Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2019.0150 Wireshark dissection engine crash 23 May 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Wireshark Operating System: UNIX variants (UNIX, Linux, OSX) Windows Impact/Access: Denial of Service -- Remote with User Interaction Resolution: Patch/Upgrade Member content until: Saturday, June 22 2019 OVERVIEW A denial of service attack has been identified in Wireshark prior to: * Wireshark 2.4.15 * Wireshark 2.6.9 * Wireshark 3.0.2 [1] IMPACT Wireshark could be crashed by injecting a malformed packet via either the wire or through a malformed packet trace. MITIGATION The maintainer advises updating to the latest version of Wireshark. [1] REFERENCES [1] wnpa-sec-2019-19 · Wireshark dissection engine crash https://www.wireshark.org/security/wnpa-sec-2019-19.html AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXOY93maOgq3Tt24GAQiVFA//fSkwN+F5ZPi4NBTgprTX9ebWo8BuzCht O29tTWz79KnrEpetFQXrieeM8DzbnIbyn1NV9Xl0lZR9R9MT+6HX1FadvZ3BwXIX nH7i+JlHsM5F/HPHofEeOmQCnsE4QWK2hwDo82TsKiGFhFKHnQh4FIiJ1RNkGB/D KBTSKJNJk1wIZylROyhFBjTh5zF0AWMGSx1O2IXOjk1axBeM0yQuwbRcsCn75sm+ +nQxz3WWW5FxaHtP6I9dbD/RGtmpO3NhSO+CvFOYX7P9wDw1nTiiob4oED+QszBP WaQq7/KAs/1zuDw0qOPAYmDpufWs2KY0JVD7tgaWMoP7Raphs9ecUr4jNI/3noH9 BKR581FLjaQJMiK1jl5qMSncs7VKV1r4cHQzcvmbML8WQvi8onkmtiHfAo26zOAT VJjLHuMFSV/iCbchxsh0mrhpadu7xWOT3TEkb6pXTunje7RDbGR9DyI46vT0iO44 MjucjC6DlMeuiK/Erd04V53+L8XU+UwYcYqfKzx0aO2ABZu/BufSyfs5ZbvzvV8u ZSxFg+qDigj2cJVh2pcSxF3psq6NMAqNzAJO6QDu3svfebj7e4fjGXA3fikot6a8 58GKdjgKOipt/zBSQSZC1WUkmey+uADalS7yCC3nnDIqve2SHZ9LWvdINBNDpU55 sxbsoxcJVE4= =T8zb -----END PGP SIGNATURE-----