Wireshark Multiple Denial Of Service Vulnerabilities - Nov09 (Win)

Summary
This host is installed with Wireshark and is prone to multiple Denial of Service vulnerabilities.
Impact
Successful exploitation could result in Denial of Serivce condition. Impact Level: Application.
Solution
Upgrade to Wireshark 1.2.3 http://www.wireshark.org/download.html Workaround: Disable the affected dissectors, http://www.wireshark.org/security/wnpa-sec-2009-07.html
Insight
- An alignment error within the 'dissect_paltalk()' function in epan/dissectors/packet-paltalk.c of the Paltalk dissector that can be exploited to cause a crash. - An off-by-one error within the 'dissect_negprot_response()' function in epan/dissectors/packet-smb.c of the SMB dissector that can be exploited to cause a crash.
Affected
Wireshark version 1.2.0 to 1.2.2 on Windows.
References