Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Wireshark 1.8.9 and 1.10.1 Security Update - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Wireshark 1.8.9 and 1.10.1 Security Update

Wireshark fixes the following security issues to both versions.

The following dissector could go into a large loop in both versions:

Bluetooth SDP (CVE-2013-4927)
DIS ( CVE-2013-4929)
GSM RR (CVE-2013-4931)

The following parsers/dissectors could crash:

DVB-CI (CVE-2013-4930)
GSM A Common (CVE-2013-4932)
Netmon (CVE-2013-4933 and CVE-2013-4934)
ASN.1 PER (CVE-2013-4935)

The following parsers/dissectors could crash (applies to 1.10.1 only):

DCP ETSI (CVE-2013-4083)
P1 (CVE-2013-4920)
Radiotap (CVE-2013-4921)
DCOM ISystemActivator (CVE-2013-4922, CVE-2013-4923, CVE-2013-4924, CVE-2013-4925, CVE-2013-4926)
Bluetooth OBEX (CVE-2013-4928)
PROFINET (CVE-2013-4936)

Several other bugs have been fixed. A complete list for version 1.8.9 is available here and version 1.10.1 is available here.



Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu


523 Posts
ISC Handler
Jul 28th 2013

Sign Up for Free or Log In to start participating in the conversation!