Wireshark Multiple Vulnerabilities

Last Update Date: 3 Jul 2012 15:57 Release Date: 3 Jul 2012 5195 Views

RISK: Medium Risk

Medium Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

Multiple vulnerabilities have been identified in Wireshark which can be exploited by malicious people to cause a DoS (Denial of Service).

  1. Infinite and large loops in the ANSI MAP, ASF, BACapp, Bluetooth HCI, IEEE 802.11, IEEE 802.3, LTP, and R3 dissectors can cause Wireshark hang for long or indefinite periods by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
  2. The DIAMETER dissector could try to allocate memory improperly and crash may cause Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
  3. Wireshark could crash on SPARC or Itanium processors due to misaligned memory. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.

Impact

  • Denial of Service

System / Technologies affected

  • Wireshark prior to versions 1.4.13 and 1.6.8.

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Updating to the latest versions of Wireshark

Vulnerability Identifier

Source

Related Link

Share with

Previous

Novell GroupWise WebAccess Directory Traversal Vulnerability

3 Jul 2012 4963 Views

Next

HP Network Node Manager i Input Validation Vulnerability

3 Jul 2012 5007 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY