Wireshark 1.0.x - '.ncf' Packet Capture Local Denial of Service

EDB-ID:

6622


Author:

Shinnok

Type:

dos


Platform:

Multiple

Date:

2008-09-29


Wireshark 1.0.x .ncf local denial of service
author: Shinnok

Description

Wireshark 1.0.x crashes as a result of a failed assertion when dealing
with a malformed Tamosoft CommView .ncf packet capture:
Err file wtap.c: line 620 (wtap_read): assertion failed:
(wth->phdr.pkt_encap != WTAP_ENCAP_PER_PACKET)

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/6622.ncf (2008-wireshark.ncf)

# milw0rm.com [2008-09-29]