Wireshark - Multiple Dissector Denial of Service Vulnerabilities





Platform:

Multiple

Date:

2012-05-24


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux , the course required to become an Offensive Security Certified Professional (OSCP)

GET CERTIFIED

source: https://www.securityfocus.com/bid/53651/info

Wireshark is prone to multiple denial-of-service vulnerabilities. 

An attacker can exploit these issues to crash the affected application, denying service to legitimate users. 

Wireshark versions 1.6.0 through 1.6.7 and versions 1.4.0 through 1.4.12 are vulnerable.

PoC:
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/18919-1.pcap
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/18919-2.pcap
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/18919-3.pcap
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/18919-4.pcap
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/18919-5.pcap
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/18919-6.pcap
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/18919-7.pcap
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/18919-8.pcap