Vigil@nce: Wireshark 1.4, four vulnerabilities
April 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
Several vulnerabilities of Wireshark can be used by a remote
attacker to create a denial of service or to execute code.
– Severity: 2/4
– Creation date: 28/03/2012
IMPACTED PRODUCTS
– Wireshark
DESCRIPTION OF THE VULNERABILITY
The Wireshark program captures and displays network packets.
Protocols are decoded by dissectors. They are impacted by several
vulnerabilities.
An attacker can force the ANSI-A dissector to dereference a NULL
pointer. [severity:1/4; BID-52735, CVE-2012-1593, wnpa-sec-2012-04]
An attacker can create ERF data which stops the pcap and pcap-ng
parsers. [severity:2/4; BID-52737, CVE-2012-1595, wnpa-sec-2012-06]
An attacker can generate an allocation error in the MP2T
dissector, in order to stop it. [severity:1/4; BID-52736,
CVE-2012-1596, wnpa-sec-2012-07]
An attacker can use invalid ASN.1 DER data, which generate an
overflow in applications linked to GNU Libtasn1, and leads to a
denial of service or to code execution (VIGILANCE-VUL-11466).
[severity:2/4; BID-52668, CVE-2012-1569]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Wireshark-1-4-four-vulnerabilities-11491