Vulnerabilities > CVE-2015-4651 - Resource Management Errors vulnerability in multiple products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.6 does not properly determine whether enough memory is available for storing IP address strings, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 6 | |
| OS | 1 | |
| OS | 1 |
Common Weakness Enumeration (CWE)
Nessus
NASL family SuSE Local Security Checks NASL id OPENSUSE-2015-478.NASL description Wireshark was updated to 1.12.6 to fix two security issues. The following vulnerabilities were fixed : - CVE-2015-4651: The WCCP dissector crashed when reading specially crafted packages from the network or a capture files (wnpa-sec-2015-19, boo#935157). - CVE-2015-4652: The GSM DTAP dissector crashed when reading specially crafted packages from the network or a capture file (wnpa-sec-2015-20, boo#935158). This update also contains further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.12.6.html last seen 2020-06-05 modified 2015-07-13 plugin id 84657 published 2015-07-13 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/84657 title openSUSE Security Update : wireshark (openSUSE-2015-478) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201510-03.NASL description The remote host is affected by the vulnerability described in GLSA-201510-03 (Wireshark: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly cause a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 86688 published 2015-11-02 reporter This script is Copyright (C) 2015-2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/86688 title GLSA-201510-03 : Wireshark: Multiple vulnerabilities NASL family Windows NASL id WIRESHARK_1_12_6.NASL description The version of Wireshark installed on the remote Windows host is 1.12.x prior to 1.12.6. It is, therefore, affected by multiple denial of service vulnerabilities : - An unspecified flaw exists in the WCCP dissector. A remote attacker can exploit this flaw, by injecting a specially crafted packet or by convincing a user to open a malformed PCAP file, to crash the application. (CVE-2015-4651) - An unspecified flaw exists in the GSM DTAP dissector. A remote attacker can exploit this flaw, by injecting a specially crafted packet or by convincing a user to open a malformed PCAP file, to crash the application. (CVE-2015-4652) Note that Nessus has not tested for these issues but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 84398 published 2015-06-25 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/84398 title Wireshark 1.12.x < 1.12.6 Multiple DoS Vulnerabilities NASL family Debian Local Security Checks NASL id DEBIAN_DSA-3294.NASL description Multiple vulnerabilities were discovered in the dissectors for WCCP and GSM DTAP, which could result in denial of service. The oldstable distribution (wheezy) is not affected. last seen 2020-06-01 modified 2020-06-02 plugin id 84350 published 2015-06-24 reporter This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/84350 title Debian DSA-3294-1 : wireshark - security update
References
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11153
- http://www.wireshark.org/security/wnpa-sec-2015-19.html
- http://www.debian.org/security/2015/dsa-3294
- http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
- http://www.securityfocus.com/bid/75317
- http://www.securitytracker.com/id/1032662
- http://lists.opensuse.org/opensuse-updates/2015-07/msg00020.html
- https://security.gentoo.org/glsa/201510-03
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=524ed1df6e6126cd63ba419ccb82c83636d77ee4