Cybersecurity specialists report the detection of various vulnerabilities in Wireshark, the popular protocol analyzer used to perform analysis and troubleshoot communications networks, in addition to performing data and protocol analysis. According to the report, successful exploitation of these flaws would allow threat actors to deploy denial of service (DoS) attacks.
Below are brief descriptions of the reported flaws, as well as their respective identification keys and scores according to the Common Vulnerability Scoring System (CVSS).
CVE-2021-4186: Insufficient validation of user-provided inputs in the Gryphon dissector would allow remote threat actors to pass specially crafted traffic over the network and perform a DoS attack on the target system.
This is a medium severity vulnerability and received a CVSS score of 5.7/10.
CVE-2021-4185: An infinite loop in the RTMPT disector would allow remote malicious hackers to send specially crafted traffic over the network, consuming all available system resources and causing a DoS condition.
The flaw received a CVSS score of 6.5/10.
CVE-2021-4184: An infinite loop in BitTorrent’s DHT dissector would allow remote attackers to send specially crafted traffic over the network, consuming system resources and generating a DoS condition.
This is a flaw of medium severity and received a CVSS score of 6.5/10.
CVE-2021-4183: Insufficient validation of user-provided entries in the pcapng file analyzer would allow threat actors to trick victims into opening a malformed packet trace file, deploying a DoS condition.
This is a flaw of medium severity and received a CVSS score of 5.7/10.
CVE-2021-4182: An infinite loop in the RFC 7468 file analyzer would allow remote threat actors to send their victims a specially crafted packet tracking file, thus consuming all the resources of the affected CPU.
The flaw received a CVSS score of 5.7/10.
CVE-2021-4181: Insufficient validation of user-provided inputs in the Sysdig event dissector would allow remote hackers to send specially crafted traffic over the target network, deploying a DoS attack.
This is a medium severity vulnerability and received a CVSS score of 6.5/10.
No CVE key: An infinite loop in the Kafka protocol dissector would allow remote attackers to send specially crafted traffic over the network, consuming the resources of the affected system and resulting in a DoS attack.
The flaw received a CVSS score of 6.5/10.
According to the report, all detected flaws reside in the following Wireshark versions: 3.4.0, 3.4.1, 3.4.2, 3.4.3, 3.4.4, 3.4.5, 3.4.6, 3.4.7, 3.4.8, 3.4.9, 3.4.10 and 3.6.0.
Although flaws can be exploited remotely by unauthenticated threat actors, no active exploitation attempts have been detected so far. Still, users of affected deployments are encouraged to upgrade as soon as possible.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.