Wireshark DOCSIS Dissector Denial Of Service Vulnerability (Win) Network Vulnerability

Summary

This host is installed with Wireshark and is prone to denial of service vulnerability.

Impact

Successful exploitation will allow attackers to crash the application. Impact Level: Application

Solution

Upgrade to the latest version of Wireshark 1.2.8 or 1.0.13, For updates refer to http://www.wireshark.org/download

Insight

The flaw is caused by an error in the DOCSIS (Data Over Cable Service Interface Specification) dissector when processing malformed data. An attacker can exploit this vulnerability by tricking a user into opening a malformed packet trace file.

Affected

Wireshark Version 0.9.6 through 1.0.12 and Wireshark Version 1.2.0 through 1.2.7

References

http://secunia.com/advisories/39661
http://www.wireshark.org/security/wnpa-sec-2010-03.html
http://www.wireshark.org/security/wnpa-sec-2010-04.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-1455
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

FreeSWITCH 'switch_regex.c' Multiple Buffer Overflow Vulnerabilities
Apache Input Header Folding and mod_ssl ssl_io_filter_cleanup DoS Vulnerabilities
Baidu Spark Browser Denial of Service Vulnerability -01 August14 (Windows)
DB2 discovery service DOS
Firefox Browser Libxul Memory Leak Remote DoS Vulnerability - Win

Wireshark DOCSIS Dissector Denial of Service Vulnerability (Win)

Take action and discover your vulnerabilities