njlkak.blogg.se - Download Wireshark 4.0.6

CVE-2023-0666 – RTPS parsing buffer overflow.This vulnerability exists in the blf_read_apptextmessage function of the Wireshark BLF plugin, which can be exploited by sending a crafted string resulting in arbitrary code execution. CVE-2023-2854 – Heap Buffer Overflow blf_read_apptextmessage Function.Alternatively, it can also result in arbitrary code.

CVE-2023-2856 – Stack Buffer Overflow in parse_vms_packet FunctionĪn attacker can exploit this vulnerability by sending a malicious file to wireshark that is read by the parse_vms_packet function resulting in the crash of Wireshark.

CVE-2023-2858 – Heap Buffer Overflow in nstrace_read_v10 FunctionĪn attacker can exploit this vulnerability by sending a malicious packet file that executes an arbitrary code or results in a DoS for Wireshark that crashes the application.

This can result in arbitrary code execution.Īn attacker can exploit this vulnerability by sending a malicious packet which results in excessive CPU resource usage by Wireshark,

CVE-2023-2857 – Heap buffer overflow vulnerability in BLF readerĪn attacker can exploit this vulnerability by sending a maliciously crafted BLF file that affects the blf_pull_logcontainer_into_memory() function.

When opened by Wireshark, this file can crash the application and result in potential code execution. CVE-2023-2855 – Stack-buffer-overflow in candump_write_packetĪn attacker can exploit this vulnerability by sending a specially crafted payload file.Wireshark has fixed 9 existing vulnerabilities in the new release. However, as stated by Wireshark, the official 32-bit Windows packages are no longer shipped.įor users who wish to use Wireshark in 32-bit Windows, it is recommended to go with the latest 3.6 release. With the current release, the latest version of Wireshark is 4.0.6.