wnpa-sec-2012-01 · Multiple Wireshark file parser vulnerabilities
Summary
Name: Multiple Wireshark file parser vulnerabilities
Docid: wnpa-sec-2012-01
Date: January 10, 2012
Affected versions: 1.4.0 to 1.4.10, 1.6.0 to 1.6.4
Fixed versions: 1.4.11, 1.6.5
References:
Wireshark bug 6663,
Wireshark bug 6666,
Wireshark bug 6667,
Wireshark bug 6668,
Wireshark bug 6669,
Wireshark bug 6670
Details
Description
Laurent Butti discovered that Wireshark failed to properly check record sizes for many packet capture file formats.
Impact
It may be possible to make Wireshark crash by convincing someone to read a malformed packet trace file.
Resolution
Upgrade to Wireshark 1.4.11, 1.6.5 or later.