Wireshark TLS/SSL decryption Denial of Service Vulnerability (CVE-2015-0564)
Release date:
Updated on:
Affected Systems:
Wireshark 1.12.0-1.12.2
Wireshark 1.10.0-1.10.11
Description:
Bugtraq id: 71922
CVE (CAN) ID: CVE-2015-0564
Wireshark is the most popular network protocol parser.
Wireshark implements a buffer overflow vulnerability when decrypting TLS/SSL sessions. Attackers can exploit this vulnerability to cause the affected applications to crash.
<* Source: Noam Rathaus
*>
Suggestion:
Vendor patch:
Wireshark
---------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Https://www.wireshark.org/security/wnpa-sec-2015-05.html
Simple use of Wireshark
Install Wireshark in Ubuntu 12.04
Starting Wireshark packet capture from common users in Linux
Install and run Wireshark in Linux
Wireshark details: click here
Wireshark: click here
This article permanently updates the link address: