Wireshark DIAMETER Dissector Denial of Service Vulnerability
BID:53652
Info
Wireshark DIAMETER Dissector Denial of Service Vulnerability
| Bugtraq ID: | 53652 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2012-2393 |
| Remote: | Yes |
| Local: | No |
| Published: | May 21 2012 12:00AM |
| Updated: | Apr 13 2015 09:19PM |
| Credit: | Wireshark |
| Vulnerable: |
Wireshark Wireshark 1.6.7 Wireshark Wireshark 1.6.6 Wireshark Wireshark 1.6.5 Wireshark Wireshark 1.6.4 Wireshark Wireshark 1.6.3 Wireshark Wireshark 1.6.2 Wireshark Wireshark 1.6.1 Wireshark Wireshark 1.6 Wireshark Wireshark 1.4.12 Wireshark Wireshark 1.4.11 Wireshark Wireshark 1.4.10 Wireshark Wireshark 1.4.9 Wireshark Wireshark 1.4.8 Wireshark Wireshark 1.4.7 Wireshark Wireshark 1.4.6 Wireshark Wireshark 1.4.5 Wireshark Wireshark 1.4.4 Wireshark Wireshark 1.4.3 Wireshark Wireshark 1.4.2 Wireshark Wireshark 1.4.1 Wireshark Wireshark 1.4.0 Oracle Solaris 11 Mandriva Linux Mandrake 2011 x86_64 Mandriva Linux Mandrake 2011 Mandriva Business Server 1 X86 64 Mandriva Business Server 1 |
| Not Vulnerable: |
Wireshark Wireshark 1.6.8 Wireshark Wireshark 1.4.14 |
Discussion
Wireshark DIAMETER Dissector Denial of Service Vulnerability
Wireshark is prone to a denial-of-service vulnerability because it fails to properly allocate memory.
Successful exploits may allow attacker to crash the affected application, denying service to legitimate users.
Wireshark 1.4.0 to 1.4.12 and 1.6.0 to 1.6.7 are vulnerable.
Wireshark is prone to a denial-of-service vulnerability because it fails to properly allocate memory.
Successful exploits may allow attacker to crash the affected application, denying service to legitimate users.
Wireshark 1.4.0 to 1.4.12 and 1.6.0 to 1.6.7 are vulnerable.
Exploit / POC
Wireshark DIAMETER Dissector Denial of Service Vulnerability
Sample '.pcap' file is available. Please see the references for more information.
[email protected]
Sample '.pcap' file is available. Please see the references for more information.
[email protected]
Solution / Fix
Wireshark DIAMETER Dissector Denial of Service Vulnerability
Solution:
Updates are available. Please see the references for more information.
Mandriva Linux Mandrake 2011 x86_64
Mandriva Linux Mandrake 2011
Mandriva Business Server 1 X86 64
Solution:
Updates are available. Please see the references for more information.
Mandriva Linux Mandrake 2011 x86_64
-
Mandriva dumpcap-1.6.8-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64wireshark-devel-1.6.8-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64wireshark1-1.6.8-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva rawshark-1.6.8-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva tshark-1.6.8-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva wireshark-1.6.8-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva wireshark-tools-1.6.8-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/
Mandriva Linux Mandrake 2011
-
Mandriva dumpcap-1.6.8-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libwireshark-devel-1.6.8-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libwireshark1-1.6.8-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva rawshark-1.6.8-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva tshark-1.6.8-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva wireshark-1.6.8-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva wireshark-tools-1.6.8-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/
Mandriva Business Server 1 X86 64
-
Mandriva dumpcap-1.6.14-1.mbs1.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64wireshark-devel-1.6.14-1.mbs1.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64wireshark1-1.6.14-1.mbs1.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva rawshark-1.6.14-1.mbs1.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva tshark-1.6.14-1.mbs1.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva wireshark-1.6.14-1.mbs1.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva wireshark-tools-1.6.14-1.mbs1.x86_64.rpm
http://www.mandriva.com/en/downloads/
References
Wireshark DIAMETER Dissector Denial of Service Vulnerability
References:
References:
- Bug 7138 - Buildbot crash output: fuzz-2012-04-18-27798.pcap (Buildbot Builder)
- Wireshark 1.6.8 and 1.4.13 Released (Wireshark)
- Wireshark DIAMETER memory allocation flaw (Wireshark)
- Wireshark Homepage (Wireshark)
- Oracle: Multiple vulnerabilities in Wireshark (Oracle)
- Oracle: Multiple vulnerabilities in Wireshark (Oracle)