Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2019.0063 Multiple vulnerabilities have been identified in Wireshark 28 February 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Wireshark Operating System: UNIX variants (UNIX, Linux, OSX) Windows Impact/Access: Denial of Service -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2019-9209 CVE-2019-9208 Member content until: Saturday, March 30 2019 OVERVIEW Multiple vulnerabilities have been identified in Wireshark prior to: o Wireshark 2.4.13 and [1] o Wireshark 2.6.7 [2] IMPACT The vendor provides the details to the fixed vulnerabilities in following Wireshark version: [1][2] "o wnpa-sec-2019-06 ASN.1 BER and related dissectors crash. Bug 15447 [3] CVE-2019-9209 o wnpa-sec-2019-07 TCAP dissector crash. Bug 15464 [4] CVE-2019-9208 o wnpa-sec-2019-08 RPCAP dissector crash. Bug 15536 [5] " MITIGATION The vendor recommends upgrading to the latest version of Wireshark to correct these vulnerabilities. [1][2] REFERENCES [1] [Wireshark-announce] Wireshark 2.4.13 is now available https://www.wireshark.org/lists/wireshark-announce/201902/msg00003.html [2] [Wireshark-announce] Wireshark 2.6.7 is now available https://www.wireshark.org/lists/wireshark-announce/201902/msg00002.html [3] Bug 15447 - Stack-based off-by-one buffer overflow in dissect_ber_GeneralizedTime https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15447 [4] Bug 15464 - Wireshark NULL pointer dereference in dissect_tcap_AARQ_application_context_name https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15464 [5] Bug 15536 - [oss-fuzz] #13385 Null-dereference READ in conversation_set_dissector_from_frame_number https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15536 AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXHdkbWaOgq3Tt24GAQjR1xAA2DTuBiaXXHcrfMQdTkz23fcLrmRTfMDS 4c1tidMLQjErWBSmLQ6/zKBa4GBeDE88fR697AYpuyWIoZVD0YR+zAt54AxizlW2 BqclVuuAdPRYfLDnMZD2peoi92YBjvHh9YUw2vspGOjPM/pFpuOZ3chU+C3+qsGO AB4wqbl8VVGHPdIxSC1PKoHoFqy52q3Te60Bhr27vDnJeTSwyxfqeIMRbE8GL+R4 gFYwUmdl7bfA2OHR2xwjtpMQOh5SmCOQQnPQS6HWn0SEbY0xHoCIZ8FSy6lZVqV0 AVk7JA/JVotK32K2kcMgqYQRM/aEWqKHA9PdZ6K5quJ7yaMf0spZZVXy1MpOtv/x 2F9OasZ72Sbdbs1vBhf6N4JADEEyDIZftURpcYhPruCb2SKcAM2qy49VJLacxd+U Kthz1HxaNhGsWx5dG4FNMC/pjZGxDCsW9u4LitYNGPgfCiccFrMEHeS8UM86LaxP CLbgrd9ZCjzL2ijSgmQbARu5MFd4T93MTyxmXC1VWxUFzS6xwp/o5hjcrsrDLNwm LD0WdAx/5nQhLV/MBEszBZEjC4qnPhxQWRczclEKx/0Hr9x+YJ5YQRxOJcialvSP 3h9vfDOEHt+Dkqp6Mr3cDSsZNSFzA3+bTNeqBA8iyT6MaFY7h36fAn2A540O5KxL Qa+pVb6NH2U= =X/tz -----END PGP SIGNATURE-----