Wireshark is prone to a remote denial-of-service vulnerability because it fails to properly handle certain types of packets.
An attacker can leverage this issue to crash the affected application, denying service to legitimate users.
Wireshark versions 2.4.0 through 2.4.2, and 2.2.0 through 2.2.10 are vulnerable.
Information
Wireshark Wireshark 2.4
Wireshark Wireshark 2.2.11
Wireshark Wireshark 2.2.10
Wireshark Wireshark 2.2.9
Wireshark Wireshark 2.2.8
Wireshark Wireshark 2.2.7
Wireshark Wireshark 2.2.6
Wireshark Wireshark 2.2.5
Wireshark Wireshark 2.2.4
Wireshark Wireshark 2.2.3
Wireshark Wireshark 2.2.2
Wireshark Wireshark 2.2.1
Wireshark Wireshark 2.2
Wireshark Wireshark 2.4.2
Wireshark Wireshark 2.2.12
Exploit
A sample packet trace file is available in the Wireshark bug report. Please see the references for more information.
References:
- Wireshark Homepage (Wireshark)
- Bug 14236 - Buildbot crash output: fuzz-2017-11-20-16253.pcap (Wireshark)
- wnpa-sec-2017-47 · IWARP_MPA dissector crash (Wireshark)