Skip Ribbon Commands
Skip to main content
Computer Security Incident Response Team of Mauritius (CERT-MU)

VN-2017-103


Wireshark AMQP/MQ/DOCSIS/GPRS LLC Dissector Bugs Let Remote Users Cause the Target Service to Crash
Severity Rating: Medium
Systems Affected:
  • Wireshark versions 2.2.0 to 2.2.7, 2.0.0 to 2.0.13
Description
Several vulnerabilities have been identified in Wireshark and they can be exploited by remote attackers to cause vulnerable systems to crash. The vulnerabilities reported are as follows:
  •  A remote user can send specially crafted data to cause the target service to enter an infinite loop or crash.
  •  A vulnerability exists that affects the AMQP dissector
  •  A vulnerability exists that affects the MQ dissector
  •  A vulnerability exists that affects the DOCSIS dissector
 Solution
Users are advised to apply updates.
More information is available on:
Vendor Information
Wireshark
 
CVE Information
 
References
Security Tracker
Wireshark
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis