Summary
This host is installed with Wireshark and is prone to denial of service vulnerability.
Impact
Successful exploitation allows attackers to cause the application to enter into an infinite loop and crash it.
Impact Level: Application.
Solution
Upgrade to Wireshark 1.2.18 or later
For updates refer to http://www.wireshark.org/download.html
Insight
The flaw is due to an error in Lucent/Ascend file parser when processing malicious packets.
Affected
Wireshark version 1.2.0 to 1.2.17, 1.4.0 to 1.4.7 and 1.6.0
References
Severity
Classification
-
CVE CVE-2011-2597 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- AyeView GIF Image Handling Denial of Service Vulnerability
- Beckhoff TwinCAT 'TCATSysSrv.exe' Network Packet Denial of Service Vulnerability
- Apache Subversion 'mod_dav_svn' Module Multiple DoS Vulnerabilities
- freeFTPD PORT Command Denial of Service Vulnerability
- at32 Reverse Proxy Multiple HTTP Header Fields Denial Of Service Vulnerability