Summary
This host is installed with Wireshark and is prone to denial of service vulnerability.
Impact
Successful exploitation allows attackers to crash an affected application, denying service to legitimate users.
Impact Level: Application
Solution
Upgrade to Wireshark version 1.4.8 or 1.6.1 or later, For updates refer to http://www.wireshark.org/download.html
Insight
The flaw is caused to an infinite loop was found in the way ANSI A interface dissector of the Wireshark network traffic analyzer processed certain ANSI A MAP capture files. If Wireshark read a malformed packet off a network or opened a malicious packet capture file, it could lead to denial of service.
Affected
Wireshark version 1.6.0
Wireshark version 1.4.x to 1.4.7 on Mac OS X
References
Severity
Classification
-
CVE CVE-2011-2698 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- ClamAV LZH File Unpacking Denial of Service Vulnerability (Linux)
- Denial Of Service Vulnerability in OpenSSL June-09 (Linux)
- Freefloat FTP Server 'ALLO' Command Remote Buffer Overflow Vulnerability
- ClamAV Hash Manager Off-By-One Denial of Service Vulnerability (Win)
- Comodo Internet Security Denial of Service Vulnerability-02