Vigil@nce: Wireshark, denials of service
July 2009 by Vigil@nce
Several vulnerabilities of Wireshark can be used by a remote
attacker to create a denial of service, or to execute code.
Severity: 2/4
Consequences: user access/rights, denial of service of service
Provenance: intranet client
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Number of vulnerabilities in this bulletin: 7
Creation date: 21/07/2009
IMPACTED PRODUCTS
– Unix - plateform
DESCRIPTION OF THE VULNERABILITY
The Wireshark program captures and displays network packets.
Protocols are decoded by dissectors. They are impacted by several
vulnerabilities.
An attacker can generate a buffer overflow in the IPMI dissector,
which leads to code execution. [grav:2/4; CVE-2009-2559]
An attacker can generate a denial of service in the AFS dissector.
[grav:1/4; CVE-2009-2562]
An attacker can generate a denial of service in the Infiniband
dissector. [grav:1/4; CVE-2009-2563]
An attacker can generate a denial of service in the Bluetooth
L2CAP dissector. [grav:1/4; CVE-2009-2560]
An attacker can generate a denial of service in the RADIUS
dissector. [grav:1/4; CVE-2009-2560]
An attacker can generate a denial of service in the MIOP
dissector. [grav:1/4; CVE-2009-2560]
An attacker can generate an infinite loop in the sFlow dissector.
[grav:1/4; CVE-2009-2561]
CHARACTERISTICS
Identifiers: BID-35748, CVE-2009-2559, CVE-2009-2560,
CVE-2009-2561, CVE-2009-2562, CVE-2009-2563, VIGILANCE-VUL-8875,
wnpa-sec-2009-04
http://vigilance.fr/vulnerability/Wireshark-denials-of-service-8875