[security-alerts] FW: [SA21597] Wireshark Multiple Vulnerabilities

["Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>]

> 
> TITLE:
> Wireshark Multiple Vulnerabilities
> 
> SECUNIA ADVISORY ID:
> SA21597
> 
> VERIFY ADVISORY:
> http://secunia.com/advisories/21597/
> 
> CRITICAL:
> Highly critical
> 
> IMPACT:
> DoS, System access
> 
> WHERE:
> From remote
> 
> SOFTWARE:
> Wireshark (formerly Ethereal) 0.x
> http://secunia.com/product/1228/
> 
> DESCRIPTION:
> Some vulnerabilities have been reported in Wireshark, which can be
> exploited by malicious people to cause a DoS (Denial of Service) and
> potentially compromise a vulnerable system.
> 
> 1) An unspecified error within the SCSI protocol dissector can be
> exploited to crash the application.
> 
> 2) Off-by-one errors exist in the IPSec ESP preference parser.
> Successful exploitation requires that Wireshark has been compiled
> with ESP decryption support.
> 
> 3) Errors in the DHCP dissector and potentially other protocol
> dissectors can be exploited to crash Wireshark due to a bug in Glib.
> This only affects the Windows version.
> 
> 4) An error within the Q.2391 dissector can be exploited to cause a
> DoS due to memory consumption.
> 
> Successful exploitation of the vulnerabilities may cause Wireshark to
> stop responding, consume large amounts of system memory, crash, or
> execute arbitrary code.
> 
> SOLUTION:
> Update to version 0.99.3.
> 
> PROVIDED AND/OR DISCOVERED BY:
> Reported by the vendor.
> 
> ORIGINAL ADVISORY:
> http://www.wireshark.org/security/wnpa-sec-2006-02.html
>