Wireshark 'DCERPC/NT' Dissector DOS Vulnerability - Nov09 (Win) Network Vulnerability

Summary

This host is installed with Wireshark and is prone to Denial of Service Vulnerability.

Impact

Successful exploitation could result in Denial of Serivce condition. Impact Level: Application.

Solution

Upgrade to Wireshark 1.0.10 or 1.2.3 http://www.wireshark.org/download.html Workaround: Disable the affected dissectors, http://www.wireshark.org/security/wnpa-sec-2009-07.html http://www.wireshark.org/security/wnpa-sec-2009-08.html

Insight

The flaw is due to a NULL pointer dereference error within the 'DCERPC/NT' dissector that can be exploited to cause a crash.

Affected

Wireshark version 0.10.13 to 1.0.9 and 1.2.0 to 1.2.2 on Windows.

References

http://secunia.com/advisories/37175
http://www.wireshark.org/docs/relnotes/wireshark-1.0.10.html
http://www.wireshark.org/docs/relnotes/wireshark-1.2.3.html
http://xforce.iss.net/xforce/xfdb/54016
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3689

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-3550
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Apache Tomcat Content-Type Header Denial Of Service Vulnerability
BadBlue invalid GET DoS
Eggdrop 'ctcpbuf' Remote Denial Of Service Vulnerability
DB2 discovery service DOS
Apache Subversion 'mod_dav_svn' Module Multiple DoS Vulnerabilities

Take action and discover your vulnerabilities