‫ Wireshark Multiple Vulnerabilities

IRCAD2012102224
 
ID: IRCAD2012102224
Release Date: 2012-10-03
Criticality level: Extremely critical
 
Software:
Wireshark 1.x
 
Description:
Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

1) An error in the HSRP dissector when processing certain packets can be exploited to cause an infinite loop and consume CPU resources.

2) An error in the PPP dissector when processing certain packets can be exploited to cause a crash.

3) An error in the LDP dissector when processing certain packets can be exploited to cause a buffer overflow.
 
Successful exploitation of this vulnerability may allow execution of arbitrary code.

The vulnerabilities are reported in versions prior to 1.8.3.
 
Solution
Update to version 1.8.3.
 
References:
 
Secunia:
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 13 مهر 1391

امتیاز

امتیاز شما
تعداد امتیازها:0