Wireshark IPMI Dissector Denial Of Service Vulnerability (Win) Network Vulnerability

Summary

This host is installed with Wireshark and is prone to IPMI Dissector Denial of Service vulnerability.

Impact

Successful exploitation will allow attackers to cause Denial of Serivce condition by tricking the user into reading a malformed packet trace file. Impact Level: System/Application

Solution

Upgrade to Wireshark version 1.2.5, http://www.wireshark.org/download.html

Insight

This flaw is due to an error in the IPMI dissector while formatting date/time using strftime.

Affected

Wireshark version 1.2.0 to 1.2.4 on Windows.

References

http://secunia.com/advisories/37842
http://www.vupen.com/english/advisories/2009/3596
http://www.wireshark.org/security/wnpa-sec-2009-09.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4319

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4378

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Firefly MediaServer HTTP Header Multiple DoS Vulnerabilities
CUPS 'scheduler/select.c' Denial Of Service Vulnerability
at32 Reverse Proxy Multiple HTTP Header Fields Denial Of Service Vulnerability
Adobe Flash Media Server Remote Denial of Service Vulnerability (August-2011)
Connect back to SOCKS5 server

Wireshark IPMI Dissector Denial of Service Vulnerability (Win)

Take action and discover your vulnerabilities