Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:26748
HistoryAug 01, 2011 - 12:00 a.m.

Wireshark 1.6.1 Malformed IKE Packet Denial of Service

2011-08-0100:00:00
vulners.com
9
JSON

Wireshark 1.6.1 Malformed IKE Packet Denial of Service

I. Summary

A flaw has been identified in Wireshark 1.6.1 concerning IKEv1 protocol dissector and the
function proto_tree_add_item() ,when add more than 1000000 items to a proto_tree,that will
cause a denial of service (denial of service and memory rising ).

II. Description

Wireshark use the function proto_tree_add_item() to add an item to a proto_tree.When we use
filter expression 'isakmp' to look up a malformed IKE packet (Next Payload = DELETE (12),
Exchange Type = Information (5) with no actual payload data) and click on the resultant list
entry,wireshark will run in the function TRY_TO_FAKE_THIS_ITEM(tree, hfindex, hfinfo),there are
more than 1000000 items in the tree, this will cause an infinite loop,then cause denial of
service and memory rising.

III. Impact

Denial of service

IV. Affected

Wireshark 1.6.1, tested with Windows XP SP2. Previous versions may also be affected due to
code reuse.

V. Solution

There is no known workaround at this time.

VI. Credit

The penetration test team Of NCNIPC (China) is credited for this vulnerability.

JSON