Wireshark Close DoS Holes

Thursday, May 24, 2012 @ 02:05 PM gHale


Cleaner, more secure versions 1.6.8 and 1.4.13 of the open source Wireshark network protocol analyzer are ready to go.

The maintenance and security updates to the cross-platform tool address three vulnerabilities an attacker could exploit to cause a denial-of-service (DoS).

RELATED STORIES
HULK Takes Down Web Server
DoS Flaw in Bitcoin
Botnet Rises and Falls Again
Microsoft Seizes Zeus Servers

These include a memory allocation flaw in the DIAMETER dissector, infinite and large loops in eight other dissectors, and a memory alignment flaw when running on SPARC or Itanium processors.

For an attack to be successful, an attacker must inject a malformed packet onto the wire or convince a victim to read a malformed packet trace file.

Versions 1.4.0 to 1.4.12 and 1.6.0 to 1.6.7 suffer from the issue; upgrading to 1.4.13 or 1.6.8 corrects these problems.

A full list of changes and bug fixes in the updates are in the 1.4.13 and 1.6.8 release notes. Wireshark 1.4.13 and 1.6.8 are available to download from the project’s site and its license is from the GPLv2



Leave a Reply

You must be logged in to post a comment.