Skip to main content

Wireshark Multiple Vulnerabilities

Last Update Date: 11 Mar 2014 10:24 Release Date: 11 Mar 2014 3814 Views

RISK: Medium Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

Multiple vulnerabilities have been identified in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

  1. An error within the NFS dissector can be exploited to cause a crash.
  2. An error within the M3UA dissector can be exploited to cause a crash. This vulnerability is reported in versions 1.10.0 through 1.10.5.
  3. An error within the RLC dissector can be exploited to cause a crash.
  4. An error within the MPEG file parser can be exploited to cause a buffer overflow via a specially crafted packet trace file. Successful exploitation of this vulnerability may allow execution of arbitrary code.

The vulnerabilities #1, #3, and #4 are reported in versions 1.10.0 through 1.10.5 and 1.8.0 through 1.8.12.


Impact

  • Denial of Service
  • Remote Code Execution

System / Technologies affected

  • Wireshark 1.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 1.10.6 or 1.8.13.

Vulnerability Identifier


Source


Related Link