Wireshark malformed message tracing File Remote Denial of Service Vulnerability

Release date:
Updated on: 2011-09-08

Affected Systems:
Wireshark 1.6.x
Wireshark 1.4.x
Unaffected system:
Wireshark 1.6.2
Wireshark 1.4.9
Description:
--------------------------------------------------------------------------------
Bugtraq id: 49521

Wireshark (formerly known as Ethereal) is a network group analysis software.

Wireshark has a remote denial of service vulnerability when processing malformed packets. Remote attackers can exploit this vulnerability to trigger an infinite loop, causing the affected application to crash and DOS to legitimate users.

<* Source: Wireshark (http://www.wireshark.org /)

Link: http://www.wireshark.org/security/wnpa-sec-2011-14.html
*>

Test method:
--------------------------------------------------------------------------------

Alert

The following procedures (methods) may be offensive and are intended only for security research and teaching. Users are at your own risk!

Wireshark (http://www.wireshark.org/) provides the following testing methods:

Http://www.securityfocus.com/data/vulnerabilities/exploits/46167.pcap

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Wireshark
---------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.wireshark.org/