CVE-2010-1455: Input Validation

First published: Tue May 11 2010(Updated: )

The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Wireshark Wireshark	=0.99.8
Ethereal Group Ethereal	=0.9.6
Wireshark Wireshark	=0.99.3
Wireshark Wireshark	=0.99.0
Wireshark Wireshark	=1.0.9
Wireshark Wireshark	=1.0.1
Ethereal Group Ethereal	=0.99.0
Ethereal Group Ethereal	=0.9.8
Wireshark Wireshark	=0.9.6
Wireshark Wireshark	=0.99.6
Wireshark Wireshark	=1.0.2
Wireshark Wireshark	=0.99.2
Wireshark Wireshark	=0.99.1
Wireshark Wireshark	=1.0.4
Wireshark Wireshark	=1.0.3
Wireshark Wireshark	=1.0.6
Wireshark Wireshark	=1.0.10
Wireshark Wireshark	=1.0.12
Wireshark Wireshark	=1.0.8
Wireshark Wireshark	=1.0.5
Wireshark Wireshark	=0.99.5
Ethereal Group Ethereal	=0.9.7
Wireshark Wireshark	=0.99.4
Wireshark Wireshark	=1.0.0
Wireshark Wireshark	=1.0.11
Wireshark Wireshark	=0.99.7
Wireshark Wireshark	=1.0.7
Wireshark Wireshark	=1.2.7
Wireshark Wireshark	=1.2.6
Wireshark Wireshark	=1.2.0
Wireshark Wireshark	=1.2.3
Wireshark Wireshark	=1.2.5
Wireshark Wireshark	=1.2.1
Wireshark Wireshark	=1.2.4
Wireshark Wireshark	=1.2.2

Remedy

http://www.vupen.com/english/advisories/2010/1081

Never miss a vulnerability like this again

Reference Links

collector/nvd-historical
collector/nvd-index
agent/weakness
agent/references
agent/severity
agent/author
agent/description
agent/type
agent/event
agent/last-modified-date
agent/remedy
agent/softwarecombine
agent/first-publish-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/wireshark
canonical/wireshark wireshark
version/wireshark wireshark/0.99.8
vendor/ethereal group
canonical/ethereal group ethereal
version/ethereal group ethereal/0.9.6
version/wireshark wireshark/0.99.3
version/wireshark wireshark/0.99.0
version/wireshark wireshark/1.0.9
version/wireshark wireshark/1.0.1
version/ethereal group ethereal/0.99.0
version/ethereal group ethereal/0.9.8
version/wireshark wireshark/0.9.6
version/wireshark wireshark/0.99.6
version/wireshark wireshark/1.0.2
version/wireshark wireshark/0.99.2
version/wireshark wireshark/0.99.1
version/wireshark wireshark/1.0.4
version/wireshark wireshark/1.0.3
version/wireshark wireshark/1.0.6
version/wireshark wireshark/1.0.10
version/wireshark wireshark/1.0.12
version/wireshark wireshark/1.0.8
version/wireshark wireshark/1.0.5
version/wireshark wireshark/0.99.5
version/ethereal group ethereal/0.9.7
version/wireshark wireshark/0.99.4
version/wireshark wireshark/1.0.0
version/wireshark wireshark/1.0.11
version/wireshark wireshark/0.99.7
version/wireshark wireshark/1.0.7
version/wireshark wireshark/1.2.7
version/wireshark wireshark/1.2.6
version/wireshark wireshark/1.2.0
version/wireshark wireshark/1.2.3
version/wireshark wireshark/1.2.5
version/wireshark wireshark/1.2.1
version/wireshark wireshark/1.2.4
version/wireshark wireshark/1.2.2

CVE-2010-1455: Input Validation

Remedy

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact