wnpa-sec-2011-09 · Lucent/Ascend file parser vulnerability in Wireshark

Summary

Name: Lucent/Ascend file parser vulnerability in Wireshark

Docid: wnpa-sec-2011-09

Date: May 31, 2011

Affected versions: {{ start_version }} up to and including {{ end_version }}

Fixed versions: 1.2.18

Related: wnpa-sec-2011-11 (Lucent/Ascend file parser vulnerability in Wireshark version 1.6.0) wnpa-sec-2011-10 (Lucent/Ascend file parser vulnerability in Wireshark version 1.4.0 to 1.4.7)

Details

Description

Wireshark 1.2.18 fixes the following vulnerability:

  • The Lucent/Ascend file parser was susceptible to an infinite loop.
    Versions affected: 1.2.0 to 1.2.17, 1.4.0 to 1.4.7, and 1.6.0.
    CVE-2011-2597

Impact

It may be possible to make Wireshark crash by injecting a series of malformed packets onto the wire or by convincing someone to read a malformed packet trace file.

Resolution

Upgrade to Wireshark 1.2.18 or later. It is not possible to work around this bug.