Wireshark Multiple Denial Of Service Vulnerabilities (Windows) Network Vulnerability

Summary

This host is installed with Wireshark and is prone to multiple denial of service vulnerabilities.

Impact

Successful exploitation will allow remote attackers to cause a denial of service. Impact Level: Application

Solution

Upgrade to the Wireshark version 1.6.2 or later, For updates refer to http://www.wireshark.org/download

Insight

- An error related to an uninitialised variable within the CSN.1 dissector can be exploited to cause a crash. - A buffer exception handling vulnerability exists that can allow denial of service attacks when processing certain malformed packets. - An error within the OpenSafety dissector can be exploited to cause a large loop and crash the application.

Affected

Wireshark versions 1.6.x before 1.6.2.

References

http://secunia.com/advisories/45927/
http://www.wireshark.org/security/wnpa-sec-2011-12.html
http://www.wireshark.org/security/wnpa-sec-2011-14.html
http://www.wireshark.org/security/wnpa-sec-2011-16.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-3482, CVE-2011-3483, CVE-2011-3484

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

ClamAV Remote Denial of Service Vulnerability
F-PROT AV 'ELF' Header Denial of Service Vulnerability
ClamAV 'cli_pdf()' and 'cli_scanicon()' Denial of Service Vulnerabilities (Win
Apache Subversion 'mod_dav_svn' Module Multiple DoS Vulnerabilities
Apple Safari WebKit Property Memory Leak Remote DoS Vulnerability

Wireshark Multiple Denial of Service Vulnerabilities (Windows)

Take action and discover your vulnerabilities