First published: Thu Feb 17 2011(Updated: )
A heap-based buffer overflow was found in the way Wireshark processes signalling traces generated by Gammu (www.gammu.org) from Nokia DCT3 phones in Netmonitor mode. An attacker could use this flaw to cause wireshark executable to crash or, potentially, execute arbitrary code with the privileges of the user running wireshark, if the local user opened a specially-crafted capture file. The following upstream commit fixes this issue: <a href="http://anonsvn.wireshark.org/viewvc?view=rev&revision=35953">http://anonsvn.wireshark.org/viewvc?view=rev&revision=35953</a>
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Wireshark Wireshark | =1.4.2 | |
Wireshark Wireshark | =1.2.7 | |
Wireshark Wireshark | =1.4.0 | |
Wireshark Wireshark | =1.2.11 | |
Wireshark Wireshark | =1.2.10 | |
Wireshark Wireshark | =1.2.6 | |
Wireshark Wireshark | =1.2.8 | |
Wireshark Wireshark | =1.2.0 | |
Wireshark Wireshark | =1.2.14 | |
Wireshark Wireshark | =1.2.3 | |
Wireshark Wireshark | =1.2.12 | |
Wireshark Wireshark | =1.2.13 | |
Wireshark Wireshark | =1.2.5 | |
Wireshark Wireshark | =1.2.1 | |
Wireshark Wireshark | =1.2.4 | |
Wireshark Wireshark | =1.4.3 | |
Wireshark Wireshark | =1.2.9 | |
Wireshark Wireshark | =1.2.2 | |
Wireshark Wireshark | =1.4.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.