Wireshark IKE Packet Denial Of Service Vulnerability (Win) Network Vulnerability

Summary

This host is installed with Wireshark and is prone to denial of service vulnerability.

Impact

Successful exploitation allows attackers to send a specially crafted IKE packet to cause the IKEv1 dissector to enter an infinite loop, which leads to denial of service. Impact Level: Application.

Solution

Upgrade to the Wireshark version 1.4.9, 1.6.2 or later, For updates refer to http://www.wireshark.org/download.html

Insight

The flaw is due to an error in 'IKEv1' protocol dissector and the function 'proto_tree_add_item()', when add more than 1000000 items to a proto_tree, that will cause a denial of service.

Affected

Wireshark version 1.6.0 to 1.6.1 Wireshark version 1.4.0 to 1.4.8 on Windows

References

http://securitytracker.com/id?1025875
http://www.securityfocus.com/archive/1/archive/1/519049/100/0/threaded

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-3266
CVSS Base Score: 2.6
AV:N/AC:H/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Malwarebytes-Anti-Exploit Denial Of Service (Windows)
TheGreenBow IPSec VPN Client Denial Of Service Vulnerability
Wireshark IEEE 802.11 Dissector Denial of Service Vulnerability (Windows)
Wireshark SigComp Universal Decompressor Virtual Machine dissector DOS Vulnerability (Win)
Oracle VM VirtualBox Local Denial of Service Vulnerability-01 Oct2013 (Windows)

Wireshark IKE Packet Denial of Service Vulnerability (Win)

Take action and discover your vulnerabilities