SB2017041219 - Multiple vulnerabilities in Wireshark
Published: April 12, 2017 Updated: August 8, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 vulnerabilities.
1) Input validation error (CVE-ID: CVE-2016-7957)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
In Wireshark 2.2.0, the Bluetooth L2CAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-btl2cap.c by avoiding use of a seven-byte memcmp for potentially shorter strings.
2) Input validation error (CVE-ID: CVE-2016-7958)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
In Wireshark 2.2.0, the NCP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/CMakeLists.txt by registering this dissector.
Remediation
Install update from vendor's website.
References
- http://www.securityfocus.com/bid/97597
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12825
- https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=355b56b1c6c545072ac0c1225730b526c6749f0a
- https://www.wireshark.org/security/wnpa-sec-2016-56.html
- http://www.securityfocus.com/bid/93463
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12945
- https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=67597cb2457fb843fa97d3f2c87b82dad6f0de07
- https://www.wireshark.org/security/wnpa-sec-2016-57.html