Skip to main content

Wireshark PPP and NFS Dissector Denial of Service Vulnerabilities

Last Update Date: 25 Jul 2012 14:59 Release Date: 25 Jul 2012 5231 Views

RISK: High Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

Multiple vulnerabilities have been identified in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service).

  1. An error within the PPP dissector can be exploited to cause a crash via a specially crafted packet.
  2. An error within the NFS dissector can be exploited to consume CPU resources and cause a crash via a specially crafted packet.

Impact

  • Denial of Service

System / Technologies affected

  • Wireshark 1.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 1.8.1, 1.6.9, or 1.4.14.

Vulnerability Identifier


Source


Related Link