Wireshark WBXML Dissector 'packet-wbxml.c' Infinite Loop Denial of Service Vulnerability

Wireshark is prone to a remote denial-of-service vulnerability.

Attackers can exploit this issue to cause the application to enter an infinite loop consuming excessive CPU resources which may cause denial-of-service.

Wireshark 2.2.0 through 2.2.5 and 2.0.0 through 2.0.11 are vulnerable.

Information

Bugtraq ID: 97633
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2017-7702

Remote: Yes
Local: No
Published: Apr 12 2017 12:00AM
Updated: Apr 13 2017 09:05PM
Credit: Otto Airamo and Antti Levomäki, Forcepoint.
Vulnerable: Wireshark Wireshark 2.2.5
Wireshark Wireshark 2.2.4
Wireshark Wireshark 2.2.3
Wireshark Wireshark 2.2.2
Wireshark Wireshark 2.2.1
Wireshark Wireshark 2.2
Wireshark Wireshark 2.0.11
Wireshark Wireshark 2.0.10
Wireshark Wireshark 2.0.9
Wireshark Wireshark 2.0.8
Wireshark Wireshark 2.0.7
Wireshark Wireshark 2.0.6
Wireshark Wireshark 2.0.5
Wireshark Wireshark 2.0.3
Wireshark Wireshark 2.0.2
Wireshark Wireshark 2.0.4
Wireshark Wireshark 2.0.1
Wireshark Wireshark 2.0.0

Not Vulnerable: Wireshark Wireshark 2.2.6
Wireshark Wireshark 2.0.12

Exploit

A sample packet trace file is available in the Wireshark bug report. Please see the references for more information.

References:

• Wireshark Homepage (Wireshark)
  
• Bug 13477 - Fuzzed UDP packet causes large memory usage (Wireshark)
  
• wnpa-sec-2017-13 · WBXML dissector infinite loop (Wireshark)
  

Source: www.securityfocus.com