Summary
The host is running Wireshark/Ethereal, which is prone to multiple vulnerabilities.
Impact
Successful exploitation could result in application crash, disclose of system memory, and an incomplete syslog encapsulated packets.
Impact Level : SYSTEM
Solution
Upgrade to wireshark to 1.0.1 or later.
http://www.wireshark.org/download.html
Insight
The flaws exists due to errors in GSM SMS dissector, PANA and KISMET dissectors, RTMPT dissector, RMI dissector, and in syslog dissector.
Affected
Wireshark versions prior to 1.0.1 on Windows (All).
Quick Fix : Disable the following dissectors,
GSM SMS, PANA, KISMET, RTMPT, and RMI
Severity
Classification
-
CVE CVE-2008-1561, CVE-2008-1562, CVE-2008-1563 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Apple Safari WebKit Information Disclosure Vulnerability (Windows)
- Apple Safari Secure Cookie Security Bypass Vulnerability (Mac OS X)
- Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Mac OS X)
- Adobe Reader Plugin Signature Bypass Vulnerability (Linux)
- Apple Remote Desktop Information Disclosure Vulnerability