Contact Us
SECURITY BLOG SECURITY DASHBOARD PARTNERS PRODUCTS JOBS SERVICES COMPANY HOME
Network Security Consulting Advisories Article

Wireshark Lucent/Ascend File Parser Denial of Service Vulnerability

http://www.securityfocus.com/bid/48506

Security Info

Bugtraq ID: 48506
Class: Unknown
CVE: CVE-2011-2597
Remote: Yes
Local: No
Published: Jun 30 2011 12:00AM
Updated: Apr 23 2012 06:20PM
Credit: The vendor reported this issue.
Vulnerable: Wireshark Wireshark 1.6
Wireshark Wireshark 1.4.7
Wireshark Wireshark 1.4.6
Wireshark Wireshark 1.4.5
Wireshark Wireshark 1.4.4
Wireshark Wireshark 1.4.3
Wireshark Wireshark 1.4.2
Wireshark Wireshark 1.4.1
Wireshark Wireshark 1.2.17
Wireshark Wireshark 1.2.16
Wireshark Wireshark 1.2.12
Wireshark Wireshark 1.2.10
Wireshark Wireshark 1.2.10
Wireshark Wireshark 1.2.9
Wireshark Wireshark 1.2.8
Wireshark Wireshark 1.2.7
Wireshark Wireshark 1.2.6
Wireshark Wireshark 1.2.5
Wireshark Wireshark 1.2.4
Wireshark Wireshark 1.2.3
Wireshark Wireshark 1.2.2
Wireshark Wireshark 1.2.1
Wireshark Wireshark 1.2
Wireshark Wireshark 1.4.1
Wireshark Wireshark 1.4.0
Wireshark Wireshark 1.2.15
Wireshark Wireshark 1.2.14
Wireshark Wireshark 1.2.13
Wireshark Wireshark 1.2.11
SuSE SUSE Linux Enterprise Server for VMware 11 SP1
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Server 11 SP1
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Server 10 SP4
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise SDK 11 SP1
SuSE SUSE Linux Enterprise SDK 10 SP4
SuSE SUSE Linux Enterprise Desktop 11 SP1
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Desktop 10 SP4
+ Linux kernel 2.6.5
SuSE openSUSE 11.4
SuSE openSUSE 11.3
Red Hat Fedora 15
Red Hat Fedora 14
Red Hat Enterprise Linux Workstation Optional 6
Red Hat Enterprise Linux Workstation 6
Red Hat Enterprise Linux Server Optional 6
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux Desktop Optional 6
Red Hat Enterprise Linux Desktop 6
Pardus Linux 2009 0
Mandriva Linux Mandrake 2010.1 x86_64
Mandriva Linux Mandrake 2010.1
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
Not Vulnerable: Wireshark Wireshark 1.6.1
Wireshark Wireshark 1.4.8
Wireshark Wireshark 1.2.18

Security Discussion

Wireshark is prone to a denial-of-service vulnerability because it fails to properly handle specially crafted packets.

An attacker can exploit this issue to trigger an infinite loop, which causes the affected application to crash, denying service to legitimate users.

The following versions are vulnerable:

Wireshark versions 1.2.0 through 1.2.17
Wireshark versions 1.4.0 through 1.4.7
Wireshark version 1.6.0

Proof of Concept and Security Exploits

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

Security Solution(s)

Solution:
Updates are available. Please see the references for more information.


MandrakeSoft Enterprise Server 5 x86_64

MandrakeSoft Enterprise Server 5

Mandriva Linux Mandrake 2010.1 x86_64

Mandriva Linux Mandrake 2010.1

Security References(s)

References:

Contact Us

Security Penetration Testing

Security Questions

Security Dashboard

Emagined Security Blog featuring Dr. Eugene Schultz
Site Updated August 20, 2014
©2000-2014 Emagined Security
All Rights Reserved

Secure Web Programming
by Vizual Services