#VU7130 Denial of service in Wireshark
Vulnerability identifier: #VU7130
Vulnerability risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-400
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Wireshark
Server applications /
IDS/IPS systems, Firewalls and proxy servers
Vendor: Wireshark.org
Description
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to memory exhaustion when processing malicious files. A remote attacker can trick the victim into opening a specially crafted DAAP data, trigger an error in the dissect_daap_one_tag() function in 'epan/dissectors/packet-daap.c', consume excessive memory and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Wireshark: 2.2.7
External links
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13799
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
