
http://www.wireshark.org/security/wnpa-sec-2013-43.html
http://www.wireshark.org/security/wnpa-sec-2013-44.html
http://www.wireshark.org/security/wnpa-sec-2013-45.html
http://www.wireshark.org/security/wnpa-sec-2013-46.html
http://www.wireshark.org/security/wnpa-sec-2013-47.html
http://www.wireshark.org/security/wnpa-sec-2013-48.html
http://www.wireshark.org/security/wnpa-sec-2013-49.html
http://www.wireshark.org/security/wnpa-sec-2013-50.html
http://www.wireshark.org/security/wnpa-sec-2013-51.html
http://www.wireshark.org/security/wnpa-sec-2013-52.html
http://www.wireshark.org/security/wnpa-sec-2013-53.html
http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html
* Platforms Affected:
Wireshark versions 1.10.x before 1.10.1
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version Wireshark (1.10.1 or later), available from the Wireshark.org Web site at http://www.wireshark.org/download/win32/all-versions/ |
| Related URL |
CVE-2013-4083,CVE-2013-4920,CVE-2013-4921,CVE-2013-4922,CVE-2013-4923,CVE-2013-4924,CVE-2013-4925,CVE-2013-4926,CVE-2013-4927,CVE-2013-4928 (CVE) |
| Related URL |
60504,61471 (SecurityFocus) |
| Related URL |
(ISS) |
|
