Multiple Wireshark Security Vulnerabilities

Release date:
Updated on:

Affected Systems:
Wireshark 1.x
Description:
--------------------------------------------------------------------------------
Cve id: CVE-2011-3266, CVE-2011-3360, CVE-2011-3482, CVE-2011-3483, CVE-2011-3484

Wireshark (formerly known as Ethereal) is a network group analysis software.

Wireshark has multiple security vulnerabilities in implementation, which can cause malicious users to reject services and control user systems.

1) when handling some IKE packets, errors can be exploited to create infinite loops, resulting in high resource consumption and crash;

2) unknown errors related to Lua scripts can be exploited to hijack arbitrary Lua scripts using similar DLL;

3) errors related to uninitialized variables in the CSN.1 parser can be exploited to cause a crash. Note: This vulnerability affects only 1.6.0 to 1.6.1. When you open a malformed packet tracking file, errors in the buffer unexpected processing will cause a crash.

4) errors in the OpenSafety parser can be exploited to cause large loops and application crashes.

<* Source: vendor

Link: http://www.wireshark.org/security/wnpa-sec-2011-12.html
Http://www.wireshark.org/security/wnpa-sec-2011-13.html
Http://www.wireshark.org/security/wnpa-sec-2011-14.html
Http://www.wireshark.org/security/wnpa-sec-2011-15.html
Http://www.wireshark.org/security/wnpa-sec-2011-16.html
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Wireshark
---------
Wireshark has released a Security Bulletin (wnpa-sec-2011-16) and corresponding patches for this:

Wnpa-sec-2011-16: Wireshark CSN.1 dissector vulnerability

Link: http://www.wireshark.org/security/wnpa-sec-2011-16.html