Summary
This host is installed with Wireshark and is prone to denial of service vulnerability.
Impact
Successful exploitation will allow attackers to crash the application.
Impact Level: Application
Solution
Upgrade to Wireshark 1.4.2 or later.
For updates refer to http://www.wireshark.org/download
Insight
The flaw is due to an error in 'epan/dissectors/packet-zbee-zcl.c' in the ZigBee ZCL dissector, which allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet.
Affected
Wireshark version 1.4.0 to 1.4.1
References
Severity
Classification
-
CVE CVE-2010-4301 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Avahi Denial of Service Vulnerability
- freeSSHd Pre-Authentication Error Remote DoS Vulnerability
- Dopewars Server 'REQUESTJET' Message Remote Denial of Service Vulnerability
- Adobe Flash Media Server XML Data Remote Denial of Service Vulnerability
- Apache Subversion 'mod_dav_svn' Module Multiple DoS Vulnerabilities