Test ID:	1.3.6.1.4.1.25623.1.0.811070
Category:	Denial of Service
Title:	Wireshark Multiple Denial-of-Service Vulnerabilities-01 (Jun 2017) - Windows
Summary:	Wireshark is prone to multiple vulnerabilities.
Description:	Summary: Wireshark is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - An error in the epan/dissectors/packet-rgmp.c script within the RGMP dissector which could crash. - An error in the epan/dissectors/packet-msnip.c script within the MSNIP dissector which misuses a NULL pointer. - An error in the epan/dissectors/packet-btl2cap.c script within the Bluetooth L2CAP dissector which could divide by zero. - An error in the epan/dissectors/packet-opensafety.c script within the openSAFETY dissector which could crash or exhaust system memory. - An error in the epan/dissectors/packet-dcm.c script within the DICOM dissector which could go into an infinite loop. - An error in the epan/dissectors/packet-slsk.c script within the SoulSeek dissector which could go into an infinite loop. - An error in the epan/dissectors/packet-dns.c script within the DNS dissector which could go into an infinite loop. - An error in epan/dissectors/packet-bzr.c script within the Bazaar dissector which could go into an infinite loop. - An error in epan/dissectors/packet-bootp.c script within the DHCP dissector which could read past the end of a buffer. Vulnerability Impact: Successful exploitation will allow attacker to crash wireshark or consume excessive CPU resources. Affected Software/OS: Wireshark version 2.2.0 through 2.2.6 and 2.0.0 through 2.0.12 on Windows Solution: Upgrade to Wireshark version 2.2.7 or 2.0.13 or later. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-9352 BugTraq ID: 98804 http://www.securityfocus.com/bid/98804 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13599 https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8c5e0cee278ff0678b0ebf4b9c2a614974b4029a https://www.wireshark.org/security/wnpa-sec-2017-22.html http://www.securitytracker.com/id/1038612 Common Vulnerability Exposure (CVE) ID: CVE-2017-9351 BugTraq ID: 98808 http://www.securityfocus.com/bid/98808 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1153 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1183 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13609 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13628 https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a6e033c14da13bd5f72dfe07a347586517639d12 https://www.wireshark.org/security/wnpa-sec-2017-24.html Common Vulnerability Exposure (CVE) ID: CVE-2017-9346 BugTraq ID: 98799 http://www.securityfocus.com/bid/98799 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1200 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13631 https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6c0bd15bd46a95c5b7dce02fe23c594429bb6c7e https://www.wireshark.org/security/wnpa-sec-2017-25.html Common Vulnerability Exposure (CVE) ID: CVE-2017-9345 BugTraq ID: 98798 http://www.securityfocus.com/bid/98798 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1206 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13633 https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e280c9b637327a65d132bfe72d917b87e6844eb5 https://www.wireshark.org/security/wnpa-sec-2017-26.html Common Vulnerability Exposure (CVE) ID: CVE-2017-9349 BugTraq ID: 98803 http://www.securityfocus.com/bid/98803 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1329 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13685 https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=cb1b6494c44c9e939d9e2554de6b812de395e3f9 https://www.wireshark.org/security/wnpa-sec-2017-27.html https://lists.debian.org/debian-lts-announce/2019/03/msg00031.html Common Vulnerability Exposure (CVE) ID: CVE-2017-9350 BugTraq ID: 98806 http://www.securityfocus.com/bid/98806 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1212 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13649 https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=dbc7cb0bbdd501fa96e0cb98668f6d6bf17ac4e6 https://www.wireshark.org/security/wnpa-sec-2017-28.html Common Vulnerability Exposure (CVE) ID: CVE-2017-9344 BugTraq ID: 98796 http://www.securityfocus.com/bid/98796 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1539 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13701 https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6308ae03d82a29a2e3d75e1c325c8a9f6c44dcdf https://www.wireshark.org/security/wnpa-sec-2017-29.html Common Vulnerability Exposure (CVE) ID: CVE-2017-9343 BugTraq ID: 98797 http://www.securityfocus.com/bid/98797 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1678 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13725 https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=27556320b41904716b9c9f73ef8f4fe705d1e669 https://www.wireshark.org/security/wnpa-sec-2017-30.html Common Vulnerability Exposure (CVE) ID: CVE-2017-9354 BugTraq ID: 98802 http://www.securityfocus.com/bid/98802 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1243 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13646 https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3a77395e651acd81eb41ffd8fbdbf711e1133d76 https://www.wireshark.org/security/wnpa-sec-2017-32.html
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.