Wireshark DOCSIS Dissector Denial of Service Vulnerability

2010-05-06T00:00:00
ID SSV:19561
Type seebug
Reporter Root
Modified 2010-05-06T00:00:00

Description

No description provided by source.

                                        
                                            
                                                A vulnerability has been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the DOCSIS (Data Over Cable Service Interface Specifications) dissector and can be exploited to e.g. cause a crash via specially crafted DOCSIS traffic.

The vulnerability is reported in 0.9.6 through 1.0.12 and version 1.2.0 through 1.2.7.

Solution
Update to version 1.0.13 or 1.2.8.

Provided and/or discovered by
Reported by the vendor.

Original Advisory
http://www.wireshark.org/security/wnpa-sec-2010-03.html
http://www.wireshark.org/security/wnpa-sec-2010-04.html