Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2018.1596 Fuzzing reveals crashes in Wireshark 28 May 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Wireshark Publisher: Wireshark Foundation Operating System: UNIX variants (UNIX, Linux, OSX) Windows Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Denial of Service -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2018-11361 CVE-2018-11360 CVE-2018-11359 CVE-2018-11358 CVE-2018-11357 CVE-2018-11356 CVE-2018-11355 CVE-2018-11354 Original Bulletin: https://www.wireshark.org/security/wnpa-sec-2018-26.html https://www.wireshark.org/security/wnpa-sec-2018-27.html https://www.wireshark.org/security/wnpa-sec-2018-28.html https://www.wireshark.org/security/wnpa-sec-2018-29.html https://www.wireshark.org/security/wnpa-sec-2018-30.html https://www.wireshark.org/security/wnpa-sec-2018-31.html https://www.wireshark.org/security/wnpa-sec-2018-32.html https://www.wireshark.org/security/wnpa-sec-2018-33.html Comment: This bulletin contains eight (8) Wireshark Foundation security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- wnpa-sec-2018-26 - IEEE 1905.1a dissector crash Summary Name: IEEE 1905.1a dissector crash Docid: wnpa-sec-2018-26 Date: May 22, 2018 Affected versions: 2.6.0 Fixed versions: 2.6.1 References: Wireshark bug 14647 CVE-2018-11354 Details Description The IEEE 1905.1a dissector could crash. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.6.1 or later. - -------------------------------------------------------------------------------- wnpa-sec-2018-27 - RTCP dissector crash Summary Name: RTCP dissector crash Docid: wnpa-sec-2018-27 Date: May 22, 2018 Affected versions: 2.6.0 Fixed versions: 2.6.1 References: Wireshark bug 14673 CVE-2018-11355 Details Description The RTCP dissector could crash. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.6.1 or later. - -------------------------------------------------------------------------------- wnpa-sec-2018-28 - Multiple dissectors could consume excessive memory Summary Name: Multiple dissectors could consume excessive memory Docid: wnpa-sec-2018-28 Date: May 22, 2018 Affected versions: 2.6.0, 2.4.0 to 2.4.6, 2.2.0 to 2.2.14 Fixed versions: 2.6.1, 2.4.7, 2.2.15 References: Wireshark bug 14678 CVE-2018-11357 Details Description The LTP dissector and other dissectors could consume excessive memory. Discovered by the OSS-Fuzz project. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.6.1, 2.4.7, 2.2.15 or later. - -------------------------------------------------------------------------------- wnpa-sec-2018-29 - DNS dissector crash Summary Name: DNS dissector crash Docid: wnpa-sec-2018-29 Date: May 22, 2018 Affected versions: 2.6.0, 2.4.0 to 2.4.6, 2.2.0 to 2.2.14 Fixed versions: 2.6.1, 2.4.7, 2.2.15 References: Wireshark bug 14681 CVE-2018-11356 Details Description The DNS dissector could crash. Discovered by the OSS-Fuzz project. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.6.1, 2.4.7, 2.2.15 or later. - -------------------------------------------------------------------------------- wnpa-sec-2018-30 - GSM A DTAP dissector crash Summary Name: GSM A DTAP dissector crash Docid: wnpa-sec-2018-30 Date: May 22, 2018 Affected versions: 2.6.0, 2.4.0 to 2.4.6, 2.2.0 to 2.2.14 Fixed versions: 2.6.1, 2.4.7, 2.2.15 References: Wireshark bug 14688 CVE-2018-11360 Details Description The GSM A DTAP dissector could crash. Discovered by the OSS-Fuzz project. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.6.1, 2.4.7, 2.2.15 or later. - -------------------------------------------------------------------------------- wnpa-sec-2018-31 ? Q.931 dissector crash Summary Name: Q.931 dissector crash Docid: wnpa-sec-2018-31 Date: May 22, 2018 Affected versions: 2.6.0, 2.4.0 to 2.4.6, 2.2.0 to 2.2.14 Fixed versions: 2.6.1, 2.4.7, 2.2.15 References: Wireshark bug 14689 CVE-2018-11358 Details Description The Q.931 dissector could crash. Discovered by the OSS-Fuzz project. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.6.1, 2.4.7, 2.2.15 or later. - -------------------------------------------------------------------------------- wnpa-sec-2018-32 - IEEE 802.11 dissector crash Summary Name: IEEE 802.11 dissector crash Docid: wnpa-sec-2018-32 Date: May 22, 2018 Affected versions: 2.6.0 Fixed versions: 2.6.1 References: Wireshark bug 14686 CVE-2018-11361 Details Description The IEEE 802.11 dissector could crash. Discovered by the OSS-Fuzz project. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.6.1 or later. - -------------------------------------------------------------------------------- wnpa-sec-2018-33 - Multiple dissectors could crash Summary Name: Multiple dissectors could crash Docid: wnpa-sec-2018-33 Date: May 22, 2018 Affected versions: 2.6.0, 2.4.0 to 2.4.6, 2.2.0 to 2.2.14 Fixed versions: 2.6.1, 2.4.7, 2.2.15 References: Wireshark bug 14703 CVE-2018-11359 Details Description The RRC dissector and other dissectors could crash. Impact It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 2.6.1, 2.4.7, 2.2.15 or later. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWwtIYWaOgq3Tt24GAQgzLBAAy4dn2BoCCE4nKBxv7ZzPS4+c9SEN+eh/ xIuK/fvwOKISLb9DIl4Hcj3S6OtwUbkNak7rkyyKaGUUoZCuE+hxq7acJiDIPTAC D9e53qtKStx9MeHU/481CYYD9Kg+7pYpzoSE2bj9JZ+ZlP+Y8IDPyltLdm+Eh300 KbHuLsYtPIzhTehwdhlKu7BGin00VJZtLMHRekvi02TtMuSJOgC74D8jQcbFApbh Dypel2h/0TABmmU6etL5ry7L40IvL0EC+Up058sjobhxKvbATUSRJ+JCxbOE0LJ0 psFvXMPnULOWO2YhkwNPN0opGbQCA442zgXRBS4c8I8QS/pk7Tlx27oAqgdxVtW6 Eyhm25s0FMQ4O61grm+JOxXLf7fUdkIp6X5ND7vh70fyz9fkXRA+YOo24xQAk2q8 Lvrl39PObvnt1rYEIfm+NXYVnLQKyLvUFNuWUsKmXPQBko/3781hgtYrv60+EAsJ bF4AQxsBSsM5lD7YXyO1POgzOXC5kKXem+U50h9qsH+6Vftm2VyO6+p36AgywthJ vbORYoN4gwBMYPfXzsKFTaBnEnvt0ZHzzFWz42EJJMD7q8ZSKUuPpK0OoXjjsUyn kPwk+mgmQZ0wEfB0CIoAZfbmkydLi2/2fA7tyv7c5X/nTqBK8Ra5sZG6lwwMqFJb thMYX67Gcqk= =Xitv -----END PGP SIGNATURE-----