Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 10 |
CVE-ID | CVE-2014-6423 CVE-2014-6424 CVE-2014-6425 CVE-2014-6426 CVE-2014-6427 CVE-2014-6428 CVE-2014-6429 CVE-2014-6430 CVE-2014-6431 CVE-2014-6432 |
CWE-ID | CWE-399 CWE-119 CWE-20 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
Wireshark Server applications / IDS/IPS systems, Firewalls and proxy servers |
Vendor | Wireshark.org |
Security Bulletin
This security bulletin contains information about 10 vulnerabilities.
EUVDB-ID: #VU41294
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2014-6423
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform service disruption.
The tvb_raw_text_add function in epan/dissectors/packet-megaco.c in the MEGACO dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (infinite loop) via an empty line.
MitigationInstall update from vendor's website.
Vulnerable software versionsWireshark: 1.10.0 - 1.12.0
CPE2.3http://linux.oracle.com/errata/ELSA-2014-1676
http://linux.oracle.com/errata/ELSA-2014-1677
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00033.html
http://lists.opensuse.org/opensuse-updates/2014-09/msg00058.html
http://rhn.redhat.com/errata/RHSA-2014-1676.html
http://rhn.redhat.com/errata/RHSA-2014-1677.html
http://secunia.com/advisories/60280
http://secunia.com/advisories/60578
http://secunia.com/advisories/61929
http://secunia.com/advisories/61933
http://www.debian.org/security/2014/dsa-3049
http://www.wireshark.org/security/wnpa-sec-2014-13.html
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10333
http://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9112a099d7cc2cd924b7c667bf27f6e112b970c6
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU41295
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2014-6424
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform service disruption.
The dissect_v9_v10_pdu_data function in epan/dissectors/packet-netflow.c in the Netflow dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 refers to incorrect offset and start variables, which allows remote attackers to cause a denial of service (uninitialized memory read and application crash) via a crafted packet.
MitigationInstall update from vendor's website.
Vulnerable software versionsWireshark: 1.10.0 - 1.12.0
CPE2.3http://linux.oracle.com/errata/ELSA-2014-1676
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00033.html
http://lists.opensuse.org/opensuse-updates/2014-09/msg00058.html
http://rhn.redhat.com/errata/RHSA-2014-1676.html
http://secunia.com/advisories/60280
http://secunia.com/advisories/60578
http://secunia.com/advisories/61929
http://www.debian.org/security/2014/dsa-3049
http://www.wireshark.org/security/wnpa-sec-2014-14.html
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10370
http://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=44698259b1f5865c60323acaf2a633654a2abe81
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU41296
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2014-6425
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform service disruption.
The (1) get_quoted_string and (2) get_unquoted_string functions in epan/dissectors/packet-cups.c in the CUPS dissector in Wireshark 1.12.x before 1.12.1 allow remote attackers to cause a denial of service (buffer over-read and application crash) via a CUPS packet that lacks a trailing '