Wireshark - Multiple Dissector Denial of Service Vulnerabilities





Platform:

Multiple

Date:

2012-05-24


source: https://www.securityfocus.com/bid/53651/info

Wireshark is prone to multiple denial-of-service vulnerabilities. 

An attacker can exploit these issues to crash the affected application, denying service to legitimate users. 

Wireshark versions 1.6.0 through 1.6.7 and versions 1.4.0 through 1.4.12 are vulnerable.

PoC:
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/18919-1.pcap
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/18919-2.pcap
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/18919-3.pcap
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/18919-4.pcap
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/18919-5.pcap
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/18919-6.pcap
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/18919-7.pcap
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/18919-8.pcap