‫ Wireshark Multiple Vulnerabilities

IRCAD2014033184
ID: IRCAD2014033184
Release Date: 2014-03-10
Criticality level: Highly critical
 
Software:

Wireshark 1.x

Description:

Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

1) An error within the NFS dissector can be exploited to cause a crash.

2) An error within the M3UA dissector can be exploited to cause a crash.

This vulnerability is reported in versions 1.10.0 through 1.10.5.

3) An error within the RLC dissector can be exploited to cause a crash.

4) An error within the MPEG file parser can be exploited to cause a buffer overflow via a specially crafted packet trace file.

Successful exploitation of this vulnerability may allow execution of arbitrary code.

The vulnerabilities #1, #3, and #4 are reported in versions 1.10.0 through 1.10.5 and 1.8.0 through 1.8.12.

Solution

Update to version 1.10.6 or 1.8.13.

References:
Wireshark:
Secunia:
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 27 اسفند 1392

امتیاز

امتیاز شما
تعداد امتیازها:0