Contactez-nous Suivez-nous sur Twitter En francais English Language

De la Théorie à la pratique

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN



Vigil@nce: Wireshark, several vulnerabilities

September 2008 by Vigil@nce

Several vulnerabilities of Wireshark can be used by a remote attacker to create a denial of service or to execute code.

- Gravity: 2/4
- Consequences: user access/rights, denial of service of service
- Provenance: intranet client
- Means of attack: no proof of concept, no attack
- Ability of attacker: expert (4/4)
- Confidence: confirmed by the editor (5/5)
- Diffusion of the vulnerable configuration: high (3/3)
- Creation date: 04/09/2008
- Identifier: VIGILANCE-VUL-8089


- Unix - plateform


The Wireshark/Ethereal program captures packets, in order to help administrator solving network problems. Protocols are decoded by dissectors. They have several vulnerabilities.

An attacker can send NCP data in order to generate several buffer overflows and an infinite loop. [grav:2/4]

A packet containing data compressed by zlib can stop Wireshark. [grav:1/4]

When a malformed Tektronix .rf5 file is opened, Wireshark stops. [grav:1/4]


- Identifiers: VIGILANCE-VUL-8089
- Url:

See previous articles


See next articles