Wireshark ASN.1 BER Dissector DoS Vulnerability - May 13 (Windows) Network Vulnerability

Summary

This host is installed with Wireshark and is prone to denial of service vulnerability.

Impact

Successful exploitation will allow remote attackers to cause denial of service by injecting a malformed packet. Impact Level: Application

Solution

Upgrade to the Wireshark version 1.6.15 or 1.8.7 or later, For updates refer to http://www.wireshark.org/download

Insight

- 'fragment_add_seq_common' function in epan/reassemble.c has an incorrect pointer dereference. - 'dissect_ber_choice' function in epan/dissectors/packet-ber.c does not properly initialize variables.

Affected

Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 on Windows

References

http://secunia.com/advisories/53425
http://www.osvdb.com/93509
http://www.wireshark.org/security/wnpa-sec-2013-25.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-3556, CVE-2013-3557
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Adobe Acrobat PDF File Denial Of Service Vulnerability
Comodo Internet Security Denial of Service Vulnerability-03
FreeType Memory Corruption and Buffer Overflow Vulnerabilities (Windows)
at32 Reverse Proxy Multiple HTTP Header Fields Denial Of Service Vulnerability
Crash SMC AP

Take action and discover your vulnerabilities