The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

computer vulnerability alert CVE-2016-7175 CVE-2016-7176 CVE-2016-7177

Wireshark: six vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Wireshark.
Vulnerable systems: Debian, Solaris, Wireshark.
Severity of this threat: 2/4.
Consequences of a hack: denial of service on service, denial of service on client.
Pirate's origin: internet client.
Number of vulnerabilities in this bulletin: 6.
Creation date: 08/09/2016.
Références of this weakness: bulletinoct2016, CERTFR-2016-AVI-299, CVE-2016-7175, CVE-2016-7176, CVE-2016-7177, CVE-2016-7178, CVE-2016-7179, CVE-2016-7180, DLA-632-1, DSA-3671-1, VIGILANCE-VUL-20546, wnpa-sec-2016-50, wnpa-sec-2016-51, wnpa-sec-2016-52, wnpa-sec-2016-53, wnpa-sec-2016-54, wnpa-sec-2016-55.

Description of the vulnerability

Several vulnerabilities were announced in Wireshark.

An attacker can send a malicious QNX6 QNET packet, in order to trigger a denial of service. [severity:2/4; CVE-2016-7175, wnpa-sec-2016-50]

An attacker can send a malicious H.225 packet, in order to trigger a denial of service. [severity:2/4; CVE-2016-7176, wnpa-sec-2016-51]

An attacker can send a malicious Catapult DCT2000 packet, in order to trigger a denial of service. [severity:2/4; CVE-2016-7177, wnpa-sec-2016-52]

An attacker can send a malicious UMTS FP packet, in order to trigger a denial of service. [severity:2/4; CVE-2016-7178, wnpa-sec-2016-53]

An attacker can send a malicious Catapult DCT2000 packet, in order to trigger a denial of service. [severity:2/4; CVE-2016-7179, wnpa-sec-2016-54]

An attacker can send a malicious IPMI Trace packet, in order to trigger a denial of service. [severity:2/4; CVE-2016-7180, wnpa-sec-2016-55]
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a computer vulnerability watch. The technology watch team tracks security threats targeting the computer system. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.