Summary
This host is installed with Wireshark and is prone to heap based buffer overflow and denial of service vulnerabilities.
Impact
Successful exploitation could allow attackers to cause a denial of service via via a malformed packet.
Impact Level: Application
Solution
Upgrade to the Wireshark version 1.6.3 or later,
For updates refer to http://www.wireshark.org/download.html
Insight
The flaws are due to
- An error while parsing ERF file format. This could cause wireshark to crash by reading a malformed packet trace file.
- An error in dissect_infiniband_common function in 'epan/dissectors/packet-infiniband.c' in the Infiniband dissector, could dereference a NULL pointer.
Affected
Wireshark version 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 on Mac OS X
References
- http://anonsvn.wireshark.org/viewvc?view=revision&revision=39500
- http://anonsvn.wireshark.org/viewvc?view=revision&revision=39508
- http://openwall.com/lists/oss-security/2011/11/01/9
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6476
- https://bugzilla.redhat.com/show_bug.cgi?id=750645
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2011-4101, CVE-2011-4102 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Asterisk SIP Response Username Enumeration Remote Information Disclosure Vulnerability
- Adobe Flex SDK 'SWF' Files Cross-Site Scripting Vulnerability (Windows)
- Apache /server-info accessible
- Apple iTunes Tutorials Window Security Bypass Vulnerability (Mac OS X)
- Apache Traffic Server Remote DNS Cache Poisoning Vulnerability