Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2018.2102 Multiple vulnerabilities have been identified in Wireshark 19 July 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Wireshark Publisher: Wireshark Operating System: UNIX variants (UNIX, Linux, OSX) Windows Impact/Access: Denial of Service -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2018-14369 CVE-2018-14368 CVE-2018-14367 CVE-2018-14344 CVE-2018-14343 CVE-2018-14342 CVE-2018-14341 CVE-2018-14340 CVE-2018-14339 Original Bulletin: https://www.wireshark.org/security/wnpa-sec-2018-34 https://www.wireshark.org/security/wnpa-sec-2018-35 https://www.wireshark.org/security/wnpa-sec-2018-36 https://www.wireshark.org/security/wnpa-sec-2018-37 https://www.wireshark.org/security/wnpa-sec-2018-38 https://www.wireshark.org/security/wnpa-sec-2018-39 https://www.wireshark.org/security/wnpa-sec-2018-40 https://www.wireshark.org/security/wnpa-sec-2018-41 https://www.wireshark.org/security/wnpa-sec-2018-42 Comment: This bulletin contains nine (9) Wireshark security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- Summary Name: BGP dissector large loop Docid: wnpa-sec-2018-34 Date: July 18, 2018 Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15 Fixed versions: 2.6.2, 2.4.8, 2.2.16 References: Wireshark bug 13741 CVE-2018-14342 Details Description The BGP dissector could go into a large loop. Discovered by the OSS-Fuzz project. Impact It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.6.2, 2.4.8, 2.2.16 or later. - --- Summary Name: ISMP dissector crash. Docid: wnpa-sec-2018-35 Date: July 18, 2018 Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15 Fixed versions: 2.6.2, 2.4.8, 2.2.16 References: Wireshark bug 14672 CVE-2018-14344 Details Description The ISMP dissector could crash. Discovered by the OSS-Fuzz project. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.6.2, 2.4.8, 2.2.16 or later. - --- Summary Name: Multiple dissectors could crash Docid: wnpa-sec-2018-36 Date: July 18, 2018 Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15 Fixed versions: 2.6.2, 2.4.8, 2.2.16 References: Wireshark bug 14675 CVE-2018-14340 Details Description Dissectors that support zlib decompression could crash. Discovered by the OSS-Fuzz project. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.6.2, 2.4.8, 2.2.16 or later. - --- Summary Name: ASN.1 BER and related dissectors crash. Docid: wnpa-sec-2018-37 Date: July 18, 2018 Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15 Fixed versions: 2.6.2, 2.4.8, 2.2.16 References: Wireshark bug 14682 CVE-2018-14343 Details Description The ASN.1 BER dissector could crash. Discovered by the OSS-Fuzz project. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.6.2, 2.4.8, 2.2.16 or later. - --- Summary Name: MMSE dissector infinite loop Docid: wnpa-sec-2018-38 Date: July 18, 2018 Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15 Fixed versions: 2.6.2, 2.4.8, 2.2.16 References: Wireshark bug 14738 CVE-2018-14339 Details Description The MMSE dissector could go into an infinite loop. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.6.2, 2.4.8, 2.2.16 or later. - --- Summary Name: DICOM dissector large loop Docid: wnpa-sec-2018-39 Date: July 18, 2018 Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15 Fixed versions: 2.6.2, 2.4.8, 2.2.16 References: Wireshark bug 14742 CVE-2018-14341 Details Description The DICOM dissector could go into a large or infinite loop. Impact It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.6.2, 2.4.8, 2.2.16 or later. - --- Summary Name: Bazaar dissector infinite loop Docid: wnpa-sec-2018-40 Date: July 18, 2018 Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15 Fixed versions: 2.6.2, 2.4.8, 2.2.16 References: Wireshark bug 14841 CVE-2018-14368 Details Description The Bazaar protocol dissector could go into an infinite loop. Impact It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.6.2, 2.4.8, 2.2.16 or later. - --- Summary Name: HTTP2 dissector crash Docid: wnpa-sec-2018-41 Date: July 18, 2018 Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15 Fixed versions: 2.6.2, 2.4.8, 2.2.16 References: Wireshark bug 14869 CVE-2018-14369 Details Description The HTTP2 protocol dissector could crash. Discovered by Jyrki Penttinen. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.6.2, 2.4.8, 2.2.16 or later. - --- Summary Name: CoAP dissector crash Docid: wnpa-sec-2018-42 Date: July 18, 2018 Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7 Fixed versions: 2.6.2, 2.4.8 References: Wireshark bug 14966 CVE-2018-14367 Details Description The CoAP protocol dissector could crash. Discovered by Bill Nickless. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.6.2, 2.4.8 or later. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBW1AZb2aOgq3Tt24GAQg+jA/+Ov47Tcg7nftSlDVh4k99sgtSVVdpDsCO qGYohnuolzvnS2UwsH9lLrCLt3ZXWPwfrUs7zVVgHgMkTZ3NUkcRVTUO8Kp4DWEw 644zkMuyxGrl4Zv0aFajK+VpXZv7ORPIFyXdn29Uk0sTGdnwq2NgLXlCLCBDpjre CEMDENhpo5z0sJZiCXKOg4UcJk5R37ovT4tW+0Popn2/OLWiA7qfM3pioKemB1kE S+naaF0QpQRurMT89TIt4dGuRBqA862go/ssBgKeC/XXYJXJqfaH1jwY4qD824CT S05xfAbPbZq+f1bo5t2pn+Uvz4/MOiBwyufG79B2m7u8WNHSV8FvB8n8jmQ3GtQ2 zIXht6e+VIr86lBzMaMZ34deZvxHiCVHto8D/pgB8SWFtD/99GfCWQ9vYrHkAULz PJRFBRmapddneryD2ZkVnWnXva+O1qLMH5Z65agEC7AIdk68u7wg7z8euHxC4yDE D1xUsj2IAT3WA9Tq3SkgxRmdPxPxSOE987Uq52l2wUkAtHnEK4DmRildQsQFA68R jTDAKimswjBlhjxl7NWyKHDhvym/vtzE5vFgIJkfjX0XjXlY6azbPr3a8/JtBlJR 6Egk4oiVbhfwqTK9YwffX71m8QPCuZ9ml+ZJa72PY66btPyvDnMqoe6b8PVOQlvW SQT+ZhOxkOw= =oYGh -----END PGP SIGNATURE-----