Wireshark 'DCERPC/NT' Dissector DOS Vulnerability - Nov09 (Linux) Network Vulnerability

Summary

This host is installed with Wireshark and is prone to Denial of Service Vulnerability.

Impact

Successful exploitation could result in Denial of Serivce condition. Impact Level: Application.

Solution

Upgrade to Wireshark 1.0.10 or 1.2.3 http://www.wireshark.org/download.html Workaround: Disable the affected dissectors, http://www.wireshark.org/security/wnpa-sec-2009-07.html http://www.wireshark.org/security/wnpa-sec-2009-08.html

Insight

The flaw is due to a NULL pointer dereference error within the 'DCERPC/NT' dissector that can be exploited to cause a crash.

Affected

Wireshark version 0.10.13 to 1.0.9 and 1.2.0 to 1.2.2 on Linux.

References

http://secunia.com/advisories/37175
http://www.wireshark.org/docs/relnotes/wireshark-1.0.10.html
http://www.wireshark.org/docs/relnotes/wireshark-1.2.3.html
http://xforce.iss.net/xforce/xfdb/54016
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3689

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-3550

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Crash SMC AP
Active Perl Denial of Service Vulnerability Feb 2014 (Windows)
Adobe Reader 'AcroPDF.DLL' Denial of Service Vulnerability (Mac OS X)
Adobe Reader 'AcroPDF.DLL' Denial of Service Vulnerability (Linux)
FreeType Memory Corruption and Buffer Overflow Vulnerabilities (Windows)

Take action and discover your vulnerabilities