Vigil@nce - Wireshark: memory corruption via pcap-ng
February 2011 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
An attacker can invite the victim to open a malicious pcap-ng file
with Wireshark, in order to free uninitialized memory, which leads
to a denial of service and possibly to code execution.
Severity: 1/4
Creation date: 04/02/2011
IMPACTED PRODUCTS
– Wireshark
DESCRIPTION OF THE VULNERABILITY
The pcap-ng file format stores captured packets.
When Wireshark opens a malformed pcap-ng file, an error occurs, it
is displayed and then the memory area storing the error message is
freed. However, in three cases, the error message pointer is not
initialized. Its freeing thus corrupts the memory.
An attacker can therefore invite the victim to open a malicious
pcap-ng file with Wireshark, in order to free uninitialized
memory, which leads to a denial of service and possibly to code
execution.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Wireshark-memory-corruption-via-pcap-ng-10327