Release date:
Updated on: 2011-09-08
Affected Systems:
Wireshark 1.6.x
Wireshark 1.4.x
Unaffected system:
Wireshark 1.6.2
Wireshark 1.4.9
Description:
--------------------------------------------------------------------------------
Bugtraq id: 49377
Cve id: CVE-2011-3266
Wireshark (formerly known as Ethereal) is a network group analysis software.
Wireshark has a remote denial-of-service vulnerability when processing specially crafted IKE packets. Remote attackers can exploit this vulnerability to trigger an infinite loop, causing the affected application to crash and DOS to legitimate users.
This vulnerability is located in the proto_tree_add_item () function in 'tshark. C'. remote users can send specially crafted IKE packets, resulting in an infinite loop of IKEv1 parser.
<* Source: Penetration test team Of NCNIPC (China)
Link: http://securitytracker.com/id? 1025875
Http://www.wireshark.org/security/wnpa-sec-2011-13.html
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Wireshark
---------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.wireshark.org/