Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2018.0242 Multiple vulnerabilities have been identified in Wireshark 12 October 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Wireshark Operating System: UNIX variants (UNIX, Linux, OSX) Windows Impact/Access: Denial of Service -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2018-18227 CVE-2018-18226 CVE-2018-18225 CVE-2018-12086 Member content until: Sunday, November 11 2018 OVERVIEW Mutliple vulnerabilities have been identified in Wireshark prior to: o Wireshark 2.4.10 and [1] o Wireshark 2.6.4 [2] IMPACT The vendor provides the details to the fixed vulnerabilities in following Wireshark vresion: [1-6] Wireshark 2.4.10 [1] o wnpa-sec-2018-47 - MS-WSP dissector crash.[3] o wnpa-sec-2018-50 - OpcUA dissector crash. [6] Wireshark 2.6.4 [2] o wnpa-sec-2018-47 - MS-WSP dissector crash. [3] o wnpa-sec-2018-48 - Steam IHS Discovery dissector memory leak. [4] o wnpa-sec-2018-49 - CoAP dissector crash. [5] o wnpa-sec-2018-50 - OpcUA dissector crash. [6] The details of the vulnerabilities are given by the vendor are as follows: wnpa-sec-2018-47 - MS-WSP dissector crash. [3] "References: CVE-2018-18227 Impact: It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file." [3] wnpa-sec-2018-48 - Steam IHS Discovery dissector memory leak. [4] "References: CVE-2018-18226 Impact: It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file." [4] wnpa-sec-2018-49 - CoAP dissector crash. [5] "References: CVE-2018-18225 Impact: It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file." [5] wnpa-sec-2018-50 - OpcUA dissector crash. [6] "References: CVE-2018-12086 Impact: It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. [6] MITIGATION The vendor recommends upgrading to the latest version of Wireshark to correct these vulnerabilities. [3 - 6] REFERENCES [1] Wireshark 2.4.10 is now available https://www.wireshark.org/lists/wireshark-announce/201810/msg00001.html [2] Wireshark 2.6.4 is now available https://www.wireshark.org/lists/wireshark-announce/201810/msg00000.html [3] wnpa-sec-2018-47. MS-WSP dissector crash. Fixed in 2.6.4, 2.4.10. https://www.wireshark.org/security/wnpa-sec-2018-47.html [4] wnpa-sec-2018-48. Steam IHS Discovery dissector memory leak. Fixed in 2.6.4. https://www.wireshark.org/security/wnpa-sec-2018-48.html [5] wnpa-sec-2018-49. CoAP dissector crash. Fixed in 2.6.4. https://www.wireshark.org/security/wnpa-sec-2018-49.html [6] wnpa-sec-2018-50. OpcUa dissector crash. Fixed in 2.6.4, 2.4.10. https://www.wireshark.org/security/wnpa-sec-2018-50.html AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBW8AgRmaOgq3Tt24GAQgn0hAArrpzw6wRXtsSnNYjtXqulbNahmJ0RbAV ewjfve9NfFCCXOdNmzh02jEk4uWbBbFgHaRLTD+Bbd90sZTmMBPN9mkjyXvOjMEt +i4zKbecQM2HtIiWp8uz1tQhLme8xg7AOUR5y2Q0wLyK/H/20XBdTaiGaUyrxXNE rxR5MxHIxWs82Kx/r1iuv6jTRt4lKbUq972ezIDFRS0TpUtEPHIxyBLdoI3YBi99 GTFdCd9MsqCf3UidqKdB1347t8VaUybXWb1dd1+OH/RRbbdm9q7pr6JH9ogTMeCK gXLUy96p65DCrlhMe1FFKX1SCMB45wD7jP/S50pD5yEFGQZrxxFC5KzPevdjJ6Cr rLoSAi18GiCSsTfS2lO/c4VE12pouXU7XfYNfleo/mgc1Dy1eNok3///Efh5IgCD xZC05vCg4nZD9eI02KZjtp64WC6wmvvU+kDzBWGYQ2AJf37GtsRjlRvffiX6oCvt PFTJth+VfYpKst17FT31PJV0wuq9gZp6Cgh8DJTWemrgNBpt4z30Yo6ck6toskWZ KUHeqv8FKZtUN/nmAhlKKYD8jmmekzp5s2A1XeOuBm5N1juqnPXAWAb43505fNqA oQBzU3AzxIDZnoIGk8MPigAeuTwJLQ7vah9aH4pOkkAWYVtN5quukcteIPt7xbKQ ekMkiSE4vpk= =Uvom -----END PGP SIGNATURE-----