DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2021-4186", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2021-4186", "description": "Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file", "published": "2021-12-30T22:15:00", "modified": "2022-02-04T16:29:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0}, "severity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4186", "reporter": "cve@gitlab.com", "references": ["https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-4186.json", "https://gitlab.com/wireshark/wireshark/-/issues/17737", "https://www.wireshark.org/security/wnpa-sec-2021-16.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R5AEK3XTOIOGCGUILUFISMGX54YJXWGJ/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6XGBKWSQFCVYUN4ZK3O3NJIFP3OAFVT/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/"], "cvelist": ["CVE-2021-4186"], "immutableFields": [], "lastseen": "2022-03-23T19:25:22", "viewCount": 37, "enchantments": {"dependencies": {"references": [{"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-4186"]}, {"type": "fedora", "idList": ["FEDORA:244AB30680C7", "FEDORA:24C9A3192282", "FEDORA:538BB3108D82", "FEDORA:B573030E403A"]}, {"type": "nessus", "idList": ["MACOSX_WIRESHARK_3_4_11.NASL", "WIRESHARK_3_4_11.NASL"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-4186"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-4186"]}], "rev": 4}, "score": {"value": 3.8, "vector": "NONE"}, "backreferences": {"references": [{"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-4186"]}, {"type": "fedora", "idList": ["FEDORA:244AB30680C7"]}, {"type": "nessus", "idList": ["MACOSX_WIRESHARK_3_4_11.NASL", "WIRESHARK_3_4_11.NASL"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-4186"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-4186"]}]}, "exploitation": null, "vulnersScore": 3.8}, "_state": {"dependencies": 0, "score": 0}, "_internal": {}, "cna_cvss": {"cna": "GitLab Inc.", "cvss": {"3": {"vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "score": 6.3}}}, "cpe": ["cpe:/a:wireshark:wireshark:3.4.10", "cpe:/o:fedoraproject:fedora:34", "cpe:/o:fedoraproject:fedora:35"], "cpe23": ["cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:3.4.10:*:*:*:*:*:*:*"], "cwe": ["CWE-74"], "affectedSoftware": [{"cpeName": "wireshark:wireshark", "version": "3.4.10", "operator": "le", "name": "wireshark"}, {"cpeName": "fedoraproject:fedora", "version": "34", "operator": "eq", "name": "fedoraproject fedora"}, {"cpeName": "fedoraproject:fedora", "version": "35", "operator": "eq", "name": "fedoraproject fedora"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:wireshark:wireshark:3.4.10:*:*:*:*:*:*:*", "versionStartIncluding": "3.4.0", "versionEndIncluding": "3.4.10", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-4186.json", "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-4186.json", "refsource": "CONFIRM", "tags": ["Third Party Advisory"]}, {"url": "https://gitlab.com/wireshark/wireshark/-/issues/17737", "name": "https://gitlab.com/wireshark/wireshark/-/issues/17737", "refsource": "MISC", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"]}, {"url": "https://www.wireshark.org/security/wnpa-sec-2021-16.html", "name": "https://www.wireshark.org/security/wnpa-sec-2021-16.html", "refsource": "MISC", "tags": ["Vendor Advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/", "name": "FEDORA-2022-a3d70b50f0", "refsource": "FEDORA", "tags": ["Mailing List", "Third Party Advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R5AEK3XTOIOGCGUILUFISMGX54YJXWGJ/", "name": "FEDORA-2022-1daf93c51d", "refsource": "FEDORA", "tags": ["Mailing List", "Third Party Advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6XGBKWSQFCVYUN4ZK3O3NJIFP3OAFVT/", "name": "FEDORA-2022-30411cb3c4", "refsource": "FEDORA", "tags": ["Mailing List", "Third Party Advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/", "name": "FEDORA-2022-48b86d586f", "refsource": "FEDORA", "tags": ["Mailing List", "Third Party Advisory"]}]}

{"ubuntucve": [{"lastseen": "2022-01-23T11:27:54", "description": "Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial\nof service via packet injection or crafted capture file", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-12-30T00:00:00", "type": "ubuntucve", "title": "CVE-2021-4186", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4186"], "modified": "2021-12-30T00:00:00", "id": "UB:CVE-2021-4186", "href": "https://ubuntu.com/security/CVE-2021-4186", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhatcve": [{"lastseen": "2022-06-08T11:05:11", "description": "A segmentation issue was found in Wireshark. This flaw allows an attacker with local network access to pass specially crafted capture files, causing an application to halt or crash.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-01-10T18:25:13", "type": "redhatcve", "title": "CVE-2021-4186", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4186"], "modified": "2022-06-08T08:24:20", "id": "RH:CVE-2021-4186", "href": "https://access.redhat.com/security/cve/cve-2021-4186", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "veracode": [{"lastseen": "2022-05-12T00:29:05", "description": "wireshark:sid is vulnerable to denial of service. Crash in the Gryphon dissector allows denial of service via packet injection or crafted capture file.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-01-05T04:25:09", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4186"], "modified": "2022-02-04T18:27:17", "id": "VERACODE:33514", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-33514/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2022-07-04T06:03:02", "description": "Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-12-30T22:15:00", "type": "debiancve", "title": "CVE-2021-4186", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4186"], "modified": "2021-12-30T22:15:00", "id": "DEBIANCVE:CVE-2021-4186", "href": "https://security-tracker.debian.org/tracker/CVE-2021-4186", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2022-06-06T18:42:37", "description": "The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.4.11. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.4.11 advisory.\n\n - The Gryphon dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-4186)\n\n - The RTMPT dissector could go into an infinite loop. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-4185)\n\n - The BitTorrent DHT dissector could go into an infinite loop. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4184)\n\n - The RFC 7468 file parser could go into an infinite loop. It may be possible to make Wireshark consume excessive CPU resources by convincing someone to read a malformed packet trace file. (CVE-2021-4182)\n\n - The Sysdig Event dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4181)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-12-29T00:00:00", "type": "nessus", "title": "Wireshark 3.4.x < 3.4.11 Multiple Vulnerabilities (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4186"], "modified": "2021-12-30T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "MACOSX_WIRESHARK_3_4_11.NASL", "href": "https://www.tenable.com/plugins/nessus/156389", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156389);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/12/30\");\n\n script_cve_id(\n \"CVE-2021-4181\",\n \"CVE-2021-4182\",\n \"CVE-2021-4184\",\n \"CVE-2021-4185\",\n \"CVE-2021-4186\"\n );\n script_xref(name:\"IAVB\", value:\"2021-B-0072\");\n\n script_name(english:\"Wireshark 3.4.x < 3.4.11 Multiple Vulnerabilities (macOS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote macOS / Mac OS X host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.4.11. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the wireshark-3.4.11 advisory.\n\n - The Gryphon dissector could crash. It may be possible to make Wireshark crash by injecting a malformed\n packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-4186)\n\n - The RTMPT dissector could go into an infinite loop. It may be possible to make Wireshark consume excessive\n CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed\n packet trace file. (CVE-2021-4185)\n\n - The BitTorrent DHT dissector could go into an infinite loop. It may be possible to make Wireshark crash by\n injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4184)\n\n - The RFC 7468 file parser could go into an infinite loop. It may be possible to make Wireshark consume\n excessive CPU resources by convincing someone to read a malformed packet trace file. (CVE-2021-4182)\n\n - The Sysdig Event dissector could crash. It may be possible to make Wireshark crash by injecting a\n malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4181)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.4.11.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-16\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-17\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-18\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-20\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-21\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 3.4.11 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4186\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_wireshark_installed.nbin\");\n script_require_keys(\"installed_sw/Wireshark\", \"Host/MacOSX/Version\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nvar app_info = vcf::get_app_info(app:'Wireshark');\n\nvar constraints = [\n { 'min_version' : '3.4.0', 'max_version' : '3.4.10', 'fixed_version' : '3.4.11' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-06T18:43:17", "description": "The version of Wireshark installed on the remote Windows host is prior to 3.4.11. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.4.11 advisory.\n\n - The Gryphon dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-4186)\n\n - The RTMPT dissector could go into an infinite loop. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-4185)\n\n - The BitTorrent DHT dissector could go into an infinite loop. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4184)\n\n - The RFC 7468 file parser could go into an infinite loop. It may be possible to make Wireshark consume excessive CPU resources by convincing someone to read a malformed packet trace file. (CVE-2021-4182)\n\n - The Sysdig Event dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4181)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-12-29T00:00:00", "type": "nessus", "title": "Wireshark 3.4.x < 3.4.11 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4186"], "modified": "2021-12-30T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_3_4_11.NASL", "href": "https://www.tenable.com/plugins/nessus/156390", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156390);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/12/30\");\n\n script_cve_id(\n \"CVE-2021-4181\",\n \"CVE-2021-4182\",\n \"CVE-2021-4184\",\n \"CVE-2021-4185\",\n \"CVE-2021-4186\"\n );\n script_xref(name:\"IAVB\", value:\"2021-B-0072\");\n\n script_name(english:\"Wireshark 3.4.x < 3.4.11 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote Windows host is prior to 3.4.11. It is, therefore, affected by multiple\nvulnerabilities as referenced in the wireshark-3.4.11 advisory.\n\n - The Gryphon dissector could crash. It may be possible to make Wireshark crash by injecting a malformed\n packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-4186)\n\n - The RTMPT dissector could go into an infinite loop. It may be possible to make Wireshark consume excessive\n CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed\n packet trace file. (CVE-2021-4185)\n\n - The BitTorrent DHT dissector could go into an infinite loop. It may be possible to make Wireshark crash by\n injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4184)\n\n - The RFC 7468 file parser could go into an infinite loop. It may be possible to make Wireshark consume\n excessive CPU resources by convincing someone to read a malformed packet trace file. (CVE-2021-4182)\n\n - The Sysdig Event dissector could crash. It may be possible to make Wireshark crash by injecting a\n malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4181)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.4.11.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-16\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-17\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-18\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-20\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-21\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 3.4.11 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4186\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"installed_sw/Wireshark\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\n\nvar app_info = vcf::get_app_info(app:'Wireshark', win_local:TRUE);\n\nvar constraints = [\n { 'min_version' : '3.4.0', 'max_version' : '3.4.10', 'fixed_version' : '3.4.11' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:35", "description": "Several wireshark vulnerabilities have been fixed. See the release notes for details. \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-01-03T07:36:40", "type": "mageia", "title": "Updated wireshark packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4186"], "modified": "2022-01-03T07:36:40", "id": "MGASA-2022-0004", "href": "https://advisories.mageia.org/MGASA-2022-0004.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2022-01-08T00:49:57", "description": "VIM (VIsual editor iMproved) is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-01-07T01:17:19", "type": "fedora", "title": "[SECURITY] Fedora 35 Update: vim-8.2.4006-1.fc35", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4136", "CVE-2021-4166", "CVE-2021-4173", "CVE-2021-4186", "CVE-2021-4187"], "modified": "2022-01-07T01:17:19", "id": "FEDORA:244AB30680C7", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-21T01:54:25", "description": "Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich display filter language and the ability to reassemble multiple protocol packets in order to, for example, view a complete TCP stream, save the contents of a file which was transferred over HTTP or CIFS, or play back an RTP audio stream. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-01-20T08:34:44", "type": "fedora", "title": "[SECURITY] Fedora 34 Update: wireshark-3.6.1-1.fc34", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4183", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4186", "CVE-2021-4190"], "modified": "2022-01-20T08:34:44", "id": "FEDORA:B573030E403A", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/R5AEK3XTOIOGCGUILUFISMGX54YJXWGJ/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-21T01:54:25", "description": "Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich display filter language and the ability to reassemble multiple protocol packets in order to, for example, view a complete TCP stream, save the contents of a file which was transferred over HTTP or CIFS, or play back an RTP audio stream. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-01-20T14:55:14", "type": "fedora", "title": "[SECURITY] Fedora 35 Update: wireshark-3.6.1-1.fc35", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4183", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4186", "CVE-2021-4190"], "modified": "2022-01-20T14:55:14", "id": "FEDORA:538BB3108D82", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/Q6XGBKWSQFCVYUN4ZK3O3NJIFP3OAFVT/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-25T01:32:22", "description": "VIM (VIsual editor iMproved) is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-01-24T01:04:20", "type": "fedora", "title": "[SECURITY] Fedora 34 Update: vim-8.2.4068-1.fc34", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4136", "CVE-2021-4166", "CVE-2021-4173", "CVE-2021-4186", "CVE-2021-4187", "CVE-2021-4192", "CVE-2021-4193", "CVE-2021-46059", "CVE-2022-0156", "CVE-2022-0158"], "modified": "2022-01-24T01:04:20", "id": "FEDORA:24C9A3192282", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}