Wireshark Multiple Vulnerabilities
Last Update Date:
11 Mar 2014 10:24
Release Date:
11 Mar 2014
3814
Views
RISK: Medium Risk
TYPE: Security software and application - Security Software & Appliance
Multiple vulnerabilities have been identified in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
- An error within the NFS dissector can be exploited to cause a crash.
- An error within the M3UA dissector can be exploited to cause a crash. This vulnerability is reported in versions 1.10.0 through 1.10.5.
- An error within the RLC dissector can be exploited to cause a crash.
- An error within the MPEG file parser can be exploited to cause a buffer overflow via a specially crafted packet trace file. Successful exploitation of this vulnerability may allow execution of arbitrary code.
The vulnerabilities #1, #3, and #4 are reported in versions 1.10.0 through 1.10.5 and 1.8.0 through 1.8.12.
Impact
- Denial of Service
- Remote Code Execution
System / Technologies affected
- Wireshark 1.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to version 1.10.6 or 1.8.13.
Vulnerability Identifier
Source
Related Link
Share with