Summary
The host is installed with Wireshark and is prone to heap based buffer overflow and denial of service vulnerabilities.
Impact
Successful exploitation could allow attackers to cause a denial of service via via a malformed packet.
Impact Level: Application
Solution
Upgrade to the Wireshark version 1.6.3 or later,
For updates refer to http://www.wireshark.org/download.html
Insight
The flaws are due to
- An error while parsing ERF file format. This could cause wireshark to crash by reading a malformed packet trace file.
- An error in dissect_infiniband_common function in epan/dissectors/packet-infiniband.c in the Infiniband dissector, could dereference a NULL pointer.
Affected
Wireshark version 1.4.0 through 1.4.9 and 1.6.x before 1.6.3
References
- http://anonsvn.wireshark.org/viewvc?view=revision&revision=39500
- http://anonsvn.wireshark.org/viewvc?view=revision&revision=39508
- http://openwall.com/lists/oss-security/2011/11/01/9
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6476
- https://bugzilla.redhat.com/show_bug.cgi?id=750645
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2011-4101, CVE-2011-4102 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Apache Tomcat servlet/JSP container default files
- APC PowerChute Business Edition Unspecified Cross Site Scripting Vulnerability
- Adobe Reader Multiple Unspecified Vulnerabilities Jun06 (Mac OS X)
- Adobe Reader Information Disclosure & Denial of Service Vulnerabilities (Windows)
- Asterisk RTP Comfort Noise Processing Remote Denial of Service Vulnerability