Wireshark - ZigBee ZCL Dissector Infinite Loop Denial of Service

EDB-ID:

15973




Platform:

Multiple

Date:

2011-01-11


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux , the course required to become an Offensive Security Certified Professional (OSCP)

GET CERTIFIED

Source:  https://www.securityfocus.com/bid/44986/info

Wireshark is prone to a remote denial-of-service vulnerability because it fails to properly handle certain types of packets.

Attackers can exploit this issue to cause the application to enter an infinite loop which may cause denial-of-service conditions.

Wireshark 1.4.0 to 1.4.1 are vulnerable. 

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/15973.pcap (44986.pcap)