SB2014042505 - Amazon Linux AMI update for wireshark
Published: April 25, 2014 Updated: March 24, 2022
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 10 secuirty vulnerabilities.
1) Input validation error (CVE-ID: CVE-2013-6336)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
2) Input validation error (CVE-ID: CVE-2013-6337)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
3) Input validation error (CVE-ID: CVE-2013-6338)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
4) Input validation error (CVE-ID: CVE-2013-6339)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
The dissect_openwire_type function in epan/dissectors/packet-openwire.c in the OpenWire dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (loop) via a crafted packet.
5) Input validation error (CVE-ID: CVE-2013-6340)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly determine the amount of remaining data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
6) Input validation error (CVE-ID: CVE-2013-7112)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
7) Buffer overflow (CVE-ID: CVE-2013-7114)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote attackers to cause a denial of service (application crash) via a long domain name in a packet.
8) Input validation error (CVE-ID: CVE-2014-2281)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.
9) Input validation error (CVE-ID: CVE-2014-2283)
The vulnerability allows remote attackers to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service (use-after-free error and application crash) via a crafted UMTS Radio Link Control packet.
10) Buffer overflow (CVE-ID: CVE-2014-2299)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large record in MPEG data.
Remediation
Install update from vendor's website.