This host is installed with Wireshark and is prone to stack consumption vulnerability.
Successful exploitation will allow attackers to crash the application. Impact Level: Application
Upgrade to Wireshark 1.4.1 or 1.2.12 or later, For updates refer to http://www.wireshark.org/download
The flaw is due to stack consumption in the 'dissect_ber_unknown()' function in 'epan/dissectors/packet-ber.c' in the BER dissector, whcih allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown 'ASN.1/BER' encoded packet.
Wireshark version 1.4.x before 1.4.1 and 1.2.x before 1.2.12
- Ziproxy Image Parsing Multiple Integer Overflow Vulnerabilities
- UnrealIRCd User Authentication Buffer Overflow Vulnerability
- IrfanView JPEG-2000 Plugin Remote Stack Based Buffer Overflow Vulnerability
- Wireshark BER Dissector Stack Consumption Vulnerability (Mac OS X)
- VLC Media Player Stack Overflow Vulnerability (Win-Mar09)