SB2018073013 - Denial of service vulnerabilities in Wireshark
Published: July 30, 2018
Security Bulletin ID
SB2018073013
Severity
Medium
Patch available
YES
Number of vulnerabilities
10
Exploitation vector
Remote access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 10 secuirty vulnerabilities.
1) Resource exhaustion (CVE-ID: CVE-2018-14342)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to a flaw when handling malicious input. A remote attacker can inject a malformed packet onto the wire or trick the victim into reading a malformed packet trace file, consume excessive CPU resources and cause the BGP dissector to crash.
The weakness exists due to a flaw when handling malicious input. A remote attacker can inject a malformed packet onto the wire or trick the victim into reading a malformed packet trace file, consume excessive CPU resources and cause the BGP dissector to crash.
2) Improper input validation (CVE-ID: CVE-2018-14344)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to a flaw when handling malicious input. A remote attacker can inject a malformed packet onto the wire or trick the victim into reading a malformed packet trace file and cause the ISMP dissector to crash.
The weakness exists due to a flaw when handling malicious input. A remote attacker can inject a malformed packet onto the wire or trick the victim into reading a malformed packet trace file and cause the ISMP dissector to crash.
3) Improper input validation (CVE-ID: CVE-2018-14340)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to a flaw when handling malicious input. A remote attacker can inject a malformed packet onto the wire or trick the victim into reading a malformed packet trace file and cause the dissectors that support zlib decompression to crash.
The weakness exists due to a flaw when handling malicious input. A remote attacker can inject a malformed packet onto the wire or trick the victim into reading a malformed packet trace file and cause the dissectors that support zlib decompression to crash.
4) Improper input validation (CVE-ID: CVE-2018-14343)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to a flaw when handling malicious input. A remote attacker can inject a malformed packet onto the wire or trick the victim into reading a malformed packet trace file and cause the ASN.1 BER dissector to crash.
The weakness exists due to a flaw when handling malicious input. A remote attacker can inject a malformed packet onto the wire or trick the victim into reading a malformed packet trace file and cause the ASN.1 BER dissector to crash.
5) Infinite loop (CVE-ID: CVE-2018-14339)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to a flaw when handling malicious input. A remote attacker can inject a malformed packet onto the wire or trick the victim into reading a malformed packet trace file, trigger infinite loop and cause the MMSE dissector to crash.
The weakness exists due to a flaw when handling malicious input. A remote attacker can inject a malformed packet onto the wire or trick the victim into reading a malformed packet trace file, trigger infinite loop and cause the MMSE dissector to crash.
6) Infinite loop (CVE-ID: CVE-2018-14341)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to an infinite loop when handling malicious input. A remote attacker can inject a malformed packet onto the wire or trick the victim into reading a malformed packet trace file, consume excessive CPU resources and cause the DICOM dissector to crash.
The weakness exists due to an infinite loop when handling malicious input. A remote attacker can inject a malformed packet onto the wire or trick the victim into reading a malformed packet trace file, consume excessive CPU resources and cause the DICOM dissector to crash.
7) Infinite loop (CVE-ID: CVE-2018-14368)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to an infinite loop when handling malicious input. A remote attacker can inject a malformed packet onto the wire or trick the victim into reading a malformed packet trace file, consume excessive CPU resources and cause the Bazaar protocol dissector to crash.
The weakness exists due to an infinite loop when handling malicious input. A remote attacker can inject a malformed packet onto the wire or trick the victim into reading a malformed packet trace file, consume excessive CPU resources and cause the Bazaar protocol dissector to crash.
8) Improper input validation (CVE-ID: CVE-2018-14369)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to a flaw when handling malicious input. A remote attacker can inject a malformed packet onto the wire or trick the victim into reading a malformed packet trace file and cause the HTTP2 protocol dissector to crash.
The weakness exists due to a flaw when handling malicious input. A remote attacker can inject a malformed packet onto the wire or trick the victim into reading a malformed packet trace file and cause the HTTP2 protocol dissector to crash.
9) Improper input validation (CVE-ID: CVE-2018-14367)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to a flaw when handling malicious input. A remote attacker can inject a malformed packet onto the wire or trick the victim into reading a malformed packet trace file and cause the CoAP protocol dissector to crash.
The weakness exists due to a flaw when handling malicious input. A remote attacker can inject a malformed packet onto the wire or trick the victim into reading a malformed packet trace file and cause the CoAP protocol dissector to crash.
10) Improper input validation (CVE-ID: CVE-2018-14370)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to a flaw when handling malicious input. A remote attacker can inject a malformed packet onto the wire or trick the victim into reading a malformed packet trace file and cause the IEEE 802.11 protocol dissector to crash.
The weakness exists due to a flaw when handling malicious input. A remote attacker can inject a malformed packet onto the wire or trick the victim into reading a malformed packet trace file and cause the IEEE 802.11 protocol dissector to crash.
Remediation
Install update from vendor's website.
References
- https://www.wireshark.org/security/wnpa-sec-2018-34.html
- https://www.wireshark.org/security/wnpa-sec-2018-35.html
- https://www.wireshark.org/security/wnpa-sec-2018-36.html
- https://www.wireshark.org/security/wnpa-sec-2018-37.html
- https://www.wireshark.org/security/wnpa-sec-2018-38.html
- https://www.wireshark.org/security/wnpa-sec-2018-39.html
- https://www.wireshark.org/security/wnpa-sec-2018-40.html
- https://www.wireshark.org/security/wnpa-sec-2018-41.html
- https://www.wireshark.org/security/wnpa-sec-2018-42.html
- https://www.wireshark.org/security/wnpa-sec-2018-43.html