Summary
This host is installed with Wireshark and is prone to Denial of Service Vulnerability.
Impact
Successful exploitation could result in Denial of Serivce condition.
Impact Level: Application.
Solution
Upgrade to Wireshark 1.0.10 or 1.2.3
http://www.wireshark.org/download.html
Workaround: Disable the affected dissectors,
http://www.wireshark.org/security/wnpa-sec-2009-07.html http://www.wireshark.org/security/wnpa-sec-2009-08.html
Insight
The flaw is due to a NULL pointer dereference error within the 'DCERPC/NT' dissector that can be exploited to cause a crash.
Affected
Wireshark version 0.10.13 to 1.0.9 and 1.2.0 to 1.2.2 on Linux.
References
Severity
Classification
-
CVE CVE-2009-3550 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Dopewars Server 'REQUESTJET' Message Remote Denial of Service Vulnerability
- Adobe Flash Media Server XML Data Remote Denial of Service Vulnerability
- Asterisk Products Invalid SDP SIP Channel Driver DoS Vulnerability
- Apple Safari 'WebKit.dll' Stack Consumption Vulnerability
- FreeType Memory Corruption and Buffer Overflow Vulnerabilities (Windows)