Summary
This host is installed with Wireshark and is prone to denial of service vulnerability.
Impact
Successful exploitation allows attackers to crash an affected application, denying service to legitimate users.
Impact Level: Application.
Solution
Upgrade to Wireshark version 1.4.8 or 1.6.1 or later, For updates refer to http://www.wireshark.org/download.html
Insight
The flaw is caused to an infinite loop was found in the way ANSI A Interface dissector of the Wireshark network traffic analyser processed certain ANSI A MAP capture files. If Wireshark read a malformed packet off a network or opened a malicious packet capture file, it could lead to denial of service.
Affected
Wireshark version 1.6.0
Wireshark version 1.4.x through 1.4.7
References
Severity
Classification
-
CVE CVE-2011-2698 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Adobe Reader 'AcroPDF.DLL' Denial of Service Vulnerability (Windows)
- Firefox Browser Libxul Memory Leak Remote DoS Vulnerability - Linux
- Apple Safari 'WebKit.dll' Stack Consumption Vulnerability
- Asterisk Products Invalid SDP SIP Channel Driver DoS Vulnerability
- Apache Connection Blocking Denial of Service