Wireshark Multiple Denial-of-Service Vulnerabilities -01 Jan15 (Mac OS X) Network Vulnerability

Summary

This host is installed with Wireshark and is prone to multiple denial-of-service vulnerabilities.

Impact

Successful exploitation will allow attackers to conduct multiple denial-of-service attacks. Impact Level: Application

Solution

Upgrade to Wireshark version 1.10.12, 1.12.3 or later, For updates refer to https://www.wireshark.org

Insight

Multiple flaws are due to, - An error within the SMTP dissector. - An error within the DEC DNA Routing Protocol dissector. - An error within the LPP dissector. - Two errors within the WCCP dissector. - An error when decypting TLS/SSL sessions.

Affected

Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 on Mac OS X

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://osvdb.org/116808
http://secunia.com/advisories/62020
https://www.wireshark.org/security/wnpa-sec-2015-01.html
https://www.wireshark.org/security/wnpa-sec-2015-02.html
https://www.wireshark.org/security/wnpa-sec-2015-03.html
https://www.wireshark.org/security/wnpa-sec-2015-04.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2015-0559, CVE-2015-0560, CVE-2015-0561, CVE-2015-0562, CVE-2015-0563, CVE-2015-0564
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Comodo Internet Security Denial of Service Vulnerability-02
Crash SMC AP
Apache Traffic Server HTTP Host Header Denial of Service Vulnerability
Firefox Browser Libxul Memory Leak Remote DoS Vulnerability - Win
Adobe Flash Media Server XML Data Remote Denial of Service Vulnerability

Take action and discover your vulnerabilities