Wireshark NetScaler File Parser 'wiretap/netscaler.c' Infinite Loop Denial of Service Vulnerability

Wireshark is prone to a remote denial-of-service vulnerability because it fails to properly handle certain types of packets.

Attackers can exploit this issue to cause the application to enter an infinite loop which may cause denial-of-service.

Wireshark 2.2.0 through 2.2.5 and 2.0.0 through 2.0.11 are vulnerable.

Information

Bugtraq ID: 97631
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2017-7700

Remote: Yes
Local: No
Published: Apr 12 2017 12:00AM
Updated: Apr 13 2017 07:05PM
Credit: Otto Airamo and Antti Levomäki, Forcepoint.
Vulnerable: Wireshark Wireshark 2.2.5
Wireshark Wireshark 2.2.4
Wireshark Wireshark 2.2.3
Wireshark Wireshark 2.2.2
Wireshark Wireshark 2.2.1
Wireshark Wireshark 2.2
Wireshark Wireshark 2.0.11
Wireshark Wireshark 2.0.10
Wireshark Wireshark 2.0.9
Wireshark Wireshark 2.0.8
Wireshark Wireshark 2.0.7
Wireshark Wireshark 2.0.6
Wireshark Wireshark 2.0.5
Wireshark Wireshark 2.0.3
Wireshark Wireshark 2.0.2
Wireshark Wireshark 2.0.4
Wireshark Wireshark 2.0.1
Wireshark Wireshark 2.0.0

Not Vulnerable: Wireshark Wireshark 2.2.6
Wireshark Wireshark 2.0.12

Exploit

A sample packet trace file is available in the Wireshark bug report. Please see the references for more information.

References:

• Fuzzed netscaler file causes infinite loop in nstrace_set_start_time_v20 (Wireshark)
  
• Wireshark Homepage (Wireshark)
  
• wnpa-sec-2017-14 · NetScaler file parser infinite loop (Wireshark)
  

Source: www.securityfocus.com