Summary
The host is installed with Wireshark and is prone to Stack-based Buffer Overflow Vulnerability.
Impact
Successful exploitation could allow attackers to cause buffer overflow.
Impact Level: Application
Solution
Upgrade to the Wireshark version 1.0.15 or 1.2.10 or later, For updates refer to http://www.wireshark.org/download.html
Insight
The flaw is due to an error in handling 'ASN.1 BER dissector' which could be used to exhaust stack memory.
Affected
Wireshark version 1.2.0 through 1.2.9
Wireshark version 0.10.13 through 1.0.14
References
Severity
Classification
-
CVE CVE-2010-2994 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability (Linux)
- Adobe Reader Buffer Overflow Vulnerability Sep09 (Win)
- Adobe PageMaker Font Structure Multiple BOF Vulnerabilities
- Adobe Reader Integer Overflow Vulnerability - Jan 12 (Linux)
- ClamAV 'find_stream_bounds()' function Buffer Overflow Vulnerability