Test ID:	1.3.6.1.4.1.25623.1.0.807579
Category:	Denial of Service
Title:	Wireshark Multiple Denial of Service Vulnerabilities -02 (May 2016) - Mac OS X
Summary:	Wireshark is prone to multiple denial of service vulnerabilities.
Description:	Summary: Wireshark is prone to multiple denial of service vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - 'epan/proto.c' script does not limit the protocol-tree depth. - The IEEE 802.11 dissector does not properly restrict element lists. - 'epan/dissectors/packet-pktc.c' script in the PKTC dissector does not verify BER identifiers. - 'epan/dissectors/packet-pktc.c' script in the PKTC dissector misparses timestamp fields. - An incorrect integer data type usage by 'epan/dissectors/packet-iax2.c' script in the IAX2 dissector. - An incorrect array indexing by 'epan/dissectors/packet-gsm_cbch.c' script in the GSM CBCH dissector. Vulnerability Impact: Successful exploitation will allow remote attackers to conduct denial of service attack. Affected Software/OS: Wireshark version 1.12.x before 1.12.11 and 2.0.x before 2.0.3 on Mac OS X Solution: Upgrade to Wireshark version 1.12.11 or or 2.0.3 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-4006 Debian Security Information: DSA-3585 (Google Search) http://www.debian.org/security/2016/dsa-3585 http://www.securitytracker.com/id/1035685 Common Vulnerability Exposure (CVE) ID: CVE-2016-4078 Common Vulnerability Exposure (CVE) ID: CVE-2016-4079 Common Vulnerability Exposure (CVE) ID: CVE-2016-4080 Common Vulnerability Exposure (CVE) ID: CVE-2016-4081 Common Vulnerability Exposure (CVE) ID: CVE-2016-4082
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.