Monday, October 18, 2010

wireshark: stack overflow vulnerability

Users of wireshark please be advised of a stack overflow vulnerability that has been identified.

To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Amplify’d from www.criticalwatch.com
MDVSA-2010:200: [MDVSA-2010:200] wireshark stack overflow
Problem Description:



It was discovered that the ASN.1 BER dissector in wireshark was

susceptible to a stack overflow (CVE-2010-3445).



For 2010.0 and 2010.1 wireshark was upgraded to v1.2.12 which is not

vulnerable to this issue and was patched for CS4 and MES5 to resolve

the vulnerability.
Read more at www.criticalwatch.com
 

No comments:

Post a Comment