Summary
This host is installed with Wireshark and is prone to denial of service vulnerability.
Impact
Successful exploitation allows attackers to crash an affected application, denying service to legitimate users.
Impact Level: Application.
Solution
Upgrade to Wireshark version 1.4.8 or 1.6.1 or later, For updates refer to http://www.wireshark.org/download.html
Insight
The flaw is caused to an infinite loop was found in the way ANSI A Interface dissector of the Wireshark network traffic analyser processed certain ANSI A MAP capture files. If Wireshark read a malformed packet off a network or opened a malicious packet capture file, it could lead to denial of service.
Affected
Wireshark version 1.6.0
Wireshark version 1.4.x through 1.4.7
References
Severity
Classification
-
CVE CVE-2011-2698 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- at32 Reverse Proxy Multiple HTTP Header Fields Denial Of Service Vulnerability
- ClamAV 'cli_pdf()' and 'cli_scanicon()' Denial of Service Vulnerabilities (Win
- Dopewars Server 'REQUESTJET' Message Remote Denial of Service Vulnerability
- ArGoSoft FTP Server XCWD Overflow
- Apple Safari Denial Of Service Vulnerability - Jul09