Wireshark Multiple Denial Of Service Vulnerabilities (Mac OS X) Network Vulnerability

Summary

This host is installed with Wireshark and is prone to multiple denial of service vulnerabilities.

Impact

Successful exploitation will allow remote attackers to cause a denial of service. Impact Level: System/Application

Solution

Upgrade to the Wireshark version 1.6.2 or later, For updates refer to http://www.wireshark.org/download

Insight

- An error related to an uninitialised variable within the CSN.1 dissector can be exploited to cause a crash. - A buffer exception handling vulnerability exists that can allow denial of service attacks when processing certain malformed packets. - An error within the OpenSafety dissector can be exploited to cause a large loop and crash the application.

Affected

Wireshark versions 1.6.x before 1.6.2 on Mac OS X

References

http://secunia.com/advisories/45927/
http://www.wireshark.org/security/wnpa-sec-2011-12.html
http://www.wireshark.org/security/wnpa-sec-2011-14.html
http://www.wireshark.org/security/wnpa-sec-2011-16.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-3482, CVE-2011-3483, CVE-2011-3484

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

DB2 DOS
ClamAV 'parseicon()' Denial Of Service Vulnerability
DNS Amplification Attacks
Dopewars Server 'REQUESTJET' Message Remote Denial of Service Vulnerability
CUPS 'scheduler/select.c' Denial Of Service Vulnerability

Wireshark Multiple Denial of Service Vulnerabilities (Mac OS X)

Take action and discover your vulnerabilities