Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce - Wireshark: denial of service via ASN.1/BER

September 2010 by Vigil@nce

This bulletin was written by Vigil@nce : http://vigilance.fr/

SYNTHESIS OF THE VULNERABILITY

An attacker can send a malformed SNMPv1 packet, in order to
generate an infinite recursion in the ASN.1/BER module, which
stops Wireshark.

Severity: 1/4

Creation date: 14/09/2010

DESCRIPTION OF THE VULNERABILITY

The SNMP protocol uses data in ASN.1 format, encoded as BER (Basic
Encoding Rules).

The SNMPv1 dissector of Wireshark calls epan/dissectors/packet-ber.c
to decode ASN.1/BER data.

The dissect_unknown_ber() function decodes malformed BER data.
However, if the malformed data sequence is too long, it is called
recursively.

An attacker can therefore send a malformed SNMPv1 packet, in order
to generate an infinite recursion in the ASN.1/BER module, which
stops Wireshark.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/Wireshark-denial-of-service-via-ASN-1-BER-9930


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts