Wireshark Multiple Code Execution and Denial of Service Vulnerabilities

Last Update Date: 20 Apr 2011 10:27 Release Date: 20 Apr 2011 5660 Views

RISK: High Risk

High Risk

TYPE: Servers - Network Management

TYPE: Network Management

Multiple vulnerabilities have been identified in Wireshark, which could be exploited by attackers to cause a denial of service or compromise a vulnerable system.

  1. A buffer overflow error in the DECT dissector when processing malformed data, which could allow code execution via malformed packets or a malicious PCAP file.

  2. An error in the NFS dissector when processing malformed data, which could be exploited to crash an affected application.

  3. An error in the X.509if dissector when processing malformed data, which could be exploited to crash an affected application.

Impact

  • Denial of Service
  • Remote Code Execution

System / Technologies affected

  • Wireshark versions 1.4.0 through 1.4.4
  • Wireshark versions 1.2.0 through 1.2.15

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Google Chrome GPU Process Vulnerability

19 Apr 2011 5740 Views

Next

Apple iTunes WebKit Multiple Vulnerabilities

21 Apr 2011 5692 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY