English
Russian
Japanese
LatAm
Türkiye
Brasil
France
Český
Deutschland
KLA10961
Denial of service vulnerability in Wireshark
Updated: 06/03/2020
|
Detect date
?
|
02/17/2017 |
|
Severity
?
|
Critical |
|
Description
|
An infinite loop and memory exhaustion vulnerability was found in Wireshark versions 2.2.4 and earlier. By exploiting this vulnerability malicious users can possibly cause a denial of service. This vulnerability can be exploited remotely via a specially designed or malformed STANAG 4607 capture. Technical details The issue is related to a packet with null field of the packet size in the packet header. In this case, the offset to read from will not advance. Contininuous attempts to read the same zero-length packet will soon exhaust all system memory. |
|
Affected products
|
Wireshark 2.0.0 to 2.0.10 |
|
Solution
|
Update to the latest version |
|
Original advisories
|
|
|
Impacts
?
|
DoS [?] |
|
Related products
|
Wireshark |
|
CVE-IDS
?
|
|
| Find out the statistics of the vulnerabilities spreading in your region |