Wireshark DOCSIS Dissector DoS Vulnerability

Published: 2010-05-08
Last Updated: 2010-05-08 16:50:50 UTC
by Guy Bruneau (Version: 1)
0 comment(s)

Wireshark issued an update to fix an issue with the DOCSIS (Data Over Cable Service Interface Specification) dissector. It could be exploited by attackers to cause a DoS when processing malformed data, causing a crash of the application.

Affected Products

Wireshark versions 0.9.6 through 1.0.12 Bulletin can be viewed here.
Wireshark versions 1.2.0 through 1.2.7.  Bulletin can be viewed here.

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org

Keywords: Wireshark DoS
0 comment(s)

Microsoft Patch Tuesday May 2010 Pre-Release

Published: 2010-05-08
Last Updated: 2010-05-08 00:20:40 UTC
by Guy Bruneau (Version: 1)
0 comment(s)

Microsoft announced they will be releasing a total of 2 bulletins rated critical that could allow for remote code execution. The vulnerabilities affect Windows 2000, XP and Vista as well as Windows Server 2003, 2008 and 2008 R2. Other affected applications are Office XP, 2003, 2007 and MS Visual Basic. More details available here.

The recent SharePoint Security diary posted on ISC will not be addressed in the May bulletins.

[1] Microsoft Security Response Center Blog

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org

Intéresser à prendre SANS Sec 503 en français? 
Enregistre toi à http://www.sans.org/nice-2010/ pour le Communité SANS à Nice, France - du 21 au 26 juin 2010
0 comment(s)

Comments


Diary Archives