Multiple Denial of Service Vulnerabilities in Wireshark Network Protocol Analyzer


Original Issue Date: November 12, 2009

Severity Rating: Medium

Systems Affected
Wireshark versions 0.10.10 through 1.2.2

Overview
Multiple vulnerabilities have been reported in Wireshark network Protocol
Analyzer which could be exploited by attackers to cause a denial of service
condition on the systems installed with affected version of application.

Description
These vulnerabilities are caused due to errors in the RADIUS
(CVE-2009-2560), DCERPC/NT (CVE-2009-3550), Paltalk
(CVE-2009-3549) and SMB (CVE-2009-3551) dissectors while processing
specially crafted packets or data. This could be exploited by attackers to
crash an affected application or exhaust all available memory resources
thus creating a Denial of Service condition.

Solution
Upgrade to Wireshark version 1.2.3 or 1.0.10:
http://www.wireshark.org/download.html

Vendor Information
Wireshark
http://www.wireshark.org/security/wnpa-sec-2009-08.html
http://www.wireshark.org/security/wnpa-sec-2009-07.html

References
SecurityFocus
http://www.securityfocus.com/bid/36846
Secunia
http://secunia.com/advisories/37175
VUPEN Security
http://www.vupen.com/english/advisories/2009/3061
SecurityTracker
http://www.securitytracker.com/alerts/2009/Oct/1023111.html
CVE Name
CVE-2009-2560
CVE-2009-3549
CVE-2009-3550
CVE-2009-3551

Disclaimer
The information provided herein is on “as is” basis, without warranty of
any kind.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at WordPress.com.

Up ↑

%d bloggers like this: