Wireshark BER Dissector Stack Consumption Vulnerability (Mac OS X) Network Vulnerability

Summary

This host is installed with Wireshark and is prone to stack consumption vulnerability.

Impact

Successful exploitation will allow attackers to crash the application. Impact Level: Application

Solution

Upgrade to Wireshark 1.4.1 or 1.2.12 or later. For updates refer to http://www.wireshark.org/download

Insight

The flaw is due to stack consumption error in the 'dissect_ber_unknown()' function in 'epan/dissectors/packet-ber.c' in the BER dissector, whcih allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown 'ASN.1/BER' encoded packet.

Affected

Wireshark version 1.4.x before 1.4.1 and 1.2.x before 1.2.12

References

http://www.openwall.com/lists/oss-security/2010/10/01/10
http://www.openwall.com/lists/oss-security/2010/10/12/1
http://xorl.wordpress.com/2010/10/15/cve-2010-3445-wireshark-asn-1-ber-stack-overflow/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-3445
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

VLC Media Player 'MP4_ReadBox_skcr()' Buffer Overflow Vulnerability (Linux)
Foxit Reader Multiple Buffer Overflow Vulnerabilities
ScriptFTP 'GETLIST' or 'GETFILE' Commands Remote Buffer Overflow Vulnerability
KMPlayer '.mp3' File Remote Buffer Overflow Vulnerability
Microsoft Windows Media Player '.mpg' Buffer Overflow Vulnerability

Take action and discover your vulnerabilities