ID CVE-2018-18226
Summary In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could consume system memory. This was addressed in epan/dissectors/packet-steam-ihs-discovery.c by changing the memory-management approach.
References
Vulnerable Configurations
  • Wireshark 2.6.0
    cpe:2.3:a:wireshark:wireshark:2.6.0
  • Wireshark 2.6.1
    cpe:2.3:a:wireshark:wireshark:2.6.1
CVSS
Base: 7.8
Impact:
Exploitability:
CWE CWE-399
CAPEC
nessus via4
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_WIRESHARK_2_6_4.NASL
    description The version of Wireshark installed on the remote macOS / Mac OS X host is 2.4.x prior to 2.4.10 / 2.6.x prior to 2.6.4. It is, therefore, affected by multiple vulnerabilities. - A buffer overflow condition exists in OPC UA applications due to failure to handle exceptional conditions. An unauthenticated remote attacker can exploit this via carefully structured requests to cause a denial of service condition or the execution of arbitrary code. (CVE-2018-12086) - A stack-based buffer overflow condition exists in Liblouis 3.6.0 in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440 due to failure to handle exceptional conditions. An unauthenticated remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2018-12585) - Multiple denial of service vulnerabilities exist in the following protocol dissectors: CoAP, IHS Discovery, the MS-WSP due to improper handling of exceptional conditions. An unauthenticated remote attacker can exploit this to cause Wireshark to crash by injecting a malformed packet onto the wire, or by convincing a user to read a malformed packet trace file. (CVE-2018-18225, CVE-2018-18226, CVE-2018-18227)
    last seen 2019-01-23
    modified 2019-01-22
    plugin id 121309
    published 2019-01-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121309
    title Wireshark 2.4.x < 2.4.10 / 2.6.x < 2.6.4 Multiple Vulnerabilities (macOS)
  • NASL family Windows
    NASL id WIRESHARK_2_6_4.NASL
    description The version of Wireshark installed on the remote Windows host is 2.6.x prior to 2.6.4. It is, therefore, affected by multiple vulnerabilities.
    last seen 2019-01-16
    modified 2018-12-14
    plugin id 118207
    published 2018-10-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118207
    title Wireshark 2.6.x < 2.6.4 Multiple Vulnerabilities
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-4359.NASL
    description Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of service or the execution of arbitrary code.
    last seen 2019-01-16
    modified 2018-12-28
    plugin id 119892
    published 2018-12-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119892
    title Debian DSA-4359-1 : wireshark - security update
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-89413A04E0.NASL
    description New version 2.6.4, contains security fix for CVE-2018-16056, CVE-2018-16057, CVE-2018-16058, CVE-2018-18225, CVE-2018-18226, CVE-2018-18227, CVE-2018-12086. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2019-01-03
    plugin id 120589
    published 2019-01-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120589
    title Fedora 28 : 1:wireshark (2018-89413a04e0)
refmap via4
bid 105583
debian DSA-4359
misc
sectrack 1041909
Last major update 12-10-2018 - 02:29
Published 12-10-2018 - 02:29
Last modified 28-12-2018 - 11:29
Back to Top