Wireshark Multiple Dissector Multiple Vulnerabilities - Dec12 (Mac OS X) Network Vulnerability

Summary

This host is installed with Wireshark and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow remote attackers to obtain sensitive information, cause denial of service or to consume excessive CPU resources. Impact Level: Application

Solution

Upgrade to the Wireshark version 1.8.4 or later, For updates refer to http://www.wireshark.org/download

Insight

The flaws are due to - Hostname disclosure by reading pcap-ng files. - The dissect_sflow_245_address_type() in sFlow dissector fails to handle length calculations for an invalid IP address type. - Errors in 3GPP2 A11, SCTP and EIGRP dissectors, which can be exploited to cause a crash.

Affected

Wireshark versions 1.8.x before 1.8.4 on Mac OS X

References

http://secunia.com/advisories/51422
http://www.wireshark.org/security/wnpa-sec-2012-30.html
http://www.wireshark.org/security/wnpa-sec-2012-32.html
http://www.wireshark.org/security/wnpa-sec-2012-33.html
http://www.wireshark.org/security/wnpa-sec-2012-34.html
http://www.wireshark.org/security/wnpa-sec-2012-39.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-6052, CVE-2012-6054, CVE-2012-6055, CVE-2012-6056, CVE-2012-6057
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apple Safari Webkit Multiple Vulnerabilities - June13 (Mac OS X)
Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Linux)
Apple Mac OS X Denial of Service Vulnerability
Apple iTunes Multiple Vulnerabilities - Apr10
Arora Common Name SSL Certificate Spoofing Vulnerability (Linux)

Take action and discover your vulnerabilities