Summary
This host is installed with Wireshark and is prone to denial of service vulnerability.
Impact
Successful exploitation will allow attackers to crash the application.
Impact Level: Application
Solution
Upgrade to the latest version of Wireshark 1.2.8 or 1.0.13, For updates refer to http://www.wireshark.org/download
Insight
The flaw is caused by an error in the DOCSIS (Data Over Cable Service Interface Specification) dissector when processing malformed data. An attacker can exploit this vulnerability by tricking a user into opening a malformed packet trace file.
Affected
Wireshark Version 0.9.6 through 1.0.12 and
Wireshark Version 1.2.0 through 1.2.7
References
Severity
Classification
-
CVE CVE-2010-1455 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- FreeSWITCH 'switch_regex.c' Multiple Buffer Overflow Vulnerabilities
- Apache Input Header Folding and mod_ssl ssl_io_filter_cleanup DoS Vulnerabilities
- Baidu Spark Browser Denial of Service Vulnerability -01 August14 (Windows)
- DB2 discovery service DOS
- Firefox Browser Libxul Memory Leak Remote DoS Vulnerability - Win