Wireshark SMB Dissector Denial Of Service Vulnerability (Windows) Network Vulnerability

Summary

This host is installed with Wireshark and is prone to Denial of Service vulnerability.

Impact

Successful exploitation will allow the attackers to crash an affected application. Impact Level: Application

Solution

Upgrade to Wireshark version 1.0.14 or 1.2.9: For updates refer to http://www.wireshark.org/download.html

Insight

The flaw is caused by a NULL pointer dereference error in the 'SMB' dissector, which could be exploited to crash an affected application via unknown vectors.

Affected

Wireshark version 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8

References

http://secunia.com/advisories/40112
http://www.openwall.com/lists/oss-security/2010/06/11/1
http://www.vupen.com/english/advisories/2010/1418
http://www.wireshark.org/security/wnpa-sec-2010-05.html
http://www.wireshark.org/security/wnpa-sec-2010-06.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-2283

CVSS	Base Score: 3.3 AV:A/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Firefox Browser designMode Null Pointer Dereference DoS Vulnerability - Win
Wireshark Multiple Denial of Service Vulnerabilities - July 12 (Windows)
Microsoft IIS FTP Server 'ls' Command DOS Vulnerability
Wireshark PPP And NFS Dissector Denial of Service Vulnerabilities (Mac OS X)
Wireshark IEEE 802.11 Dissector Denial of Service Vulnerability (Mac OS X)

Wireshark SMB dissector Denial of Service Vulnerability (Windows)

Take action and discover your vulnerabilities