Wireshark Multiple Vulnerabilities - July09 (Win) Network Vulnerability

Summary

This host is installed with Wireshark and is prone to multiple vulnerabilities.

Impact

Successful exploitation could result in denial of serivce condition. Impact Level: Application

Solution

Upgrade to Wireshark 1.2.1 or later. http://www.wireshark.org/download.html

Insight

- An array index error in the IPMI dissector may lead to buffer overflow via unspecified vectors. - Multiple unspecified vulnerabilities in the Bluetooth L2CAP, MIOP or sFlow dissectors and RADIUS which can be exploited via specially crafted network packets.

Affected

Wireshark version 1.2.0 on Windows

References

http://secunia.com/advisories/35884
http://www.vupen.com/english/advisories/2009/1970
http://www.wireshark.org/security/wnpa-sec-2009-04.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-2559, CVE-2009-2560, CVE-2009-2561

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

CUPS Denial of Service Vulnerability - Jun09
CUPS Empty UDP Datagram DoS Vulnerability
ClamAV 'parseicon()' Denial Of Service Vulnerability
chm2pdf Insecure Temporary File Creation or DoS Vulnerability
Apple Safari Denial of Service Vulnerability (Win) - Apr09

Take action and discover your vulnerabilities