News
Vigil@nce: Wireshark 1.2, denials of service
February 2010 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
Several vulnerabilities of Wireshark can be used by a remote attacker to create a denial of service.
Severity: 2/4
Consequences: user access/rights, denial of service of service
Provenance: intranet client
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Number of vulnerabilities in this bulletin: 2
Creation date: 28/01/2010
IMPACTED PRODUCTS
Unix - plateform
DESCRIPTION OF THE VULNERABILITY
The Wireshark program captures and displays network packets. Protocols are decoded by dissectors. They are impacted by several vulnerabilities.
An attacker can generate several buffer overflows in the LWRES dissector. [grav:2/4; BID-37985, CVE-2010-0304, wnpa-sec-2010-02]
An attacker can use malformed Kerberos data, in order to stop Wireshark. [grav:1/4]
CHARACTERISTICS
Identifiers: BID-37985, CVE-2010-0304, VIGILANCE-VUL-9386, wnpa-sec-2010-02
