[manjaro-security] [ASA-201810-9] wireshark-cli: multiple issues
Remi Gacogne
rgacogne at archlinux.org
Fri Oct 12 20:12:47 CEST 2018
Arch Linux Security Advisory ASA-201810-9
=========================================
Severity: High
Date : 2018-10-12
CVE-ID : CVE-2018-12086 CVE-2018-18225 CVE-2018-18226 CVE-2018-18227
Package : wireshark-cli
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-779
Summary
=======
The package wireshark-cli before version 2.6.4-1 is vulnerable to
multiple issues including arbitrary code execution and denial of
service.
Resolution
==========
Upgrade to 2.6.4-1.
# pacman -Syu "wireshark-cli>=2.6.4-1"
The problems have been fixed upstream in version 2.6.4.
Workaround
==========
None.
Description
===========
- CVE-2018-12086 (arbitrary code execution)
A flaw has been discovered in wireshark >= 2.6.0 and < 2.6.4 in the
OpcUa dissector where a specially crafted structured request could lead
to stack overflow. This could be used by an attacker to crash wireshark
or execute arbitrary code on the affected host by injecting a malformed
packet onto the wire or by convincing someone to read a malformed
packet trace file.
- CVE-2018-18225 (denial of service)
A flaw has been discovered in wireshark >= 2.6.0 and < 2.6.4 in the
CoAP dissector where an invalid frame could lead to NULL-pointer
dereference. This could be used by an attacker to crash wireshark by
injecting a malformed packet onto the wire or by convincing someone to
read a malformed packet trace file.
- CVE-2018-18226 (denial of service)
A flaw has been discovered in wireshark >= 2.6.0 and < 2.6.4 in the
Steam IHS Discovery dissector where dynamically allocated memory was
not properly freed on exception. This could be used by an attacker to
crash wireshark by injecting a malformed packet onto the wire or by
convincing someone to read a malformed packet trace file.
- CVE-2018-18227 (denial of service)
A flaw has been discovered in wireshark >= 2.6.0 and < 2.6.4 in the
MS-WSP dissector where an invalid type could lead to an assertion
failure. This could be used by an attacker to crash wireshark by
injecting a malformed packet onto the wire or by convincing someone to
read a malformed packet trace file.
Impact
======
An attacker can crash wireshark or execute arbitrary code on the
affected host by injecting a malformed packet onto the wire or by
convincing a local user to read a malformed packet trace file.
References
==========
https://www.wireshark.org/docs/relnotes/wireshark-2.6.4.html
https://www.wireshark.org/security/wnpa-sec-2018-50
https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2018-12086.pdf
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commitdiff;h=fc956747a139269a6fb4f67c639e12b3f4e9ccd9
https://www.wireshark.org/security/wnpa-sec-2018-49
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15172
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commitdiff;h=b2bbd9fdf209911d94b23cc33f4daccbceb7fa8a
https://www.wireshark.org/security/wnpa-sec-2018-48
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15171
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commitdiff;h=6e920ddc3cad2886ef07ca1a8e50e2a5c50986f7
https://www.wireshark.org/security/wnpa-sec-2018-47
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15119
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commitdiff;h=536fb9403a5f6bcc060aaa2a1f35d8d0225bb1fd
https://security.archlinux.org/CVE-2018-12086
https://security.archlinux.org/CVE-2018-18225
https://security.archlinux.org/CVE-2018-18226
https://security.archlinux.org/CVE-2018-18227
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.manjaro.org/pipermail/manjaro-security/attachments/20181012/c0c67318/attachment.sig>
More information about the manjaro-security
mailing list