Wireshark Misaligned Memory Denial of Service Vulnerability
BID:53653
Info
Wireshark Misaligned Memory Denial of Service Vulnerability
| Bugtraq ID: | 53653 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2012-2394 |
| Remote: | Yes |
| Local: | No |
| Published: | May 22 2012 12:00AM |
| Updated: | Apr 13 2015 08:25PM |
| Credit: | Klaus Heckelmann |
| Vulnerable: |
Wireshark Wireshark 1.6.7 Wireshark Wireshark 1.6.6 Wireshark Wireshark 1.6.5 Wireshark Wireshark 1.6.4 Wireshark Wireshark 1.6.3 Wireshark Wireshark 1.6.2 Wireshark Wireshark 1.6.1 Wireshark Wireshark 1.6 Wireshark Wireshark 1.4.12 Wireshark Wireshark 1.4.12 Wireshark Wireshark 1.4.11 Wireshark Wireshark 1.4.10 Wireshark Wireshark 1.4.9 Wireshark Wireshark 1.4.8 Wireshark Wireshark 1.4.7 Wireshark Wireshark 1.4.6 Wireshark Wireshark 1.4.5 Wireshark Wireshark 1.4.4 Wireshark Wireshark 1.4.3 Wireshark Wireshark 1.4.2 Wireshark Wireshark 1.4.1 Wireshark Wireshark 1.4.1 Wireshark Wireshark 1.4.0 Sun Solaris 11 Mandriva Linux Mandrake 2011 x86_64 Mandriva Linux Mandrake 2011 |
| Not Vulnerable: |
Wireshark Wireshark 1.6.8 Wireshark Wireshark 1.4.13 |
Discussion
Wireshark Misaligned Memory Denial of Service Vulnerability
Wireshark is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to crash the affected application, denying service to legitimate users.
Wireshark versions 1.6.0 through 1.6.7 and versions 1.4.0 through 1.4.12 are vulnerable.
Wireshark is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to crash the affected application, denying service to legitimate users.
Wireshark versions 1.6.0 through 1.6.7 and versions 1.4.0 through 1.4.12 are vulnerable.
Exploit / POC
Wireshark Misaligned Memory Denial of Service Vulnerability
Attackers can use readily available tools to exploit this issue.
A sample pcap file is available. Please see the references for information.
Attackers can use readily available tools to exploit this issue.
A sample pcap file is available. Please see the references for information.
Solution / Fix
Wireshark Misaligned Memory Denial of Service Vulnerability
Solution:
Updates are available. Please see the references for more information.
Mandriva Linux Mandrake 2011 x86_64
Mandriva Linux Mandrake 2011
Mandriva Business Server 1 X86 64
Solution:
Updates are available. Please see the references for more information.
Mandriva Linux Mandrake 2011 x86_64
-
Mandriva dumpcap-1.6.8-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64wireshark-devel-1.6.8-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64wireshark1-1.6.8-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva rawshark-1.6.8-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva tshark-1.6.8-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva wireshark-1.6.8-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva wireshark-tools-1.6.8-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/
Mandriva Linux Mandrake 2011
-
Mandriva dumpcap-1.6.8-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libwireshark-devel-1.6.8-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libwireshark1-1.6.8-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva rawshark-1.6.8-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva tshark-1.6.8-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva wireshark-1.6.8-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva wireshark-tools-1.6.8-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/
Mandriva Business Server 1 X86 64
-
Mandriva dumpcap-1.6.14-1.mbs1.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64wireshark-devel-1.6.14-1.mbs1.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64wireshark1-1.6.14-1.mbs1.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva rawshark-1.6.14-1.mbs1.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva tshark-1.6.14-1.mbs1.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva wireshark-1.6.14-1.mbs1.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva wireshark-tools-1.6.14-1.mbs1.x86_64.rpm
http://www.mandriva.com/en/downloads/
References
Wireshark Misaligned Memory Denial of Service Vulnerability
References:
References:
- Bug 7221 - Wireshark crashes with bus error on SPARC and IA64 due to insufficien (Wireshark)
- Summary Name: Wireshark memory alignment flaw (Wireshark)
- Wireshark 1.6.8 and 1.4.13 Released (Wireshark)
- Wireshark Homepage (Wireshark)
- Oracle: Multiple vulnerabilities in Wireshark (Oracle)
- Oracle: Multiple vulnerabilities in Wireshark (Oracle)