wnpa-sec-2023-29 · NetScreen file parser crash
Summary
Name: NetScreen file parser crash
Docid: wnpa-sec-2023-29
Date: November 15, 2023
Affected versions: 4.0.0 to 4.0.x, 3.6.0 to 3.6.x
Fixed versions: 4.0.x, 3.6.x
References:
Wireshark issue 19404.
Details
Description
The NetScreen file parser could crash. Discovered by Anonymous working with Trend Micro Zero Day Initiative
Impact
It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
Resolution
Upgrade to Wireshark 4.0.x, 3.6.x or later.