Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique





















Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce - Wireshark: denial of service via ASN.1/BER

September 2010 by Vigil@nce

This bulletin was written by Vigil@nce : http://vigilance.fr/

SYNTHESIS OF THE VULNERABILITY

An attacker can send a malformed SNMPv1 packet, in order to generate an infinite recursion in the ASN.1/BER module, which stops Wireshark.

Severity: 1/4

Creation date: 14/09/2010

DESCRIPTION OF THE VULNERABILITY

The SNMP protocol uses data in ASN.1 format, encoded as BER (Basic Encoding Rules).

The SNMPv1 dissector of Wireshark calls epan/dissectors/packet-ber.c to decode ASN.1/BER data.

The dissect_unknown_ber() function decodes malformed BER data. However, if the malformed data sequence is too long, it is called recursively.

An attacker can therefore send a malformed SNMPv1 packet, in order to generate an infinite recursion in the ASN.1/BER module, which stops Wireshark.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/W...




See previous articles

    

See next articles