Wireshark Multiple Unspecified Vulnerability - Apr09 (Win) Network Vulnerability

Summary

This host is installed with Wireshark and is prone to multiple unspecified vulnerability.

Impact

Successful exploitation could result in denial of serivce condition. Impact Level: Application

Solution

Upgrade to Wireshark 1.0.7 http://www.wireshark.org/download.html

Insight

- Error exists while processing PN-DCP packet with format string specifiers in PROFINET/DCP (PN-DCP) dissector. - Error in unknown impact and attack vectors. - Error in Lightweight Directory Access Protocol (LDAP) dissector when processing unknown attack vectors. - Error in Check Point High-Availability Protocol (CPHAP) when processing crafted FWHA_MY_STATE packet. - An error exists while processing malformed Tektronix .rf5 file.

Affected

Wireshark version 0.9.6 to 1.0.6 on Windows

References

http://secunia.com/advisories/34542
http://secunia.com/advisories/34778
http://securitytracker.com/alerts/2009/Apr/1022027.html

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-1210, CVE-2009-1266, CVE-2009-1267, CVE-2009-1268, CVE-2009-1269
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Apache httpd Web Server Range Header Denial of Service Vulnerability
CesarFTP MKD Command Buffer Overflow
Google Chrome Multiple Denial of Service Vulnerabilities - March12 (Windows)
Apache 'mod_deflate' Denial Of Service Vulnerability - July09
Adobe Reader/Acrobat Denial of Service Vulnerability (May09)

Take action and discover your vulnerabilities