| VID |
50162 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The version of Wireshark installed on the remote Windows host is 2.4.x prior to 2.4.6. It is, therefore, affected by multiple vulnerabilities.
- MP4, ADB, IEEE 802.15.4, NBAP, VLAN, LWAPP, TCP, CQL, Kerberos dissector could crash.
- Multiple dissectors and other modules could leak memory. The TN3270, ISUP, LAPD, SMB2, GIOP, ASN.1, MIME multipart, H.223, and PCP dissectors were affected along with Wireshark and TShark.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
https://www.wireshark.org/security/wnpa-sec-2018-15.html
https://www.wireshark.org/security/wnpa-sec-2018-16.html
https://www.wireshark.org/security/wnpa-sec-2018-17.html
https://www.wireshark.org/security/wnpa-sec-2018-18.html
https://www.wireshark.org/security/wnpa-sec-2018-19.html
https://www.wireshark.org/security/wnpa-sec-2018-20.html
https://www.wireshark.org/security/wnpa-sec-2018-21.html
https://www.wireshark.org/security/wnpa-sec-2018-22.html
https://www.wireshark.org/security/wnpa-sec-2018-23.html
https://www.wireshark.org/security/wnpa-sec-2018-24.html
* Platforms Affected:
Wireshark versions 2.4.x prior to 2.4.6
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version Wireshark (2.4.6 or later), available from the Wireshark.org Web site at http://www.wireshark.org/download/win32/all-versions/ |
| Related URL |
CVE-2017-9616,CVE-2018-9256,CVE-2018-9257,CVE-2018-9258,CVE-2018-9259,CVE-2018-9260,CVE-2018-9261,CVE-2018-9262,CVE-2018-9263,CVE-2018-9264 (CVE) |
| Related URL |
99085 (SecurityFocus) |
| Related URL |
(ISS) |
|
