Vigil@nce: Wireshark, several vulnerabilities
January 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
Several vulnerabilities of Wireshark can be used by a remote
attacker to create a denial of service or to execute code.
– Severity: 2/4
– Creation date: 11/01/2012
IMPACTED PRODUCTS
– Fedora
– Wireshark
DESCRIPTION OF THE VULNERABILITY
The Wireshark program captures and displays network packets.
Protocols are decoded by dissectors. They are impacted by several
vulnerabilities.
An attacker can invite the victim to open a malicious capture
file, in order to execute code. [severity:2/4; CVE-2012-0041,
wnpa-sec-2012-01]
A malicious packet dereferences a NULL pointer, and stops
Wireshark. [severity:1/4; CVE-2012-0042, wnpa-sec-2012-02]
An attacker can generate a buffer overflow in the RLC dissector,
in order to execute code. [severity:2/4; CVE-2012-0043,
wnpa-sec-2012-03]
Several other vulnerabilities can lead to a denial of service or
to code execution. [severity:2/4; CVE-2012-0066, CVE-2012-0067,
CVE-2012-0068]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Wireshark-several-vulnerabilities-11273