Main Vulnerability Database Vulnerabilities #VU418

Denial of service in Wireshark - CVE-2016-7179

Published: September 13, 2016

Vulnerability identifier: #VU418

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2016-7179

CWE-ID: CWE-362

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Wireshark.org

Affected software:
Wireshark

Detailed vulnerability description

The vulnerability allows remote user to cause the denial of service on the target system.
The weakness exists due to causing of the Catapult DCT2000 dissector crash. A remote attacker can send and inject specially crafted malformed packet or trick the victim into reading its trace file.
Successful exploitation of this vulnerability will allow an attacker to cause a denial of service on the vulnerable system.

How to mitigate CVE-2016-7179

Updade to 2.0.6. or later.

Sources

https://www.wireshark.org/security/wnpa-sec-2016-54.html

Denial of service in Wireshark - CVE-2016-7179

Detailed vulnerability description

How to mitigate CVE-2016-7179

Sources

Please verify you're human