Input validation error in Wireshark

1) Input validation error

EUVDB-ID: #VU32094

Risk: Medium

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-6512

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

epan/dissectors/packet-wap.c in Wireshark 2.x before 2.0.5 omits an overflow check in the tvb_get_guintvar function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet, related to the MMSE, WAP, WBXML, and WSP dissectors.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Wireshark: 1.2.0 - 2.0.4

CPE2.3

• cpe:2.3:a:wireshark_org:wireshark:1.2.18:*:*:*:*:*:*:*
• cpe:2.3:a:wireshark_org:wireshark:1.12.13:*:*:*:*:*:*:*
• cpe:2.3:a:wireshark_org:wireshark:2.0.4:*:*:*:*:*:*:*

External links

http://openwall.com/lists/oss-security/2016/07/28/3
http://www.securityfocus.com/bid/92174
http://www.securitytracker.com/id/1036480
http://www.wireshark.org/security/wnpa-sec-2016-48.html
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12661
http://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2193bea3212d74e2a907152055e27d409b59485e
http://www.exploit-db.com/exploits/40195/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.