ID CVE-2018-18227
Summary In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values.
References
Vulnerable Configurations
  • Wireshark 2.4.0
    cpe:2.3:a:wireshark:wireshark:2.4.0
  • Wireshark 2.4.1
    cpe:2.3:a:wireshark:wireshark:2.4.1
  • Wireshark 2.4.2
    cpe:2.3:a:wireshark:wireshark:2.4.2
  • Wireshark 2.4.3
    cpe:2.3:a:wireshark:wireshark:2.4.3
  • Wireshark 2.4.4
    cpe:2.3:a:wireshark:wireshark:2.4.4
  • Wireshark 2.4.5
    cpe:2.3:a:wireshark:wireshark:2.4.5
  • Wireshark 2.4.6
    cpe:2.3:a:wireshark:wireshark:2.4.6
  • Wireshark 2.4.7
    cpe:2.3:a:wireshark:wireshark:2.4.7
  • Wireshark 2.6.0
    cpe:2.3:a:wireshark:wireshark:2.6.0
  • Wireshark 2.6.1
    cpe:2.3:a:wireshark:wireshark:2.6.1
CVSS
Base: 5.0
Impact:
Exploitability:
CWE CWE-476
CAPEC
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2018-1238.NASL
    description This update for wireshark fixes the following issues : Wireshark was updated to 2.4.10 (bsc#1111647). Following security issues were fixed : - CVE-2018-18227: MS-WSP dissector crash (wnpa-sec-2018-47) - CVE-2018-12086: OpcUA dissector crash (wnpa-sec-2018-50) Further bug fixes and updated protocol support that were done are listed in : https://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html This update was imported from the SUSE:SLE-15:Update update project.
    last seen 2018-12-02
    modified 2018-11-30
    plugin id 118345
    published 2018-10-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118345
    title openSUSE Security Update : wireshark (openSUSE-2018-1238)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-3590-2.NASL
    description This update for wireshark fixes the following issues : Wireshark was updated to 2.4.10 (bsc#1111647). Following security issues were fixed : CVE-2018-18227: MS-WSP dissector crash (wnpa-sec-2018-47) CVE-2018-12086: OpcUA dissector crash (wnpa-sec-2018-50) Further bug fixes and updated protocol support that were done are listed in : https://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-12-08
    modified 2018-12-06
    plugin id 119450
    published 2018-12-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119450
    title SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2018:3590-2)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-3590-1.NASL
    description This update for wireshark fixes the following issues : Wireshark was updated to 2.4.10 (bsc#1111647). Following security issues were fixed : CVE-2018-18227: MS-WSP dissector crash (wnpa-sec-2018-47) CVE-2018-12086: OpcUA dissector crash (wnpa-sec-2018-50) Further bug fixes and updated protocol support that were done are listed in : https://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-12-02
    modified 2018-12-01
    plugin id 118589
    published 2018-11-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118589
    title SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2018:3590-1)
  • NASL family Windows
    NASL id WIRESHARK_2_6_4.NASL
    description The version of Wireshark installed on the remote Windows host is 2.6.x prior to 2.6.4. It is, therefore, affected by multiple vulnerabilities.
    last seen 2018-12-15
    modified 2018-12-14
    plugin id 118207
    published 2018-10-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118207
    title Wireshark 2.6.x < 2.6.4 Multiple Vulnerabilities
  • NASL family Windows
    NASL id WIRESHARK_2_4_10.NASL
    description The version of Wireshark installed on the remote Windows host is 2.4.x prior to 2.4.10. It is, therefore, affected by multiple vulnerabilities.
    last seen 2018-12-15
    modified 2018-12-14
    plugin id 118206
    published 2018-10-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118206
    title Wireshark 2.4.x < 2.4.10 Multiple Vulnerabilities
refmap via4
bid 105583
misc
sectrack 1041909
Last major update 12-10-2018 - 02:29
Published 12-10-2018 - 02:29
Last modified 29-11-2018 - 08:14
Back to Top