Added: 11/25/2011
CVE: CVE-2011-3360
BID: 49528
OSVDB: 75347
Wireshark is a network packet analyzer.
A vulnerability in Wireshark allows execution of arbitrary Lua scripts placed in untrusted directories which are included in Wireshark’s search path.
Upgrade to Wireshark 1.4.9 or 1.6.2 or higher.
<http://www.wireshark.org/security/wnpa-sec-2011-15.html>
Exploit works on Wireshark 1.6.0 and requires a user to open the PCAP file on the specified network share.
The smbclient program must be available on the SAINTexploit host.
Windows