Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

wnpa-sec-2011-09 · Lucent/Ascend file parser vulnerability in Wireshark

Summary

Name: Lucent/Ascend file parser vulnerability in Wireshark

Docid: wnpa-sec-2011-09

Date: May 31, 2011

Affected versions: 1.2.0 up to and including 1.2.17

Fixed versions: 1.2.18

Details

Description

Wireshark 1.2.18 fixes the following vulnerability:

  • The Lucent/Ascend file parser was susceptible to an infinite loop.
    Versions affected: 1.2.0 to 1.2.17, 1.4.0 to 1.4.7, and 1.6.0.
    CVE-2011-2597

Impact

It may be possible to make Wireshark crash by injecting a series of malformed packets onto the wire or by convincing someone to read a malformed packet trace file.

Resolution

Upgrade to Wireshark 1.2.18 or later. It is not possible to work around this bug.