SANS ISC: Wireshark 1.8.9 and 1.10.1 Security Update

• SANS Site Network
  • Current Site
  • SANS Internet Storm Center
  • Other SANS Sites Help
  • Graduate Degree Programs
  • Security Training
  • Security Certification
  • Security Awareness Training
  • Penetration Testing
  • Industrial Control Systems
  • Cyber Defense Foundations
  • DFIR
  • Software Security
  • Government OnSite Training

SANS ISC InfoSec Forums

Wireshark fixes the following security issues to both versions.

The following dissector could go into a large loop in both versions:

Bluetooth SDP (CVE-2013-4927)
DIS ( CVE-2013-4929)
GSM RR (CVE-2013-4931)

The following parsers/dissectors could crash:

DVB-CI (CVE-2013-4930)
GSM A Common (CVE-2013-4932)
Netmon (CVE-2013-4933 and CVE-2013-4934)
ASN.1 PER (CVE-2013-4935)

The following parsers/dissectors could crash (applies to 1.10.1 only):

DCP ETSI (CVE-2013-4083)
P1 (CVE-2013-4920)
Radiotap (CVE-2013-4921)
DCOM ISystemActivator (CVE-2013-4922, CVE-2013-4923, CVE-2013-4924, CVE-2013-4925, CVE-2013-4926)
Bluetooth OBEX (CVE-2013-4928)
PROFINET (CVE-2013-4936)

Several other bugs have been fixed. A complete list for version 1.8.9 is available here and version 1.10.1 is available here.

[1] http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html
[2] http://www.wireshark.org/docs/relnotes/wireshark-1.8.9.html

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu