CERT-In:Indian Computer Emergency Response Team

HOME > VULNERABILITY NOTES

VULNERABILITY NOTE

CERT-In Vulnerability Note CIVN-2008-107
Wireshark Packet reassembly Denial of Service Vulnerability

Original Issue Date: July 14, 2008

Severity Rating: Medium

System Affected

Wireshark versions 0.8.19 to 1.0.1

Overview

A vulnerability exists in Wireshark versions 0.8.19 to 1.0.1, which could be exploited by the remote attackers to cause Denial of Service attacks on the systems running the vulnerable version of the application.

Description

This vulnerability is caused due to an error in fragment_add_work() method of reassemble.c file present in Wireshark versions 0.8.19 to 1.0.1. This vulnerability could be exploited by injecting a maliciouly crafted sequence of frames on the wire or in the trace file and then persuading the user to read the same. The vulnerable application could crash while reassembling the maliciouly crafted sequence of frames.

Solution

Upgrade to Wireshark 1.0.2
http://www.wireshark.org/

Vendor Information

Wireshark
http://www.wireshark.org/security/wnpa-sec-2008-04.html

References

SecurityFocus
http://www.securityfocus.com/bid/30181

Secunia
http://secunia.com/advisories/31044/

SecurityTracker
http://securitytracker.com/alerts/2008/Jul/1020471.html

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003

Home || Feedback || FAQ || Disclaimer

CERT-In Vulnerability Note CIVN-2008-107 Wireshark Packet reassembly Denial of Service Vulnerability

CERT-In Vulnerability Note CIVN-2008-107
Wireshark Packet reassembly Denial of Service Vulnerability