wireshark
Page content
- Author: Miklos Vajna
- Vulnerable: 1.4.6-1nexon1
- Unaffected: 1.4.7-1nexon1
Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service).
- An error in the DICOM dissector can be exploited to cause an infinite loop when processing certain malformed packets.
- An error when processing a Diameter dictionary file can be exploited to cause the process to crash.
- An error when processing a snoop file can be exploited to cause the process to crash.
- An error when processing compressed capture data can be exploited to cause the process to crash.
- An error when processing a Visual Networks file can be exploited to cause the process to crash.
- An error in the “desegment_tcp()” function (epan/dissectors/packet-tcp.c) when handling certain TCP segments can be exploited to dereference a NULL pointer and crash the process.
- Bug Tracker URL: http://bugs.frugalware.org/task/4510
CVEs:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1956
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1957
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1958
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1959
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2174
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2175