Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT Security Bulletin
ASB-2015.0082
Multiple vulnerabilities have been identified in Wireshark
13 August 2015
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Wireshark
Operating System: UNIX variants (UNIX, Linux, OSX)
Windows
Impact/Access: Denial of Service -- Remote/Unauthenticated
Resolution: Patch/Upgrade
Member content until: Saturday, September 12 2015
OVERVIEW
Mutliple vulnerabilities have been identified in Wireshark prior to
version 1.12.7. [1 - 9]
IMPACT
The vendor has provided the following details regarding the
vulnerabilities:
Description
"Wireshark could crash when adding an item to the protocol tree.
Impact
It may be possible to make Wireshark crash by injecting a malformed
packet onto the wire or by convincing someone to read a malformed
packet trace file." [1]
"Description
Wireshark could attempt to free invalid memory. Discovered by Alan
Tu and Antti Levomaki.
Impact
It may be possible to make Wireshark crash by injecting a malformed
packet onto the wire or by convincing someone to read a malformed
packet trace file." [2]
"Description
Wireshark could crash when searching for a protocol dissector.
Impact
It may be possible to make Wireshark crash by injecting a malformed
packet onto the wire or by convincing someone to read a malformed
packet trace file." [3]
"Description
The ZigBee dissector could crash. Discovered by Magnus Stubman.
Impact
It may be possible to make Wireshark crash by injecting a malformed
packet onto the wire or by convincing someone to read a malformed
packet trace file." [4]
"Description
The GSM RLC/MAC dissector could go into an infinite loop. Discovered
by Antti Levomaki.
Impact
It may be possible to make Wireshark consume excessive CPU resources
by injecting a malformed packet onto the wire or by convincing
someone to read a malformed packet trace file." [5]
"Description
The WaveAgent dissector could crash. Discovered by Antti Levomäki.
Impact
It may be possible to make Wireshark crash by injecting a malformed
packet onto the wire or by convincing someone to read a malformed
packet trace file." [6]
"Description
The OpenFlow dissector could go into an infinite loop. Discovered by
Antti Levomaki.
Impact
It may be possible to make Wireshark consume excessive CPU resources
by injecting a malformed packet onto the wire or by convincing
someone to read a malformed packet trace file." [7]
"Description
Wireshark could crash due to invalid ptvcursor length checking.
Discovered by Antti Levomaki.
Impact
It may be possible to make Wireshark crash by injecting a malformed
packet onto the wire or by convincing someone to read a malformed
packet trace file." [8]
"Description
The WCCP dissector could crash. Discovered by Antti Levomaki.
Impact
It may be possible to make Wireshark crash by injecting a malformed
packet onto the wire or by convincing someone to read a malformed
packet trace file." [9]
MITIGATION
The vendor recommends upgrading to the latest version of Wireshark
to correct these vulnerabilities. [1 - 9]
REFERENCES
[1] wnpa-sec-2015-21 - Protocol tree crash
https://www.wireshark.org/security/wnpa-sec-2015-21.html
[2] wnpa-sec-2015-22 - Memory manager crash
https://www.wireshark.org/security/wnpa-sec-2015-22.html
[3] wnpa-sec-2015-23 - Dissector table crash
https://www.wireshark.org/security/wnpa-sec-2015-23.html
[4] wnpa-sec-2015-24 - ZigBee dissector crash
https://www.wireshark.org/security/wnpa-sec-2015-24.html
[5] wnpa-sec-2015-25 - GSM RLC/MAC dissector infinite loop
https://www.wireshark.org/security/wnpa-sec-2015-25.html
[6] wnpa-sec-2015-26 - WaveAgent dissector crash
https://www.wireshark.org/security/wnpa-sec-2015-26.html
[7] wnpa-sec-2015-27 - OpenFlow dissector infinite loop
https://www.wireshark.org/security/wnpa-sec-2015-27.html
[8] wnpa-sec-2015-28 - Ptvcursor crash
https://www.wireshark.org/security/wnpa-sec-2015-28.html
[9] wnpa-sec-2015-29 - WCCP dissector crash
https://www.wireshark.org/security/wnpa-sec-2015-29.html
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBVcvnVn6ZAP0PgtI9AQLx+g/9HFxrLmuOdLKywxxuEOV9qhNKKfTPoq9H
Iiv9eky4auKGkpv5qbwsNUWVt3LgoyqJvEyZFubxgPIWMkTTCc3MhjIHJqhd4OkV
2F4K50BYiYCz2hdCjLDw9T3U113HLp8C2tL07bPVgKsn/yEJFLRc69j5aLbo7LQf
Zr+bZ+QNvlwyADCK2Ik7Jq2YAAkl9FAoE8lqqJTk4PA0mQNIbYYQgo36AoABSoyS
nqh3CQnDpiMw94fGeBFJXF2eDulxu67lbJkD8RQBlm/WV79NGd2vubsKqgrQTv0u
CmZxCPc30zldNXvbRo/1TptboYNEeYTduHCaExzlJ4kMS0hstOZDsLB7aHE1W81w
ITwn4Z6WZJFL+BqGydOwSU9lHM0jXFOG2+gDK05jmdXC0eENvamKE881TWw2OcZ0
wkS+N93pGEVaAAUFjhprgNQCEKiH+cRlL0kg7yApdPKgEHpwPpnPewJs4Vcf4vR2
GQadgvxg1ocdEk3aY58Z8ixxI46tYoOpEJBa8En4WNfUXpTHepUfzQk4BnvzZI/+
ZqX18xlsXNzkLzGBNtvehXAaNTGpoink66IfgbJJEatxbJ8GRovHygIozOwCqvnh
I16graJJVPFQxCWiTm2GfWErarayCMUhcr/zixOJWKjS5CGGd61P465yKuB/nYOr
eH9znwoWQIQ=
=j+k9
-----END PGP SIGNATURE-----