Wireshark Denial of Service Vulnerability
Last Update Date:
29 Mar 2012 14:49
Release Date:
29 Mar 2012
5280
Views
RISK: Medium Risk
TYPE: Security software and application - Security Software & Appliance
Multiple vulnerabilities have been identified in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service).
- A NULL pointer dereference error in the ANSI A dissector can be exploited to cause a crash via a specially crafted packet.
- An error in the IEEE 802.11 dissector can be exploited to cause an infinite loop via a specially crafted packet.
- An error in the MP2T dissector when allocating memory can be exploited to cause a crash via a specially crafted packet.
NOTE: A weakness exists in the pcap and pcap-ng file parsers when reading ERF data and can cause a crash via a specially crafted trace file.
Impact
- Denial of Service
System / Technologies affected
- Wireshark 1.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.- Update to version 1.4.12 or 1.6.6.
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with