Vigil@nce - Wireshark 1.6: three vulnerabilities
November 2011 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
Several vulnerabilities of Wireshark can be used by a remote
attacker to create a denial of service or to execute code.
Severity: 2/4
Creation date: 02/11/2011
IMPACTED PRODUCTS
– Fedora
– Mandriva Linux
– Wireshark
DESCRIPTION OF THE VULNERABILITY
The Wireshark program captures and displays network packets.
Protocols are decoded by dissectors. They are impacted by several
vulnerabilities.
An attacker can use CSN.1 data, in order to force the usage of an
uninitialized variable, leading to a denial of service.
[severity:1/4; BID-50479, CVE-2011-4100, wnpa-sec-2011-17]
An attacker can force the Infiniband dissector to dereference a
NULL pointer, leading to a denial of service. [severity:1/4;
BID-50481, CVE-2011-4101, wnpa-sec-2011-18]
An attacker can invite the victim to read a malicious ERF file, in
order to create a buffer overflow. [severity:2/4; BID-50486,
CVE-2011-4102, wnpa-sec-2011-19]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Wireshark-1-6-three-vulnerabilities-11116