logo
DATABASE RESOURCES PRICING ABOUT US

Wireshark 3.6.x < 3.6.1 Multiple Vulnerabilities

Description

The version of Wireshark installed on the remote Windows host is prior to 3.6.1. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.6.1 advisory. - The RTMPT dissector could go into an infinite loop. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-4185) - The BitTorrent DHT dissector could go into an infinite loop. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-4184) - The pcapng file parser could crash. It may be possible to make Wireshark crash by convincing someone to read a malformed packet trace file. (CVE-2021-4183) - The RFC 7468 file parser could go into an infinite loop. It may be possible to make Wireshark consume excessive CPU resources by convincing someone to read a malformed packet trace file. (CVE-2021-4182) - The Sysdig Event dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-4181) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.


Related