Wireshark Denial Of Service And Buffer Overflow Vulnerabilities (Windows) Network Vulnerability

Summary

The host is installed with Wireshark and is prone to Denial of Service and buffer overflow vulnerabilities.

Impact

Successful exploitation could allow attackers to overflow a buffer and execute arbitrary code on the system or cause the application to crash. Impact Level: Application

Solution

Upgrade to the Wireshark version 1.4.5 or later, For updates refer to http://www.wireshark.org/download.html

Insight

The flaws are due to: - a buffer overflow error in the 'DECT' dissector when processing malformed data, which could allow code execution via malformed packets or a malicious PCAP file. - an error in the 'NFS' dissector when processing malformed data, which could be exploited to crash an affected application.

Affected

Wireshark version 1.4.0 through 1.4.4

References

http://secunia.com/advisories/44172
http://www.vupen.com/english/advisories/2011/1022
http://www.wireshark.org/security/wnpa-sec-2011-06.html
http://xforce.iss.net/xforce/xfdb/66834

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-1591, CVE-2011-1592

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Mac OS X
Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities (Linux)
Adobe Acrobat Sandbox Bypass Vulnerability - Aug14 (Windows)
Adobe Acrobat Multiple Unspecified Vulnerabilities -01 Feb13 (Windows)
Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Windows)

Wireshark Denial of Service and Buffer Overflow Vulnerabilities (Windows)

Take action and discover your vulnerabilities