Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA12409
HistoryDec 29, 2021 - 12:00 a.m.

KLA12409 Multiple vulnerabilities in Wireshark

2021-12-2900:00:00
Kaspersky Lab
threats.kaspersky.com
69

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.1 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

69.5%

JSON

Detect date:

12/29/2021

Severity:

Warning

Description:

Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service.

Affected products:

Wireshark 3.4.x earlier than 3.4.11
Wireshark 3.6.x earlier than 3.6.1

Solution:

Update to the latest version
Download Wireshark

Original advisories:

RTMPT dissector infinite loop
BitTorrent DHT dissector infinite loop
RFC 7468 file parser infinite loop
Sysdig Event dissector crash

Impacts:

DoS

Related products:

Wireshark

CVE-IDS:

CVE-2021-41857.5Critical
CVE-2021-41817.5Critical
CVE-2021-41827.5Critical
CVE-2021-41847.5Critical

Related

altlinux 2
openvas 8
nessus 13
mageia 1
suse 1
photon 4
fedora 2
debian 1
osv 5
veracode 4
ubuntucve 4
cbl_mariner 4
prion 4
debiancve 4
redhatcve 4
cnvd 4
cve 4
alpinelinux 4
gentoo 1
oracle 1
altlinux
altlinux
Security fix for the ALT Linux 9 package wireshark version 3.6.1-alt1
2022-01-03 00:00:00
Security fix for the ALT Linux 10 package wireshark version 3.6.1-alt1
2022-01-20 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0004)
2022-01-28 00:00:00
openSUSE: Security Advisory for wireshark (openSUSE-SU-2022:0375-1)
2022-02-15 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:0375-1)
2022-02-15 00:00:00
nessus
nessus
Wireshark 3.4.x < 3.4.11 Multiple Vulnerabilities
2021-12-29 00:00:00
Wireshark 3.4.x < 3.4.11 Multiple Vulnerabilities (macOS)
2021-12-29 00:00:00
Wireshark 3.6.x < 3.6.1 Multiple Vulnerabilities (macOS)
2021-12-29 00:00:00
mageia
mageia
Updated wireshark packages fix security vulnerability
2022-01-03 10:36:40
suse
suse
Security update for wireshark (moderate)
2022-02-14 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2022-0352
2022-01-13 00:00:00
Important Photon OS Security Update - PHSA-2022-3.0-0352
2022-01-17 00:00:00
Critical Photon OS Security Update - PHSA-2022-0145
2022-01-22 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: wireshark-3.6.1-1.fc35
2022-01-20 14:55:14
[SECURITY] Fedora 34 Update: wireshark-3.6.1-1.fc34
2022-01-20 08:34:44
debian
debian
[SECURITY] [DLA 2967-1] wireshark security update
2022-03-31 21:42:51
osv
osv
wireshark - security update
2022-03-31 00:00:00
CVE-2021-4185
2021-12-30 22:15:10
CVE-2021-4184
2021-12-30 22:15:10
veracode
veracode
Denial Of Service (DoS)
2022-01-29 22:23:49
Denial Of Service (DoS)
2022-01-29 22:24:07
Denial Of Service (DoS)
2022-01-29 22:24:07
ubuntucve
ubuntucve
CVE-2021-4184
2021-12-30 00:00:00
CVE-2021-4185
2021-12-30 00:00:00
CVE-2021-4182
2021-12-30 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-4184 affecting package wireshark 3.4.4-5
2022-06-25 20:53:09
CVE-2021-4185 affecting package wireshark 3.4.4-5
2022-06-25 20:53:09
CVE-2021-4181 affecting package wireshark 3.4.4-5
2022-06-25 20:53:09
prion
prion
Design/Logic Flaw
2021-12-30 22:15:00
Design/Logic Flaw
2021-12-30 22:15:00
Design/Logic Flaw
2021-12-30 22:15:00
debiancve
debiancve
CVE-2021-4181
2021-12-30 22:15:00
CVE-2021-4184
2021-12-30 22:15:00
CVE-2021-4185
2021-12-30 22:15:00
redhatcve
redhatcve
CVE-2021-4184
2022-01-10 18:25:05
CVE-2021-4185
2022-01-10 18:25:05
CVE-2021-4181
2022-01-10 17:55:00
cnvd
cnvd
Wireshark BitTorrent DHT Parser Denial of Service Vulnerability
2022-01-04 00:00:00
Wireshark RTMPT Parser Denial of Service Vulnerability
2022-01-04 00:00:00
Wireshark Sysdig Event Parser Denial of Service Vulnerability
2022-01-04 00:00:00
cve
cve
CVE-2021-4184
2021-12-30 22:15:00
CVE-2021-4185
2021-12-30 22:15:00
CVE-2021-4181
2021-12-30 22:15:00
alpinelinux
alpinelinux
CVE-2021-4184
2021-12-30 22:15:00
CVE-2021-4185
2021-12-30 22:15:00
CVE-2021-4181
2021-12-30 22:15:00
gentoo
gentoo
Wireshark: Multiple Vulnerabilities
2022-10-16 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2022
2022-04-19 00:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.1 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

69.5%

JSON
Related for KLA12409
altlinux2openvas8nessus13mageia1suse1photon4fedora2debian1osv5veracode4ubuntucve4cbl_mariner4prion4debiancve4redhatcve4cnvd4cve4alpinelinux4gentoo1oracle1