Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2015.0082 Multiple vulnerabilities have been identified in Wireshark 13 August 2015 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Wireshark Operating System: UNIX variants (UNIX, Linux, OSX) Windows Impact/Access: Denial of Service -- Remote/Unauthenticated Resolution: Patch/Upgrade Member content until: Saturday, September 12 2015 OVERVIEW Mutliple vulnerabilities have been identified in Wireshark prior to version 1.12.7. [1 - 9] IMPACT The vendor has provided the following details regarding the vulnerabilities: Description "Wireshark could crash when adding an item to the protocol tree. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file." [1] "Description Wireshark could attempt to free invalid memory. Discovered by Alan Tu and Antti Levomaki. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file." [2] "Description Wireshark could crash when searching for a protocol dissector. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file." [3] "Description The ZigBee dissector could crash. Discovered by Magnus Stubman. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file." [4] "Description The GSM RLC/MAC dissector could go into an infinite loop. Discovered by Antti Levomaki. Impact It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file." [5] "Description The WaveAgent dissector could crash. Discovered by Antti Levomäki. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file." [6] "Description The OpenFlow dissector could go into an infinite loop. Discovered by Antti Levomaki. Impact It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file." [7] "Description Wireshark could crash due to invalid ptvcursor length checking. Discovered by Antti Levomaki. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file." [8] "Description The WCCP dissector could crash. Discovered by Antti Levomaki. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file." [9] MITIGATION The vendor recommends upgrading to the latest version of Wireshark to correct these vulnerabilities. [1 - 9] REFERENCES [1] wnpa-sec-2015-21 - Protocol tree crash https://www.wireshark.org/security/wnpa-sec-2015-21.html [2] wnpa-sec-2015-22 - Memory manager crash https://www.wireshark.org/security/wnpa-sec-2015-22.html [3] wnpa-sec-2015-23 - Dissector table crash https://www.wireshark.org/security/wnpa-sec-2015-23.html [4] wnpa-sec-2015-24 - ZigBee dissector crash https://www.wireshark.org/security/wnpa-sec-2015-24.html [5] wnpa-sec-2015-25 - GSM RLC/MAC dissector infinite loop https://www.wireshark.org/security/wnpa-sec-2015-25.html [6] wnpa-sec-2015-26 - WaveAgent dissector crash https://www.wireshark.org/security/wnpa-sec-2015-26.html [7] wnpa-sec-2015-27 - OpenFlow dissector infinite loop https://www.wireshark.org/security/wnpa-sec-2015-27.html [8] wnpa-sec-2015-28 - Ptvcursor crash https://www.wireshark.org/security/wnpa-sec-2015-28.html [9] wnpa-sec-2015-29 - WCCP dissector crash https://www.wireshark.org/security/wnpa-sec-2015-29.html AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBVcvnVn6ZAP0PgtI9AQLx+g/9HFxrLmuOdLKywxxuEOV9qhNKKfTPoq9H Iiv9eky4auKGkpv5qbwsNUWVt3LgoyqJvEyZFubxgPIWMkTTCc3MhjIHJqhd4OkV 2F4K50BYiYCz2hdCjLDw9T3U113HLp8C2tL07bPVgKsn/yEJFLRc69j5aLbo7LQf Zr+bZ+QNvlwyADCK2Ik7Jq2YAAkl9FAoE8lqqJTk4PA0mQNIbYYQgo36AoABSoyS nqh3CQnDpiMw94fGeBFJXF2eDulxu67lbJkD8RQBlm/WV79NGd2vubsKqgrQTv0u CmZxCPc30zldNXvbRo/1TptboYNEeYTduHCaExzlJ4kMS0hstOZDsLB7aHE1W81w ITwn4Z6WZJFL+BqGydOwSU9lHM0jXFOG2+gDK05jmdXC0eENvamKE881TWw2OcZ0 wkS+N93pGEVaAAUFjhprgNQCEKiH+cRlL0kg7yApdPKgEHpwPpnPewJs4Vcf4vR2 GQadgvxg1ocdEk3aY58Z8ixxI46tYoOpEJBa8En4WNfUXpTHepUfzQk4BnvzZI/+ ZqX18xlsXNzkLzGBNtvehXAaNTGpoink66IfgbJJEatxbJ8GRovHygIozOwCqvnh I16graJJVPFQxCWiTm2GfWErarayCMUhcr/zixOJWKjS5CGGd61P465yKuB/nYOr eH9znwoWQIQ= =j+k9 -----END PGP SIGNATURE-----