http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2216
Summary: Wireshark hangs with malformed SSL Client Hello
Product: Wireshark
Version: 0.99.5
Platform: PC
OS/Version: Windows XP
Status: NEW
Severity: Normal
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: olof.johansson@xxxxxxxxxxxxxx
Build Information:
Version 0.99.5 (SVN Rev 20677)
Copyright 1998-2007 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.10.7, with GLib 2.12.7, with WinPcap (version unknown),
with libz 1.2.3, with libpcre 6.4, with Net-SNMP 5.4, with ADNS, with Lua 5.1,
with GnuTLS 1.6.1, with Gcrypt 1.2.3, with MIT Kerberos, with PortAudio
PortAudio V19-devel, with AirPcap.
Running on Windows XP Service Pack 2, build 2600, with WinPcap version 4.0
(packet.dll version 4.0.0.755), based on libpcap version 0.9.5, with AirPcap
2.1.0 build 815.
Built using Microsoft Visual C++ 6.0 build 8804
Wireshark is Open Source Software released under the GNU General Public
License.
Check the man page and http://www.wireshark.org for more information.
--
In the ClientHello packet (SSL):
If the ciphersuitelength is set to 1 and the following array contains 1 post.
Wireshark will hang and consume all processor power.
A ciphersuites length of 1 is illegal, afaik it must be at least 2 and never
uneven due to the nature of the protocol.
If it matters. The SSL packet is encapsulated in a PEAP frame, a EAP frame, a
802.11X frame.
Example ethernet frame:
00141B610AA00012F305CC2A888E0100003C0203003C198000000032160301002D01000029030100000000722E1C0CEE3891E61AF666F5716BF1ABCA9ABC198A62047F77E56F71000001000A0100
Thank you for an excellent product.
--
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
