SB2017060660 - Gentoo update for Wireshark 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017060660

SB2017060660 - Gentoo update for Wireshark

Published: June 6, 2017 Updated: June 6, 2017

Security Bulletin ID SB2017060660
Severity
Medium
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Infinite loop (CVE-ID: CVE-2017-6014)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory.


2) Infinite loop (CVE-ID: CVE-2017-7700)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size.


3) Infinite loop (CVE-ID: CVE-2017-7701)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type.


4) Infinite loop (CVE-ID: CVE-2017-7702)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation.


5) Improper Neutralization of Special Elements in Output Used by a Downstream Component (CVE-ID: CVE-2017-7703)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly.


6) Infinite loop (CVE-ID: CVE-2017-7704)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dof.c by using a different integer data type and adjusting a return value.


7) Infinite loop (CVE-ID: CVE-2017-7705)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset.


Remediation

Install update from vendor's website.

References