| VID |
50108 |
| Severity |
30 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The version of Wireshark installed on the remote Windows host is 2.0.x prior to 2.0.8. It is, therefore, affected by multiple denial of service vulnerabilities :
- A flaw exists in the dissect_PNIO_C_SDU_RTC1() function in packet-pn-rtc-one.c that causes excessive looping. An unauthenticated, remote attacker can exploit this, via specially crafted network traffic or a specially crafted capture file, to exhaust available resources. Note that this vulnerability only affects 2.2.x versions. (CVE-2016-9372)
- A use-after-free error exists in the DCEPRC dissector due to improper handling of IA5 SMS decoding. An unauthenticated, remote attacker can exploit this, via specially crafted network traffic or a specially crafted capture file, to cause the pplication to crash. (CVE-2016-9373)
- A buffer over-read flaw exists in the AllJoyn dissector due to improper handling of signature lengths. An unauthenticated, remote attacker can exploit this, via specially crafted network traffic or a specially crafted capture file, to cause the application to crash. (CVE-2016-9374)
- A flaw exists in the DTN dissector in the display_metadata_block() function due to improper SDNV evaluation. An unauthenticated, remote attacker can exploit this, via specially crafted network traffic or a specially crafted capture file, to cause an infinite loop. (CVE-2016-9375)
- Multiple flaws exist in the OpenFlow dissector in packet-openflow_v5.c due to improper handling of too short data lengths. An unauthenticated, remote attacker can exploit this, via specially crafted network traffic or a specially crafted capture file, to cause the application to crash. (CVE-2016-9376)
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
https://www.wireshark.org/security/wnpa-sec-2016-58.html
https://www.wireshark.org/security/wnpa-sec-2016-59.html
https://www.wireshark.org/security/wnpa-sec-2016-60.html
https://www.wireshark.org/security/wnpa-sec-2016-61.html
https://www.wireshark.org/security/wnpa-sec-2016-62.html
* Platforms Affected:
Wireshark versions 2.0.x prior to 2.0.8
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version Wireshark (2.0.8 or later), available from the Wireshark.org Web site at http://www.wireshark.org/download/win32/all-versions/ |
| Related URL |
CVE-2016-9372,CVE-2016-9373,CVE-2016-9374,CVE-2016-9375,CVE-2016-9376 (CVE) |
| Related URL |
94368,94369 (SecurityFocus) |
| Related URL |
(ISS) |
|
