The Wireshark team reports of multiple vulnerabilities:
- Wireshark could crash when reading an MP3 file.
- Beyond Security discovered that Wireshark could loop
excessively while reading a malformed DNP packet.
- Stefan Esser discovered a buffer overflow in the SSL
dissector.
- The ANSI MAP dissector could be susceptible to a
buffer overflow on some platforms.
- The Firebird/Interbase dissector could go into an
infinite loop or crash.
- The NCP dissector could cause a crash.
- The HTTP dissector could crash on some systems while
decoding chunked messages.
- The MEGACO dissector could enter a large loop and
consume system resources.
- The DCP ETSI dissector could enter a large loop and
consume system resources.
- Fabiodds discovered a buffer overflow in the iSeries
(OS/400) Communication trace file parser.
- The PPP dissector could overflow a buffer.
- The Bluetooth SDP dissector could go into an infinite
loop.
- A malformed RPC Portmap packet could cause a
crash.
- The IPv6 dissector could loop excessively.
- The USB dissector could loop excessively or crash.
- The SMB dissector could crash.
- The RPL dissector could go into an infinite loop.
- The WiMAX dissector could crash due to unaligned
access on some platforms.
- The CIP dissector could attempt to allocate a huge
amount of memory and crash.
Impact
It may be possible to make Wireshark or Ethereal crash or
use up available memory by injecting a purposefully
malformed packet onto the wire or by convincing someone to
read a malformed packet trace file.