Thread-topic: [SA27777] Wireshark Multiple Denial of Service Vulnerabilities
> ----------------------------------------------------------------------
>
> TITLE:
> Wireshark Multiple Denial of Service Vulnerabilities
>
> SECUNIA ADVISORY ID:
> SA27777
>
> VERIFY ADVISORY:
> http://secunia.com/advisories/27777/
>
> CRITICAL:
> Moderately critical
>
> IMPACT:
> DoS
>
> WHERE:
> From remote
>
> REVISION:
> 1.1 originally posted 2007-11-22
>
> SOFTWARE:
> Wireshark (formerly Ethereal) 0.x
> http://secunia.com/product/1228/
>
> DESCRIPTION:
> Some vulnerabilities have been reported in Wireshark, which can be
> exploited by malicious people to cause a DoS (Denial of Service).
>
> The vulnerabilities are caused due to various errors (e.g. large
> loops with extreme memory consumption, endless loops, crashes, and
> buffer overflows) within the following:
> * SSL, ANSI MAP, Firebird/Interbase, NCP, HTTP, MEGACO, DCP ETSI,
> PPP, and Bluetooth SDP dissectors
> * when processing a malformed MP3 or iSeries (OS/400) Communication
> trace file
> * when processing a malformed DNP or RPC Portmap packet
>
> These can be exploited to crash Wireshark or consume large amounts of
> system resources by e.g. parsing a specially crafted packet that is
> either captured off the wire or loaded via a capture file.
>
> The vulnerabilities are reported in various versions from 0.8.16
> through 0.99.6. Other versions may also be affected.
>
> SOLUTION:
> The vulnerabilities are fixed in the upcoming version 0.99.7.
>
> PROVIDED AND/OR DISCOVERED BY:
> Stefan Esser (SSL dissector)
> Beyond Security (DNP packet)
> Fabiodds (iSeries (OS/400) Communication trace file)
> Peter Leeming (ANSI MAP)
> Steve (Firebird/Interbase)
> ainsley (RPC Portmap)
>
> ORIGINAL ADVISORY:
> http://www.wireshark.org/security/wnpa-sec-2007-03.html
>