Summary
This host is installed with Wireshark and is prone to multiple denial of service vulnerabilities.
Impact
Successful exploitation will allow remote attackers to cause a denial of service.
Impact Level: Application
Solution
Upgrade to the Wireshark version 1.2.17 or 1.4.7 or later, For updates refer to http://www.wireshark.org/download
Insight
- An error in the DICOM dissector can be exploited to cause an infinite loop when processing certain malformed packets.
- An error when processing a Diameter dictionary file can be exploited to cause the process to crash.
- An error when processing a snoop file can be exploited to cause the process to crash.
- An error when processing compressed capture data can be exploited to cause the process to crash.
- An error when processing a Visual Networks file can be exploited to cause the process to crash.
Affected
Wireshark versions 1.2.x before 1.2.17 and 1.4.x before 1.4.7.
References
Severity
Classification
-
CVE CVE-2011-1957, CVE-2011-1958, CVE-2011-1959, CVE-2011-2174, CVE-2011-2175 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Firefly MediaServer HTTP Header Multiple DoS Vulnerabilities
- Apple Safari JavaScript 'Reload()' DoS Vulnerability - July09
- ClamAV Hash Manager Off-By-One Denial of Service Vulnerability (Win)
- chm2pdf Insecure Temporary File Creation or DoS Vulnerability
- FreeRADIUS Tunnel-Password Denial Of Service Vulnerability