Summary
This host is installed with Wireshark and is prone to multiple denial of service vulnerabilities.
Impact
Successful exploitation will allow remote attackers to cause a denial of service.
Impact Level: Application
Solution
Upgrade to the Wireshark version 1.6.2 or later,
For updates refer to http://www.wireshark.org/download
Insight
- An error related to an uninitialised variable within the CSN.1 dissector can be exploited to cause a crash.
- A buffer exception handling vulnerability exists that can allow denial of service attacks when processing certain malformed packets.
- An error within the OpenSafety dissector can be exploited to cause a large loop and crash the application.
Affected
Wireshark versions 1.6.x before 1.6.2.
References
Severity
Classification
-
CVE CVE-2011-3482, CVE-2011-3483, CVE-2011-3484 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities