Wireshark 1.0.x - '.ncf' Packet Capture Local Denial of Service

EDB-ID:

6622

Author:

Shinnok

Type:

dos

Platform:

Multiple

Published:

2008-09-29

Wireshark 1.0.x .ncf local denial of service
author: Shinnok

Description

Wireshark 1.0.x crashes as a result of a failed assertion when dealing
with a malformed Tamosoft CommView .ncf packet capture:
Err file wtap.c: line 620 (wtap_read): assertion failed:
(wth->phdr.pkt_encap != WTAP_ENCAP_PER_PACKET)

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/6622.ncf (2008-wireshark.ncf)

# milw0rm.com [2008-09-29]