Source : Internet
Severity Rating: HIGH
Description : Wireshark Vulnerabilities Expose Flaws in Dissectors and File Parsers
Several vulnerabilities have been identified in Wireshark, primarily affecting the RTPS dissector, BLF file parser, VMS TCPIPtrace file parser, NetScaler file parser, Candump log file parser, and IEEE C37.118 Synchrophasor dissector. These vulnerabilities can potentially be exploited by attackers who can manipulate traffic in a specific manner to target the application.
The vulnerabilities stem from flaws within the mentioned dissectors and file parsers, leaving Wireshark susceptible to security breaches. By leveraging these vulnerabilities, an attacker could pass specially crafted traffic to the application, taking advantage of the weaknesses in the affected components.
Users should remain vigilant and ensure that they are running the most up-to-date version of Wireshark to mitigate the risk of potential exploitation. Regularly applying security updates and following best practices for network monitoring and analysis tools will help maintain a secure environment for network traffic analysis.
Impact : Successful exploitation of these vulnerabilities could allow threat actors to make Wireshark crash or consume excessive CPU resources, to cause denial of service conditions on the targeted system.
Mitigation : Upgrade to Wireshark 4.0.6, 3.6.14 or later as per the below advisory from Wireshark:
Disclaimer : The information provided herein is on “as is” basis, without warranty of any kind.
Take away : Upgrade to Wireshark 4.0.6, 3.6.14 or later as per the below advisory from Wireshark