SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Wireshark Vendors:   Wireshark.org
Wireshark Multiple Flaws Let Remote Users Deny Service
SecurityTracker Alert ID:  1025597
SecurityTracker URL:  http://securitytracker.com/id/1025597
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jun 2 2011
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 1.2.0 to 1.2.16, 1.4.0 to 1.4.6
Description:   Multiple vulnerabilities were reported in Wireshark. A remote user can cause denial of service conditions.

A remote user can send specially crafted DICOM data, Visual Networks file, compressed capture data, snoop file, or Diameter dictionary file to cause the target service to crash or enter an infinite loop.

Huzaifa Sidhpurwala of the Red Hat Security Response Team and David Maciejak of Fortinet's FortiGuard Labs reported some of these vulnerabilities.

Impact:   A remote user can cause the target service to crash or enter an infinite loop.
Solution:   The vendor has issued a fix (1.2.17, 1.4.7).

The vendor's advisories are available at:

http://www.wireshark.org/security/wnpa-sec-2011-07.html
http://www.wireshark.org/security/wnpa-sec-2011-08.html

Vendor URL:  www.wireshark.org/security/wnpa-sec-2011-07.html (Links to External Site)
Cause:   State error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC