Summary
This host is installed with Wireshark and is prone to denial of service vulnerability.
Impact
Successful exploitation allows attackers to send a specially crafted IKE packet to cause the IKEv1 dissector to enter an infinite loop, which leads to denial of service.
Impact Level: Application.
Solution
Upgrade to the Wireshark version 1.4.9, 1.6.2 or later, For updates refer to http://www.wireshark.org/download.html
Insight
The flaw is due to an error in 'IKEv1' protocol dissector and the function 'proto_tree_add_item()', when add more than 1000000 items to a proto_tree, that will cause a denial of service.
Affected
Wireshark version 1.6.0 to 1.6.1
Wireshark version 1.4.0 to 1.4.8 on Windows
References
Severity
Classification
-
CVE CVE-2011-3266 -
CVSS Base Score: 2.6
AV:N/AC:H/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Kingsoft Antivirus 'KisKrnl.sys' Driver Denial of Service Vulnerability
- Wireshark PPP And NFS Dissector Denial of Service Vulnerabilities (Windows)
- Wireshark Multiple Denial of Service Vulnerabilities - July 12 (Mac OS X)
- Samba 'etc/mtab' File Appending Local Denial of Service Vulnerability
- Oracle VM VirtualBox Local Denial of Service Vulnerability-01 Oct2013 (Windows)