Computer Security

Wireshark sniffer multiple security vulnerabilities
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Wireshark sniffer multiple security vulnerabilities
Published:20.01.2010
Source:BUGTRAQ
SecurityVulns ID:10538
Type:remote
Level:5/10
Description:DoS via SMB and SMB2 packets, buffer overflow on Daintree SNA files parsing.
Affected:WIRESHARK : Wireshark 1.2
CVE:CVE-2009-4377 (The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap.)
 CVE-2009-4376 (Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet.)
Original documentdocumentMANDRIVA, [ MDVSA-2010:016 ] wireshark (20.01.2010)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server