ESB-2021.0424 – [Debian] wireshark: Denial of service – Remote/unauthenticated

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.0424
                         wireshark security update
                              8 February 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           wireshark
Publisher:         Debian
Operating System:  Debian GNU/Linux
Impact/Access:     Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-28030 CVE-2020-26575 CVE-2020-26421
                   CVE-2020-26418 CVE-2020-25863 CVE-2020-25862
                   CVE-2020-15466 CVE-2020-13164 CVE-2020-11647
                   CVE-2020-9431 CVE-2020-9430 CVE-2020-9428
                   CVE-2020-7045 CVE-2019-19553 CVE-2019-16319
                   CVE-2019-13619  

Reference:         ESB-2020.4121
                   ESB-2020.3920
                   ESB-2020.1295

Original Bulletin: 
   https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian LTS Advisory DLA-2547-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                          Adrian Bunk
February 06, 2021                             https://wiki.debian.org/LTS
- - -------------------------------------------------------------------------

Package        : wireshark
Version        : 2.6.20-0+deb9u1
CVE ID         : CVE-2019-13619 CVE-2019-16319 CVE-2019-19553 CVE-2020-7045
                 CVE-2020-9428 CVE-2020-9430 CVE-2020-9431 CVE-2020-11647
                 CVE-2020-13164 CVE-2020-15466 CVE-2020-25862 CVE-2020-25863
                 CVE-2020-26418 CVE-2020-26421 CVE-2020-26575 CVE-2020-28030
Debian Bug     : 958213 974688 974689

Several vulnerabilities were fixed in Wireshark, a network sniffer.

CVE-2019-13619

    ASN.1 BER and related dissectors crash.

CVE-2019-16319

    The Gryphon dissector could go into an infinite loop.

CVE-2019-19553

    The CMS dissector could crash.

CVE-2020-7045

    The BT ATT dissector could crash.

CVE-2020-9428

    The EAP dissector could crash.

CVE-2020-9430

    The WiMax DLMAP dissector could crash.

CVE-2020-9431

    The LTE RRC dissector could leak memory.

CVE-2020-11647

    The BACapp dissector could crash.

CVE-2020-13164

    The NFS dissector could crash.

CVE-2020-15466

    The GVCP dissector could go into an infinite loop.

CVE-2020-25862

    The TCP dissector could crash.

CVE-2020-25863

    The MIME Multipart dissector could crash.

CVE-2020-26418

    Memory leak in the Kafka protocol dissector.

CVE-2020-26421

    Crash in USB HID protocol dissector.

CVE-2020-26575

    The Facebook Zero Protocol (aka FBZERO) dissector
    could enter an infinite loop.

CVE-2020-28030

    The GQUIC dissector could crash.

For Debian 9 stretch, these problems have been fixed in version
2.6.20-0+deb9u1.

We recommend that you upgrade your wireshark packages.

For the detailed security status of wireshark please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/wireshark

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
- -----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmAe/OcACgkQiNJCh6LY
mLHeUxAAprtNtAcO4sZ1bVL6OCpLZyd0HxQ5lFPFpvZWaCzXXDcngk9419kfVDFI
/tbgssx0HKVhcyrqTyb9JJ+WIkTYLt01aR9JmGZX4TBzu2n3el/qyp66iPRhAibn
AtEGIy6FVvqoTXEGTJseRVMssPXjdNKTlYI9qCdZd/UbGS6yhjvjz3BEWTb66C9A
dBpZrOIEO5kMotL2tahWmySvqbxfL7W14XNks3o1d8IK2hJg0YZi8+1InrIYFmRl
FF+nNTswxHfEerR4r893MTFc7mbX+B8ehYfFBQpOSKquvP04f/k0sJGOuatg0z5s
XGQ9PDKEbW0dSH9MGghw4UsUEvhpkGhf1z/iEFbffY8bf0Yq18j/+27zTmg+arV7
10NGXnn4qSg6MZ0wQFxo1noTerhXIAW/6+Uf1KrG5SrAEH+Pp8sJsrALRog7lPa7
bQJaqWsQdyfNBTuoPmKjQMkJtr5Lw0N5v+ro4SB0g4I2KGRYTaTD9bWq4es7jHD6
IpcLx6HO2uZX6osTiErZVcTDDYy23EDe/Tu9p9PF1TN3ACybMQfaUcov3zfRTnlI
ZeWJOMOTx47X+b11uVKETp1eGlovYRuSnfukjp5amVFITcn8lB5rmzhqp5Dgo14p
Zcr2ahh4LDTO9NFliKf0Dh4wQstehE6f94/mkqqxOfakIMMZLJw=
=ds+T
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBYCCa3eNLKJtyKPYoAQjSOQ/9G/LwQ452G13YDXzTQ6+CDI7qYpht7eNY
RGZcdGZQQAt2imCluFILPV5+CaTQmJT8QS1IRt/gKS2PcvbdLt0ZdAWyk/4M2d3I
EiA1lMSrUsIqu7hQ0uAIr4CY+jplsFGdqfAZ1Lj87Gxp2W258JuD3XBvfecj5bu1
pPmoDc1FeJKGaafQF+PeNgSLE4LOmaFIHKl610bm9D2yWbHgqfCny9UmFOTb6eMY
ZQt5p+5DR/7n8F7D/or7gsCM0aJrPGdT6zQ/n4y0s2xBK+dLYAWZsO9rbcH0xQ2r
Q6dYWonSPzxOPqk/hJjj6LHWi5yTaY+wxpocVvsGWWJbrdgZvXcBsWN0P0nIom5S
OIbGWUgIGK6zzfQaOjnkpWZ85Ek+DJSh9QZ1Im50C6ih2iXgfdLGWPYGMDDA9fuI
1YloS7yPesWmTlse7yTibyPeBBWU5OZbti6oibQbO2cCiEsA3gQzyML7yM8W3B4Z
z2jBfd7H/ejpHclsnqhjOnFaMAvq8ZJRTROolgm24O1bwsQaUv/YY/O5supeu4yc
cQyWckVnM/VfJ1MNBnt4d57E5lFBcipj48Cm0VYlrNJICKkrc0hDXHeB82MdFLgo
TdHjprZJU877L+kRmgGCKM+M9wf14jdv5po5JGnZNOTwf3Y0mQdJgHi/Sth+AbMe
zUU6DTG2L2g=
=i4mk
-----END PGP SIGNATURE-----

Read More

The post ESB-2021.0424 – [Debian] wireshark: Denial of service – Remote/unauthenticated appeared first on Malware Devil.

https://malwaredevil.com/2021/02/08/esb-2021-0424-debian-wireshark-denial-of-service-remote-unauthenticated/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-0424-debian-wireshark-denial-of-service-remote-unauthenticated