Vigil@nce: Wireshark, three vulnerabilities
January 2011 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
Several vulnerabilities of Wireshark can be used by a remote
attacker to create a denial of service or to execute code.
– Severity: 2/4
– Creation date: 12/01/2011
IMPACTED PRODUCTS
– Mandriva Linux
– Wireshark
DESCRIPTION OF THE VULNERABILITY
The Wireshark program captures and displays network packets.
Protocols are decoded by dissectors. They are impacted by several
vulnerabilities.
An attacker can send a malicious MAC-LTE packet, in order to
create a buffer overflow. [severity:2/4; CVE-2011-0444]
An attacker can send a malicious ENTTEC DMX packet, in order to
create an overflow in Wireshark, leading to a denial of service or
to code execution (VIGILANCE-VUL-10242 (https://vigilance.fr/tree/1/10242)).
[severity:2/4; BID-45634, CVE-2010-4538]
An attacker can send a malicious packet, in order to stop the
ASN.1 BER dissector. [severity:1/4; CVE-2011-0445]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Wireshark-three-vulnerabilities-10271