Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - Multiple DoS Vulnerabilities in Wireshark InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Multiple DoS Vulnerabilities in Wireshark

Published: 2006-10-28
Last Updated: 2006-11-01 03:29:49 UTC
by Koon Yaw Tan (Version: 1)
0 comment(s)
Wireshark is reported to have multiple vulnerabilities that could cause it to crash or use up memory when reading a crafted packet. Versions affected are 0.9.8 up to and including 0.99.3.

The HTTP, LDAP, XOT, WBXML, and MIME Multipart dissectors are affected. If AirPcap support is enabled, parsing a WEP key could also sometimes cause it to crash.   

Solution is to upgrade to Wireshark 0.99.4. If not possible, disable HTTP, LDAP, XOT, WBXML, and MIME multipart dissectors.

Note that the advisory is dated 30 Oct 06 and currently, Version 0.99.4 is not available on its download page yet (Thanks to Jim for pointing out this).

Update: (2006-11-01 03:30 UTC) the new version is available.  The download link was messed up for a bit, but that has been fixed.
0 comment(s)
Diary Archives