Risk | Low |
Patch available | YES |
Number of vulnerabilities | 12 |
CVE-ID | CVE-2017-9343 CVE-2017-9344 CVE-2017-9345 CVE-2017-9346 CVE-2017-9347 CVE-2017-9348 CVE-2017-9349 CVE-2017-9350 CVE-2017-9351 CVE-2017-9352 CVE-2017-9353 CVE-2017-9354 |
CWE-ID | CWE-476 CWE-369 CWE-835 CWE-125 CWE-119 CWE-20 |
Exploitation vector | Network |
Public exploit |
Public exploit code for vulnerability #5 is available. Public exploit code for vulnerability #11 is available. |
Vulnerable software Subscribe |
Wireshark Server applications / IDS/IPS systems, Firewalls and proxy servers |
Vendor | Wireshark.org |
Security Bulletin
This security bulletin contains information about 12 vulnerabilities.
EUVDB-ID: #VU6905
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-9343
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to NULL pointer dereference in the MSNIP dissector when validating an IPv4 address. A remote attacker can inject a malformed packet epan/dissectors/packet-msnip.c onto the wire or persuade the target user to read a malformed packet trace file and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
Update to version 2.0.13, 2.2.7 or later.
Vulnerable software versionsWireshark: 2.0.0 - 2.2.6
CPE2.3http://www.wireshark.org/security/wnpa-sec-2017-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU6906
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-9344
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to divide by zero in the Bluetooth L2CAP dissector when validating an interval value. A remote attacker can inject a malformed packet epan/dissectors/packet-btl2cap.c onto the wire or persuade the target user to read a malformed packet trace file and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
Update to version 2.0.13, 2.2.7 or later.
Vulnerable software versionsWireshark: 2.0.0 - 2.2.6
CPE2.3http://www.wireshark.org/security/wnpa-sec-2017-29.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU6907
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-9345
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to infinite loop in the DNS dissector when trying to detect self-referencing pointers. A remote attacker can inject a malformed packet epan/dissectors/packet-dns.c onto the wire or persuade the target user to read a malformed packet trace file and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
Update to version 2.0.13, 2.2.7 or later.
Vulnerable software versionsWireshark: 2.0.0 - 2.2.6
CPE2.3http://www.wireshark.org/security/wnpa-sec-2017-26.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU6908
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-9346
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to infinite loop in the SoulSeek dissector when making loop bounds more explicit. A remote attacker can inject a malformed packet epan/dissectors/packet-slsk.c onto the wire or persuade the target user to read a malformed packet trace file and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
Update to version 2.0.13, 2.2.7 or later.
Vulnerable software versionsWireshark: 2.0.0 - 2.2.6
CPE2.3http://www.wireshark.org/security/wnpa-sec-2017-25.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU6909
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-9347
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to NULL pointer dereference in the ROS dissector when validating an OID. A remote attacker can inject a malformed packet epan/dissectors/asn1/ros/packet-ros-template.c onto the wire or persuade the target user to read a malformed packet trace file and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
Update to version 2.2.7 or later.
Vulnerable software versionsWireshark: 2.2.0 - 2.2.6
CPE2.3 External linkshttp://www.wireshark.org/security/wnpa-sec-2017-31.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU6910
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-9348
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to out-of-bounds read in the DOF dissector when validating a size value. A remote attacker can inject a malformed packet epan/dissectors/packet-dof.c onto the wire or persuade the target user to read a malformed packet trace file and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
Update to version 2.2.7 or later.
Vulnerable software versionsWireshark: 2.2.0 - 2.2.6
CPE2.3 External linkshttp://www.wireshark.org/security/wnpa-sec-2017-23.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU6911
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-9349
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to infinite loop in the DICOM dissector when validating a length value. A remote attacker can inject a malformed packet epan/dissectors/packet-dcm.c onto the wire or persuade the target user to read a malformed packet trace file and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
Update to version 2.0.13, 2.2.7 or later.
Vulnerable software versionsWireshark: 2.0.0 - 2.2.6
CPE2.3http://www.wireshark.org/security/wnpa-sec-2017-27.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU6912
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-9350
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to memory corruption in the DICOM dissector when checking for a negative length. A remote attacker can inject a malformed packet epan/dissectors/packet-opensafety.c onto the wire or persuade the target user to read a malformed packet trace file and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
Update to version 2.0.13, 2.2.7 or later.
Vulnerable software versionsWireshark: 2.0.0 - 2.2.6
CPE2.3http://www.wireshark.org/security/wnpa-sec-2017-28.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU6913
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-9351
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to memory corruption in the DHCP dissector. A remote attacker can inject a malformed packet epan/dissectors/packet-bootp.c onto the wire or persuade the target user to read a malformed packet trace file and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
Update to version 2.0.13, 2.2.7 or later.
Vulnerable software versionsWireshark: 2.0.0 - 2.2.6
CPE2.3http://www.wireshark.org/security/wnpa-sec-2017-24.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU6914
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-9352
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to infinite loop in the Bazaar dissector could when backwards parsing. A remote attacker can inject a malformed packet epan/dissectors/packet-bzr.c onto the wire or persuade the target user to read a malformed packet trace file and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
Update to version 2.2.7 or later.
Vulnerable software versionsWireshark: 2.2.0 - 2.2.6
CPE2.3 External linkshttp://www.wireshark.org/security/wnpa-sec-2017-22.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU6915
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-9353
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the IPv6 dissector due to improper validation of an IPv6 address. A remote attacker can inject a malformed packet epan/dissectors/packet-ipv6.c onto the wire or persuade the target user to read a malformed packet trace file and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
Update to version 2.2.7 or later.
Vulnerable software versionsWireshark: 2.2.0 - 2.2.6
CPE2.3 External linkshttp://www.wireshark.org/security/wnpa-sec-2017-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU6916
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-9354
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the RGMP dissector due to improper validation of an IPv4 address. A remote attacker can inject a malformed packet epan/dissectors/packet-rgmp.c onto the wire or persuade the target user to read a malformed packet trace file and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
Update to version 2.0.13, 2.2.7 or later.
Vulnerable software versionsWireshark: 2.0.0 - 2.2.6
CPE2.3http://www.wireshark.org/security/wnpa-sec-2017-32.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.