CERT-MU Vulnerability Note VN-2009-29
Multiple Denial of Service Vulnerabilities in Wireshark Network Protocol Analyzer
Original Issue Date: November 12, 2009
Severity Rating: Medium
Affected Softwares
- Wireshark versions 0.10.10 through 1.2.2
Overview
Multiple vulnerabilities have been reported in Wireshark network Protocol Analyzer which could be exploited by attackers to cause a denial of service condition on the systems installed with affected version of application.
Description
A remote attacker could exploit the vulnerability which exists because of an error in TimesTenD component by flooding TCP ports 16200 or 22794 with completed connections. This could cause the TimesTenD process to stop and then restart, resulting in a DoS condition
Solution
Upgrade to Wireshark version 1.2.3 or 1.0.10:
http://www.wireshark.org/download.html
Vendor Information
Wireshark
http://www.wireshark.org/security/wnpa-sec-2009-08.html
http://www.wireshark.org/security/wnpa-sec-2009-07.html
CVE Name
CVE-2009-2560
CVE-2009-3549
CVE-2009-3550
CVE-2009-3551
References
SecurityFocus
http://www.securityfocus.com/bid/36846
Secunia
http://secunia.com/advisories/37175
VUPEN Security
http://www.vupen.com/english/advisories/2009/3061
SecurityTracker
http://www.securitytracker.com/alerts/2009/Oct/1023111.html
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
|
