Denial of Service : Wireshark Security Multiple DoS Vulnerabilities (Apr 2023)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.832052

Categoría: Denial of Service

Título: Wireshark Security Multiple DoS Vulnerabilities (Apr 2023) - Mac OS X

Resumen: Wireshark is prone to multiple denial of service (DoS); vulnerabilities.

Descripción: Summary:
Wireshark is prone to multiple denial of service (DoS)
vulnerabilities.

Vulnerability Insight:
Multiple flaws exist due to:

- An unexpected crash in RPCoRDMA dissector crash.

- LISP dissector large loop crash in Wireshark.

- GQUIC dissector crash in Wireshark.

For more information about the vulnerabilities refer to Reference links.

Vulnerability Impact:
Successful exploitation may allow
remote attackers to perform denial of service on an affected system.

Affected Software/OS:
Wireshark versions 4.0.0 to 4.0.4, 3.6.0 to 3.6.12.

Solution:
Update to version 4.0.5 or 3.6.13 or later.

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2023-1992
https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1992.json
Debian Security Information: DSA-5429 (Google Search)
https://www.debian.org/security/2023/dsa-5429
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFJERBHVWYLYWXO2B3V47QH66IEB6EZ3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZA7IMATNNQPLIM6WMRPM3T5ZY24NRR2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EHLTD25WNQSPQNELX52UH6YLP4TBLKTT/
https://security.gentoo.org/glsa/202309-02
https://gitlab.com/wireshark/wireshark/-/issues/18852
https://www.wireshark.org/security/wnpa-sec-2023-09.html
https://lists.debian.org/debian-lts-announce/2023/04/msg00029.html
Common Vulnerability Exposure (CVE) ID: CVE-2023-1993
https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1993.json
https://gitlab.com/wireshark/wireshark/-/issues/18900
https://www.wireshark.org/security/wnpa-sec-2023-10.html
Common Vulnerability Exposure (CVE) ID: CVE-2023-1994
https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1994.json
https://gitlab.com/wireshark/wireshark/-/issues/18947
https://www.wireshark.org/security/wnpa-sec-2023-11.html

Copyright Copyright (C) 2023 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.832052
Categoría:	Denial of Service
Título:	Wireshark Security Multiple DoS Vulnerabilities (Apr 2023) - Mac OS X
Resumen:	Wireshark is prone to multiple denial of service (DoS); vulnerabilities.
Descripción:	Summary: Wireshark is prone to multiple denial of service (DoS) vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - An unexpected crash in RPCoRDMA dissector crash. - LISP dissector large loop crash in Wireshark. - GQUIC dissector crash in Wireshark. For more information about the vulnerabilities refer to Reference links. Vulnerability Impact: Successful exploitation may allow remote attackers to perform denial of service on an affected system. Affected Software/OS: Wireshark versions 4.0.0 to 4.0.4, 3.6.0 to 3.6.12. Solution: Update to version 4.0.5 or 3.6.13 or later. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-1992 https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1992.json Debian Security Information: DSA-5429 (Google Search) https://www.debian.org/security/2023/dsa-5429 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFJERBHVWYLYWXO2B3V47QH66IEB6EZ3/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZA7IMATNNQPLIM6WMRPM3T5ZY24NRR2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EHLTD25WNQSPQNELX52UH6YLP4TBLKTT/ https://security.gentoo.org/glsa/202309-02 https://gitlab.com/wireshark/wireshark/-/issues/18852 https://www.wireshark.org/security/wnpa-sec-2023-09.html https://lists.debian.org/debian-lts-announce/2023/04/msg00029.html Common Vulnerability Exposure (CVE) ID: CVE-2023-1993 https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1993.json https://gitlab.com/wireshark/wireshark/-/issues/18900 https://www.wireshark.org/security/wnpa-sec-2023-10.html Common Vulnerability Exposure (CVE) ID: CVE-2023-1994 https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1994.json https://gitlab.com/wireshark/wireshark/-/issues/18947 https://www.wireshark.org/security/wnpa-sec-2023-11.html
Copyright	Copyright (C) 2023 Greenbone AG