Wireshark Denial of Service Vulnerability
Last Update Date:
29 Mar 2012 14:49
Release Date:
29 Mar 2012
4603
Views
RISK: Medium Risk
TYPE: Security software and application - Security Software & Appliance
![TYPE: Security Software & Appliance](/f/bulletin_type/100026/37p37/security-software-and-appliance.png)
Multiple vulnerabilities have been identified in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service).
- A NULL pointer dereference error in the ANSI A dissector can be exploited to cause a crash via a specially crafted packet.
- An error in the IEEE 802.11 dissector can be exploited to cause an infinite loop via a specially crafted packet.
- An error in the MP2T dissector when allocating memory can be exploited to cause a crash via a specially crafted packet.
NOTE: A weakness exists in the pcap and pcap-ng file parsers when reading ERF data and can cause a crash via a specially crafted trace file.
Impact
- Denial of Service
System / Technologies affected
- Wireshark 1.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.- Update to version 1.4.12 or 1.6.6.
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with