Wireshark Multiple Denial of Service Vulnerabilities

by Carol~ Moderator - 3/7/13 8:40 AM

In Reply to: VULNERABILITIES / FIXES - March 07, 2013 by Carol~ Moderator

Release Date: 2013-03-07

Criticality level : Moderately critical
Impact : Dos
Where : From remote
Solution Status : Vendor Patch

Software: Wireshark 1.x

Description:
Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service).

1) An error in the TCP dissector when processing certain packets can be exploited to cause a crash via a specially crafted packet.

2) An error in the HART/IP dissectory can be exploited to trigger infinite loops and consume CPU resources via specially crafted packets.

3) An error in the CSN.1 dissector when processing certain packets can be exploited to cause a crash via a specially crafted packet.

4) An error in the MPLS Echo dissector can be exploited to trigger infinite loops and consume CPU resources via specially crafted packets.

5) An error in the RELOAD dissector can be exploited to trigger infinite loops and consume CPU resources via specially crafted packets.

The vulnerabilities #1 through #5 affect versions 1.8.0 through 1.8.5.

6) An error in the MS-MMS dissector when processing certain packets can be exploited to cause a crash via a specially crafted packet.

7) An error in the RTPS and RTPS2 dissectors when processing certain packets can be exploited to cause a crash via a specially crafted packet.

8) An error in the Mount dissector when processing certain packets can be exploited to cause a crash via a specially crafted packet.

9) An error in the AMPQ dissector can be exploited to trigger infinite loops and consume CPU resources via specially crafted packets.

10) A division by zero error in the ACN dissector can be exploited to cause a crash via a specially crafted packet.

11) An error in the CIMD dissector when processing certain packets can be exploited to cause a crash via a specially crafted packet.

12) An error in the FCSP dissector can be exploited to trigger infinite loops and consume CPU resources via specially crafted packets.

13) An error in the DTLS dissector can be exploited to trigger infinite loops and consume CPU resources via specially crafted packets.

The vulnerabilities #6 through #13 affect versions 1.6.0 through 1.6.13 and 1.8.0 through 1.8.5.

Solution:
Update to version 1.6.14 or 1.8.6.

Provided and/or discovered by:
1, 2) Reported by the vendor
3, 4, 6, 13) The vendor credits Laurent Butti
7, 8, 10) The vendor credits Alyssa Milburn
9, 11, 12) The vendor credits Moshe Kaplan
5) The vendor credits Even Jensen

Original Advisory:
http://www.wireshark.org/docs/relnotes/wireshark-1.6.14.html
http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html

http://secunia.com/advisories/52471/