Wireshark 'call_dissector()' NULL Pointer Dereference Denial Of Service

2012-04-19 09:15:04

Source: http://www.securityfocus.com/bid/52735/info

Wireshark is prone to a remote denial-of-service vulnerability caused by a NULL-pointer-dereference error.

An attacker can exploit this issue to crash the application, resulting in a denial-of-service condition.

The following Wireshark versions are vulnerable:

1.4.0 through 1.4.11
1.6.0 through 1.6.5

PoC: http://www.exploit-db.com/sploits/18758.pcap

Fixes

No fixes

In order to submit a new fix you need to be registered.