Contact Us
SECURITY BLOG SECURITY DASHBOARD PARTNERS PRODUCTS JOBS SERVICES COMPANY HOME
Network Security Consulting Advisories Article

Wireshark Versions Prior to 1.4.5/1.2.16 Multiple Remote Vulnerabilities

http://www.securityfocus.com/bid/47392

Security Info

Bugtraq ID: 47392
Class: Design Error
CVE: CVE-2011-1590
CVE-2011-1591
CVE-2011-1592
Remote: Yes
Local: No
Published: Apr 15 2011 12:00AM
Updated: Apr 23 2012 06:20PM
Credit: Paul Makowski from SEI/CERT and the vendor
Vulnerable: Wireshark Wireshark 1.4.3
Wireshark Wireshark 1.4.2
Wireshark Wireshark 1.4.1
Wireshark Wireshark 1.2.12
Wireshark Wireshark 1.2.10
Wireshark Wireshark 1.2.10
Wireshark Wireshark 1.2.9
Wireshark Wireshark 1.2.8
Wireshark Wireshark 1.2.7
Wireshark Wireshark 1.2.6
Wireshark Wireshark 1.2.5
Wireshark Wireshark 1.2.4
Wireshark Wireshark 1.2.3
Wireshark Wireshark 1.2.2
Wireshark Wireshark 1.2.1
Wireshark Wireshark 1.2
Wireshark Wireshark 1.4.1
Wireshark Wireshark 1.4.0
Wireshark Wireshark 1.2.14
Wireshark Wireshark 1.2.13
Wireshark Wireshark 1.2.12
Wireshark Wireshark 1.2.11
Sun Solaris 11 Express
Sun Solaris 11 Express
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux Desktop Workstation 5 client
RedHat Enterprise Linux Desktop version 4
Red Hat Fedora 15
Red Hat Fedora 14
Red Hat Fedora 13
Red Hat Enterprise Linux Workstation Optional 6
Red Hat Enterprise Linux Workstation 6
Red Hat Enterprise Linux Server Optional 6
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux Desktop Optional 6
Red Hat Enterprise Linux Desktop 6
Red Hat Enterprise Linux Desktop 5 client
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux 5 Server
Pardus Linux 2011 0
Pardus Linux 2009 0
Mandriva Linux Mandrake 2010.1 x86_64
Mandriva Linux Mandrake 2010.1
Mandriva Linux Mandrake 2010.0 x86_64
Mandriva Linux Mandrake 2010.0
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 4.0
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Debian Linux 5.0 sparc
Debian Linux 5.0 s/390
Debian Linux 5.0 powerpc
Debian Linux 5.0 mipsel
Debian Linux 5.0 mips
Debian Linux 5.0 m68k
Debian Linux 5.0 ia-64
Debian Linux 5.0 ia-32
Debian Linux 5.0 hppa
Debian Linux 5.0 armel
Debian Linux 5.0 arm
Debian Linux 5.0 amd64
Debian Linux 5.0 alpha
Debian Linux 5.0
Not Vulnerable: Wireshark Wireshark 1.4.5
Wireshark Wireshark 1.2.16

Security Discussion

Wireshark is prone to a buffer-overflow vulnerability and multiple denial-of-service vulnerabilities.

Remote attackers can exploit these issues to execute arbitrary code in the context of the application or cause denial-of-service conditions.

Proof of Concept and Security Exploits

The following proof-of-concept and exploits are available:

Security Solution(s)

Solution:
Updates are available. Please see the references for more information.


Mandriva Linux Mandrake 2010.1 x86_64

Mandriva Linux Mandrake 2010.0

MandrakeSoft Enterprise Server 5 x86_64

MandrakeSoft Enterprise Server 5

Mandriva Linux Mandrake 2010.0 x86_64

Mandriva Linux Mandrake 2010.1

MandrakeSoft Corporate Server 4.0

MandrakeSoft Corporate Server 4.0 x86_64

Security References(s)

References:

Contact Us

Security Penetration Testing

Security Questions

Security Dashboard

Emagined Security Blog featuring Dr. Eugene Schultz
Site Updated September 02, 2014
©2000-2014 Emagined Security
All Rights Reserved

Secure Web Programming
by Vizual Services