Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique





















Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce: Wireshark, several vulnerabilities

September 2008 by Vigil@nce

Several vulnerabilities of Wireshark can be used by a remote attacker to create a denial of service or to execute code.

- Gravity: 2/4
- Consequences: user access/rights, denial of service of service
- Provenance: intranet client
- Means of attack: no proof of concept, no attack
- Ability of attacker: expert (4/4)
- Confidence: confirmed by the editor (5/5)
- Diffusion of the vulnerable configuration: high (3/3)
- Creation date: 04/09/2008
- Identifier: VIGILANCE-VUL-8089

IMPACTED PRODUCTS

- Unix - plateform

DESCRIPTION

The Wireshark/Ethereal program captures packets, in order to help administrator solving network problems. Protocols are decoded by dissectors. They have several vulnerabilities.

An attacker can send NCP data in order to generate several buffer overflows and an infinite loop. [grav:2/4]

A packet containing data compressed by zlib can stop Wireshark. [grav:1/4]

When a malformed Tektronix .rf5 file is opened, Wireshark stops. [grav:1/4]

CHARACTERISTICS

- Identifiers: VIGILANCE-VUL-8089
- Url: https://vigilance.aql.fr/tree/1/8089




See previous articles

    

See next articles