Wireshark 1.4.0 Malformed IKE Message Denial of Service Vulnerability

Release date:
Updated on:

Affected Systems:
Wireshark 1.4.0
Description:
--------------------------------------------------------------------------------
Wireshark (formerly known as Ethereal) is a network group analysis software.

Wireshark 1.4.0 has a malformed IKE Message Denial Of Service Vulnerability. Attackers can exploit this vulnerability to forcibly terminate affected applications.

Using the PROTOS Test-Suite c09-isakmp (https://www.ee.oulu.fi/research/ouspg/PROTOS_Test-Suite_c09-isakmp), when you run the command "java-jar c09-isakmp-r1.jar -- host 210.77.17.129 -- id 210.77.19.130 -- secret dgggg -- sourceport 34444 -- index 3332, wireshark indexes the captured packets by 3332, and then click the field "Type Payload: Identification (5)". The ERROR message "Gtk-ERROR ** is displayed **: byte index 6 is off the end of the line aborting... ", and the application is forced to exit.

<* Source: The penetration test team Of NCNIPC
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Wireshark
---------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.wireshark.org/