Wireshark up to 3.0.0 DCERPC Dissector packet-dcerpc-spoolss.c Packet resource management
CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
---|---|---|
6.4 | $0-$5k | 0.00 |
A vulnerability was found in Wireshark (Packet Analyzer Software). It has been classified as problematic. Affected is an unknown code block of the file epan/dissectors/packet-dcerpc-spoolss.c of the component DCERPC Dissector. The manipulation as part of a Packet leads to a resource management vulnerability. CWE is classifying the issue as CWE-399. This is going to have an impact on availability. CVE summarizes:
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.
The bug was discovered 04/08/2019. The weakness was disclosed 04/09/2019 by Mateusz Jurczyk (Website). The advisory is shared for download at securityfocus.com. This vulnerability is traded as CVE-2019-10903 since 04/05/2019. It is possible to launch the attack remotely. The exploitation doesn't require any form of authentication. There are known technical details, but no exploit is available.
The vulnerability was handled as a non-public zero-day exploit for at least 1 days. During that time the estimated underground price was around $0-$5k. The commercial vulnerability scanner Qualys is able to test this issue with plugin 371730 (Wireshark Multiple Security Vulnerabilities (wnpa-sec-2019-09 to wnpa-sec-2019-18)).
There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Product
Type
Name
Version
- 2.4.0
- 2.4.1
- 2.4.2
- 2.4.3
- 2.4.4
- 2.4.5
- 2.4.6
- 2.4.7
- 2.4.8
- 2.4.9
- 2.4.10
- 2.4.11
- 2.4.12
- 2.4.13
- 2.6.0
- 2.6.1
- 2.6.2
- 2.6.3
- 2.6.4
- 2.6.5
- 2.6.6
- 2.6.7
- 3.0.0
License
CPE 2.3
CPE 2.2
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 6.4VulDB Meta Temp Score: 6.4
VulDB Base Score: 5.3
VulDB Temp Score: 5.3
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 7.5
NVD Vector: 🔍
CVSSv2
AV | AC | Au | C | I | A |
---|---|---|---|---|---|
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
---|---|---|---|---|---|
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Resource managementCWE: CWE-399 / CWE-404
CAPEC: 🔍
ATT&CK: 🔍
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
0-Day | unlock | unlock | unlock | unlock |
---|---|---|---|---|
Today | unlock | unlock | unlock | unlock |
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: no mitigation knownStatus: 🔍
0-Day Time: 🔍
Patch: eafdcfa4b6d5187a5326442a82608ab03d9dddcb
Timeline
04/05/2019 🔍04/08/2019 🔍
04/09/2019 🔍
04/09/2019 🔍
04/09/2019 🔍
08/27/2023 🔍
Sources
Product: wireshark.orgAdvisory: USN-3986-1⛔
Researcher: Mateusz Jurczyk
Status: Confirmed
CVE: CVE-2019-10903 (🔍)
SecurityFocus: 107834 - Wireshark Multiple Denial of Service Vulnerabilities
Entry
Created: 04/09/2019 09:34Updated: 08/27/2023 14:58
Changes: 04/09/2019 09:34 (61), 05/27/2020 16:26 (5), 08/27/2023 14:58 (5)
Complete: 🔍
Cache ID: 18:9DE:103
No comments yet. Languages: en.
Please log in to comment.