BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to the Zeroday Tracker: Your Vulnerability Watchlist

Get critical updates on the latest zeroday threats, including impact, mitigation and protection information - only from BeyondTrust.

Wireshark ENTTEC Dissector Buffer Overflow

Disclosed December 31, 2010    Fully Patched

Vulnerability Description:

Wireshark contains a buffer overflow vulnerability within the ENTTEC dissector when processing malformed packets captured from the wire and when loaded from a capture file. Successful exploitation could allow an attacker to cause a denial of service condition (i.e. application crash, resource consumption) or execute arbitrary code.

Vendors:

Wireshark Foundation

Vulnerable Software/Devices:

Wireshark 1.x

Vulnerability Severity:

High

Exploit Availability:

N/A

BeyondTrust Prevention and Detection:

  • BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
    • 13939 - Wireshark Multiple Vulnerabilities (20110111) - Windows
    • 13940 - Wireshark Multiple Vulnerabilities (20110111) - UNIX/Linux

Mitigation:

Update Wireshark to 1.2.14, 1.4.3, or newest version.

Links:

CVE(s):

None