CVE-2018-11355 : What You Need to Know

Wireshark 2.6.0 had a vulnerability in the RTCP dissector that could lead to a crash. The issue was addressed by preventing a buffer overflow in packet status chunks.

Understanding CVE-2018-11355

This CVE entry addresses a vulnerability in Wireshark 2.6.0 related to the RTCP dissector.

What is CVE-2018-11355?

The vulnerability in Wireshark 2.6.0 could cause the RTCP dissector to crash due to a buffer overflow in packet status chunks. The issue was resolved by implementing a fix in the packet-rtcp.c file.

The Impact of CVE-2018-11355

The vulnerability could potentially lead to a denial of service if exploited by an attacker, causing the RTCP dissector to crash.

Technical Details of CVE-2018-11355

This section provides more in-depth technical information about the CVE.

Vulnerability Description

The vulnerability in Wireshark 2.6.0 allowed for a buffer overflow in packet status chunks within the RTCP dissector, leading to a crash.

Affected Systems and Versions

Affected Version: Wireshark 2.6.0

Exploitation Mechanism

An attacker could exploit this vulnerability by crafting a malicious packet that triggers the buffer overflow in the RTCP dissector, potentially leading to a denial of service.

Mitigation and Prevention

To address CVE-2018-11355 and enhance security, follow these mitigation steps:

Immediate Steps to Take

Update Wireshark to the latest version to apply the necessary security patches.
Avoid opening suspicious or untrusted network captures to reduce the risk of exploitation.

Long-Term Security Practices

Regularly update and patch all software to prevent known vulnerabilities.
Implement network monitoring and intrusion detection systems to identify unusual network activity.

Patching and Updates

Stay informed about security advisories from Wireshark and apply patches promptly to secure your systems.