ID CVE-2018-18227
Summary In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values.
References
Vulnerable Configurations
  • Wireshark 2.4.0
    cpe:2.3:a:wireshark:wireshark:2.4.0
  • Wireshark 2.4.1
    cpe:2.3:a:wireshark:wireshark:2.4.1
  • Wireshark 2.4.2
    cpe:2.3:a:wireshark:wireshark:2.4.2
  • Wireshark 2.4.3
    cpe:2.3:a:wireshark:wireshark:2.4.3
  • Wireshark 2.4.4
    cpe:2.3:a:wireshark:wireshark:2.4.4
  • Wireshark 2.4.5
    cpe:2.3:a:wireshark:wireshark:2.4.5
  • Wireshark 2.4.6
    cpe:2.3:a:wireshark:wireshark:2.4.6
  • Wireshark 2.4.7
    cpe:2.3:a:wireshark:wireshark:2.4.7
  • Wireshark 2.6.0
    cpe:2.3:a:wireshark:wireshark:2.6.0
  • Wireshark 2.6.1
    cpe:2.3:a:wireshark:wireshark:2.6.1
CVSS
Base: 5.0
Impact:
Exploitability:
CWE CWE-476
CAPEC
nessus via4
  • NASL family Windows
    NASL id WIRESHARK_2_4_10.NASL
    description The version of Wireshark installed on the remote Windows host is 2.4.x prior to 2.4.10. It is, therefore, affected by multiple vulnerabilities.
    last seen 2019-01-16
    modified 2018-12-14
    plugin id 118206
    published 2018-10-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118206
    title Wireshark 2.4.x < 2.4.10 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2018-1238.NASL
    description This update for wireshark fixes the following issues : Wireshark was updated to 2.4.10 (bsc#1111647). Following security issues were fixed : - CVE-2018-18227: MS-WSP dissector crash (wnpa-sec-2018-47) - CVE-2018-12086: OpcUA dissector crash (wnpa-sec-2018-50) Further bug fixes and updated protocol support that were done are listed in : https://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html This update was imported from the SUSE:SLE-15:Update update project.
    last seen 2019-01-16
    modified 2018-11-30
    plugin id 118345
    published 2018-10-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118345
    title openSUSE Security Update : wireshark (openSUSE-2018-1238)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-3282-1.NASL
    description This update for wireshark fixes the following issues : Wireshark was updated to 2.4.10 (bsc#1111647). Following security issues were fixed : CVE-2018-18227: MS-WSP dissector crash (wnpa-sec-2018-47) CVE-2018-12086: OpcUA dissector crash (wnpa-sec-2018-50) Further bug fixes and updated protocol support that were done are listed in : https://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2019-01-02
    plugin id 120138
    published 2019-01-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120138
    title SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2018:3282-1)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_WIRESHARK_2_6_4.NASL
    description The version of Wireshark installed on the remote macOS / Mac OS X host is 2.4.x prior to 2.4.10 / 2.6.x prior to 2.6.4. It is, therefore, affected by multiple vulnerabilities. - A buffer overflow condition exists in OPC UA applications due to failure to handle exceptional conditions. An unauthenticated remote attacker can exploit this via carefully structured requests to cause a denial of service condition or the execution of arbitrary code. (CVE-2018-12086) - A stack-based buffer overflow condition exists in Liblouis 3.6.0 in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440 due to failure to handle exceptional conditions. An unauthenticated remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2018-12585) - Multiple denial of service vulnerabilities exist in the following protocol dissectors: CoAP, IHS Discovery, the MS-WSP due to improper handling of exceptional conditions. An unauthenticated remote attacker can exploit this to cause Wireshark to crash by injecting a malformed packet onto the wire, or by convincing a user to read a malformed packet trace file. (CVE-2018-18225, CVE-2018-18226, CVE-2018-18227)
    last seen 2019-01-23
    modified 2019-01-22
    plugin id 121309
    published 2019-01-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121309
    title Wireshark 2.4.x < 2.4.10 / 2.6.x < 2.6.4 Multiple Vulnerabilities (macOS)
  • NASL family Windows
    NASL id WIRESHARK_2_6_4.NASL
    description The version of Wireshark installed on the remote Windows host is 2.6.x prior to 2.6.4. It is, therefore, affected by multiple vulnerabilities.
    last seen 2019-01-16
    modified 2018-12-14
    plugin id 118207
    published 2018-10-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118207
    title Wireshark 2.6.x < 2.6.4 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-3590-1.NASL
    description This update for wireshark fixes the following issues : Wireshark was updated to 2.4.10 (bsc#1111647). Following security issues were fixed : CVE-2018-18227: MS-WSP dissector crash (wnpa-sec-2018-47) CVE-2018-12086: OpcUA dissector crash (wnpa-sec-2018-50) Further bug fixes and updated protocol support that were done are listed in : https://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-12-01
    plugin id 118589
    published 2018-11-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118589
    title SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2018:3590-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-3590-2.NASL
    description This update for wireshark fixes the following issues : Wireshark was updated to 2.4.10 (bsc#1111647). Following security issues were fixed : CVE-2018-18227: MS-WSP dissector crash (wnpa-sec-2018-47) CVE-2018-12086: OpcUA dissector crash (wnpa-sec-2018-50) Further bug fixes and updated protocol support that were done are listed in : https://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-12-06
    plugin id 119450
    published 2018-12-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119450
    title SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2018:3590-2)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-4359.NASL
    description Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of service or the execution of arbitrary code.
    last seen 2019-01-16
    modified 2018-12-28
    plugin id 119892
    published 2018-12-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119892
    title Debian DSA-4359-1 : wireshark - security update
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-89413A04E0.NASL
    description New version 2.6.4, contains security fix for CVE-2018-16056, CVE-2018-16057, CVE-2018-16058, CVE-2018-18225, CVE-2018-18226, CVE-2018-18227, CVE-2018-12086. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2019-01-03
    plugin id 120589
    published 2019-01-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120589
    title Fedora 28 : 1:wireshark (2018-89413a04e0)
refmap via4
bid 105583
debian DSA-4359
misc
sectrack 1041909
Last major update 12-10-2018 - 02:29
Published 12-10-2018 - 02:29
Last modified 28-12-2018 - 11:29
Back to Top