Threat Level: green Handler on Duty: Pasquale Stirparo

SANS ISC: Wireshark (ex Ethereal) multiple vulnerabilities - Internet Security | DShield SANS ISC InfoSec Forums

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Wireshark (ex Ethereal) multiple vulnerabilities
Multiple vulnerabilities have been reported in Wireshark dissectors (dissectors are Wireshark modules which analyze particular protocols ? hundreds of protocols are supported), as usually. Reported vulnerabilities can cause a denial of service (resulting in Wireshark crashing), but also remote execution.

The SCSI, DHCP and SSCOP dissectors are affected. Besides these dissectors, the IPsec ESP preference parser is also affected, when Wireshark is compiled with ESP decryption support (this is probably the case in most installations).

The new version (0.99.3), available at, fixes all these vulnerabilities.

If, for some reason, you can't upgrade, some workarounds are available at (the original advisory). Basically, what you can do is turn off dissectors for affected protocols and disable ESP decryption.

Web App Penetration Testing and Ethical Hacking - SANS Dublin 2018


373 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!