Multiple vulnerabilities in Wireshark
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2018-5334 CVE-2018-5335 CVE-2018-5336 |
| CWE-ID | CWE-119 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Wireshark Server applications / IDS/IPS systems, Firewalls and proxy servers |
| Vendor | Wireshark.org |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Memory corruption
EUVDB-ID: #VU10004
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-5334
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to boundary error in wiretap/vwr.c within IxVeriWave file parser. A remote attacker can create perform a denial of service (DoS) attack.
Mitigation
Upgrade to Wireshark 2.4.4, 2.2.12 or later.
Vulnerable software versionsWireshark: 2.2.0 - 2.4.3
CPE2.3- cpe:2.3:a:wireshark_org:wireshark:2.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark_org:wireshark:2.2.11:*:*:*:*:*:*:*
http://www.wireshark.org/security/wnpa-sec-2018-03.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Memory corruption
EUVDB-ID: #VU10005
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-5335
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to boundary error in epan/dissectors/packet-wcp.c within WCP dissector. A remote attacker can create perform a denial of service (DoS) attack.
MitigationUpgrade to Wireshark 2.4.4, 2.2.12 or later.
Vulnerable software versionsWireshark: 2.2.0 - 2.4.3
CPE2.3- cpe:2.3:a:wireshark_org:wireshark:2.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark_org:wireshark:2.2.11:*:*:*:*:*:*:*
http://www.wireshark.org/security/wnpa-sec-2018-04.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Memory corruption
EUVDB-ID: #VU10006
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-5336
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to boundary error in epan/tvbparse.c within JSON, XML, NTP, XMPP, and GDB dissectors. A remote attacker can create perform a denial of service (DoS) attack.
MitigationUpgrade to Wireshark 2.4.4, 2.2.12 or later.
Vulnerable software versionsWireshark: 2.2.0 - 2.4.3
CPE2.3- cpe:2.3:a:wireshark_org:wireshark:2.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark_org:wireshark:2.2.11:*:*:*:*:*:*:*
http://www.wireshark.org/security/wnpa-sec-2018-01.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
