Threat Level: green Handler on Duty: Basil Alawi S.Taher

SANS ISC: InfoSec Handlers Diary Blog - Multiple DoS Vulnerabilities in Wireshark InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Multiple DoS Vulnerabilities in Wireshark

Published: 2006-10-28
Last Updated: 2006-11-01 03:29:49 UTC
by Koon Yaw Tan (Version: 1)
0 comment(s)
Wireshark is reported to have multiple vulnerabilities that could cause it to crash or use up memory when reading a crafted packet. Versions affected are 0.9.8 up to and including 0.99.3.

The HTTP, LDAP, XOT, WBXML, and MIME Multipart dissectors are affected. If AirPcap support is enabled, parsing a WEP key could also sometimes cause it to crash.   

Solution is to upgrade to Wireshark 0.99.4. If not possible, disable HTTP, LDAP, XOT, WBXML, and MIME multipart dissectors.

http://www.wireshark.org/security/wnpa-sec-2006-03.html

Note that the advisory is dated 30 Oct 06 and currently, Version 0.99.4 is not available on its download page yet (Thanks to Jim for pointing out this).

Update: (2006-11-01 03:30 UTC) the new version is available.  The download link was messed up for a bit, but that has been fixed.
Keywords:
0 comment(s)
Diary Archives