Wireshark console.lua pre-loading vulnerability

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

openSUSE Security Update : wireshark (openSUSE-SU-2011:1142-1)

This update of wireshark fixes the following vulnerabilities : - CVE-2011-3266: Wireshark IKE dissector vulnerability - CVE-2011-3360: Wireshark Lua script execution vulnerability - CVE-2011-3483: Wireshark buffer exception handling vulnerability - CVE-2011-2597: Lucent/Ascend file parser...

openSUSE Security Update : wireshark (openSUSE-SU-2011:1142-1)

This update of wireshark fixes the following vulnerabilities : - CVE-2011-3266: Wireshark IKE dissector vulnerability - CVE-2011-3360: Wireshark Lua script execution vulnerability - CVE-2011-3483: Wireshark buffer exception handling vulnerability - CVE-2011-2597: Lucent/Ascend file parser...

Mandriva Linux Security Advisory : wireshark (MDVSA-2011:138)

This advisory updates wireshark to the latest version 1.6.2, fixing several security issues : The prototreeadditem function in Wireshark 1.6.1, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service infinite loop via vectors involving a...

Wireshark Code Execution and Denial of Service Vulnerabilities - Mac OS X

Wireshark is prone to code execution and denial of service vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Wireshark Insecure Search Path Script Execution (CVE-2011-3360)

A script execution vulnerability has been reported in Wireshark...

SuSE 10 Security Update : wireshark (ZYPP Patch Number 7796)

This update of wireshark fixes the following vulnerabilities : - Wireshark IKE dissector vulnerability. CVE-2011-3266 - Wireshark Lua script execution vulnerability. CVE-2011-3360 - Wireshark buffer exception handling vulnerability. CVE-2011-3483 - Lucent/Ascend file parser susceptible to infinit...

Wireshark console.lua Pre-Loading Script Execution

This module exploits a vulnerability in Wireshark 1.6 or less. When opening a pcap file, Wireshark will actually check if there's a 'console.lua' file in the same directory, and then parse/execute the script if found. Versions affected by this vulnerability: 1.6.0 to 1.6.1, 1.4.0 to 1.4.8 This...

Wireshark - console.lua pre-loading (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Wireshark...

SuSE 10 Security Update : wireshark (ZYPP Patch Number 7795)

This update of wireshark fixes the following vulnerabilities : - Wireshark IKE dissector vulnerability. CVE-2011-3266 - Wireshark Lua script execution vulnerability. CVE-2011-3360 - Wireshark buffer exception handling vulnerability. CVE-2011-3483 - Lucent/Ascend file parser susceptible to infinit...

[SECURITY] [DSA 2324-1] wireshark security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2324-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 20, 2011 http://www.debian.org/security/faq -...

Wireshark Lua Script File Arbitrary Code Execution Vulnerability - Windows

Wireshark is prone to a code execution vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark";...

[ MDVSA-2011:138 ] wireshark

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:138 http://www.mandriva.com/security/ Package : wireshark Date : September 28, 2011 Affected: 2011. Problem Description: This advisory updates wireshark to the latest version 1.6.2, fixing several security...

CVE-2011-3360

Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory...

DSquare Exploit Pack: D2SEC_WIRESHARK

Name| d2secwireshark ---|--- CVE| CVE-2011-3360 Exploit Pack| D2ExploitPack Description| d2secwireshark Notes|...

CVE-2011-3360

Wireshark flats: CVE-2011-3360 affects Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2. Root cause is insecure load/search path handling that can cause execution of an untrusted Lua script (Trojan horse) from an unspecified directory, enabling local privilege escalation. Public advisories con...