Monday, October 7, 2024
HomeComputer SecurityMultiple Wireshark DOS Vulnerabilities Allows a Remote Attacker to Crash Vulnerable Installations

Multiple Wireshark DOS Vulnerabilities Allows a Remote Attacker to Crash Vulnerable Installations

Published on

Wireshark issued security patches for three critical vulnerabilities that allow an unauthenticated, remote attacker to crash the vulnerable installations leads to DoS condition.

Wireshark is the most famous open source network protocol analyzer used by organizations and individuals for analyzing network packets and displaying detailed information about them.

Cisco demonstrates the Proof-of-concept (PoC) the exploit of this vulnerability is publicly available.

- Advertisement - EHA

Wireshark Security Patches

Bluetooth ATT dissector component – CVE-2018-16056

The vulnerability resides with Bluetooth Attribute Protocol (ATT) dissector component allows an attacker could exploit the vulnerability by injecting a malicious packet into a network that to be processed by the vulnerable application or by convincing a user to open the malicious packet trace file.

Successful exploitation of the vulnerability could crash the Bluetooth ATT dissector component resulting in a DoS condition.

The vulnerability affects 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, it has been fixed with 2.6.3, 2.4.9, and 2.2.17 and they are available to download from here.

Radiotap dissector component – CVE-2018-16057

The vulnerability is because of insufficient bound checks with eee80211_radiotap_iterator_next() the function allows an attacker could exploit the vulnerability by injecting a malicious packet into the network that to be processed by the vulnerable application or by convincing a user to open the malicious packet trace file.

Successful exploitation of the vulnerability could crash the Radiotap dissector component resulting in a DoS condition. The vulnerability affects 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, it has been fixed with 2.6.3, 2.4.9, and 2.2.17.

Audio/Video Distribution Transport Protocol – CVE-2018-16058

The vulnerability exists as the source code epan/dissectors/packet-btavdtp.c of the vulnerable software improperly initializes the data structure. An attacker could exploit the vulnerability by injecting a malicious packet into a network that to be processed by the vulnerable application or by convincing a user to open the malicious packet trace file.

Successful exploitation of the vulnerability could crash the AVDTP dissector component resulting in a DoS condition. The vulnerability affects 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, it has been fixed with 2.6.3, 2.4.9, and 2.2.17.

Cisco recommends administrators to both firewall and antivirus applications to minimize the impact of threats and IP based ACL to allow only trusted IP’s to access the vulnerable system.

Also Read

Cisco Released Security Updates for Multiple Vulnerabilities that Affected Cisco Products

16 Years Old Australian Teen Hacked into Apple’s Secure Network & Download the Sensitive Files

Perform Vulnerability Scanning in Your Network using Maltego

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Chinese Group Hacked US Court Wiretap Systems

Chinese hackers have infiltrated the networks of major U.S. broadband providers, gaining access to...

19.6K+ Public Zimbra Installations Vulnerable to Code Execution Attacks – CVE-2024-45519

A critical vulnerability in Zimbra's postjournal service, identified as CVE-2024-45519, has left over 19,600...

Prince Ransomware Hits UK and US via Royal Mail Phishing Scam

A new ransomware campaign targeting individuals and organizations in the UK and the US...

Microsoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking Group

Microsoft and the U.S. Department of Justice (DOJ) have successfully dismantled a network of...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Hackers Now Exploit Ivanti Endpoint Manager Vulnerability to Launch Cyber Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new...

CISA Warns of Four Vulnerabilities that Exploited Actively in the Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has warned about four critical vulnerabilities currently...

Open Source C3 Frameworks Used In Red Teaming Assessments Vulnerable To RCE Attacks

C2 frameworks, crucial for post-exploitation operations, offer open-source alternatives to Cobalt Strike. They streamline...