Out-of-bounds write in wireshark (Alpine package)



Published: 2017-10-23
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2017-13766
CWE-ID CWE-787
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		wireshark (Alpine package)
Operating systems & Components / Operating system package or component

Vendor Alpine Linux Development Team

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Out-of-bounds write

EUVDB-ID: #VU8073

Risk: Low

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-13766

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to out-of-bounds write in the Profinet I/O dissector. A remote attacker can inject a malformed packet onto the wire, trigger Wireshark to consume excessive CPU resources and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

Mitigation

Install update from vendor's website.

Vulnerable software versions

wireshark (Alpine package): 2.2.3-r0 - 2.2.8-r0

wireshark (Alpine package):

CPE2.3 External links

http://git.alpinelinux.org/aports/commit/?id=172c0bd3e6c3e2b6dab46dae04008d430f0d44a5
http://git.alpinelinux.org/aports/commit/?id=b0601c956e7cb028e122152d19232b78d8b224f0
http://git.alpinelinux.org/aports/commit/?id=2bb9ce2b3f960a3b8bfd71bda6a5998bdfa56f6c


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###