[arch-security] [ASA-201608-20] wireshark-cli: denial of service

Christian Rebischke Chris.Rebischke at archlinux.org
Sat Aug 27 20:31:05 UTC 2016


Arch Linux Security Advisory ASA-201608-20
==========================================

Severity: Low
Date    : 2016-08-27
CVE-ID  : CVE-2016-6505 CVE-2016-6506 CVE-2016-6508 CVE-2016-6509 
          CVE-2016-6510 CVE-2016-6511 CVE-2016-6512 CVE-2016-6513
Package : wireshark-cli
Type    : denial of service
Remote  : Yes
Link    : https://wiki.archlinux.org/index.php/CVE

Summary
=======

The package wireshark-cli before version 2.0.5-1 is vulnerable to denial
of service.

Resolution
==========

Upgrade to 2.0.5-1.

# pacman -Syu "wireshark-cli>=2.0.5-1"

The problem has been fixed upstream in version 2.0.5.

Workaround
==========

None.

Description
===========

- CVE-2016-6505 (denial of service)

It may be possible to make Wireshark crash by injecting a malformed
packet onto the wire or by convincing someone to read a malformed packet
trace file.

- CVE-2016-6506 (denial of service)

It may be possible to make Wireshark consume excessive CPU resources by
injecting a malformed packet onto the wire or by convincing someone to
read a malformed packet trace file.

- CVE-2016-6508 (denial of service)

It may be possible to make Wireshark consume excessive CPU resources by
injecting a malformed packet onto the wire or by convincing someone to
read a malformed packet trace file.

- CVE-2016-6509 (denial of service)

It may be possible to make Wireshark crash by injecting a malformed
packet onto the wire or by convincing someone to read a malformed packet
trace file.

- CVE-2016-6510 (denial of service)

It may be possible to make Wireshark crash by injecting a malformed
packet onto the wire or by convincing someone to read a malformed packet
trace file.

- CVE-2016-6511 (denial of service)

It may be possible to make Wireshark consume excessive CPU resources by
injecting a malformed packet onto the wire or by convincing someone to
read a malformed packet trace file.

- CVE-2016-6512 (denial of service)

It may be possible to make Wireshark crash by injecting a malformed
packet onto the wire or by convincing someone to read a malformed packet
trace file.

- CVE-2016-6513 (denial of service)

It may be possible to make Wireshark crash by injecting a malformed
packet onto the wire or by convincing someone to read a malformed packet
trace file.

Impact
======

A remote attacker is able to crash or make wireshark consume excessive
CPU resources by injecting a malformed packet or convincing someone to
read a malformed packet trace.

References
==========

https://access.redhat.com/security/cve/CVE-2016-6505
https://access.redhat.com/security/cve/CVE-2016-6506
https://access.redhat.com/security/cve/CVE-2016-6508
https://access.redhat.com/security/cve/CVE-2016-6509
https://access.redhat.com/security/cve/CVE-2016-6510
https://access.redhat.com/security/cve/CVE-2016-6511
https://access.redhat.com/security/cve/CVE-2016-6512
https://access.redhat.com/security/cve/CVE-2016-6513
http://www.wireshark.org/security/wnpa-sec-2016-41.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12577
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=94e97e45cf614c7bb8fe90c23df52910246b2c95
http://www.wireshark.org/security/wnpa-sec-2016-42.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12594
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a9d5256890c9189c7461bfce6ed6edce5d861499
http://www.wireshark.org/security/wnpa-sec-2016-44.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12660
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6cf9616df68a4db7e436bb77392586ff9ad84feb
http://www.wireshark.org/security/wnpa-sec-2016-45.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12662
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5a469ddc893f7c1912d0e15cc73bd3011e6cc2fb
http://www.wireshark.org/security/wnpa-sec-2016-46.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12664
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=47a5fa850b388fcf4ea762073806f01b459820fe
http://www.wireshark.org/security/wnpa-sec-2016-47.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12659
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=56706427f53cc64793870bf072c2c06248ae88f3
http://www.wireshark.org/security/wnpa-sec-2016-48.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12661
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2193bea3212d74e2a907152055e27d409b59485e
http://www.wireshark.org/security/wnpa-sec-2016-49.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12663
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=347f071f1b9180563c28b0f3d0627b91eb456c72
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20160827/99fa39c8/attachment.asc>


More information about the arch-security mailing list