First published: Tue Nov 01 2011(Updated: )
A flaw in the Infiniband dissector could cause Wireshark 1.4.0 through 1.4.9 and 1.6.0 through 1.6.3 to crash by dereferencing a NULL pointer by reading a malformed packet trace file or if someone were to inject a malformed packet onto the wire. This is corrected in wireshark 1.6.3 References: <a href="https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6476">https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6476</a> <a href="http://anonsvn.wireshark.org/viewvc?view=revision&revision=39500">http://anonsvn.wireshark.org/viewvc?view=revision&revision=39500</a> External References: <a href="http://www.wireshark.org/security/wnpa-sec-2011-18.html">http://www.wireshark.org/security/wnpa-sec-2011-18.html</a>
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Wireshark Wireshark | =1.4.7 | |
Wireshark Wireshark | =1.4.2 | |
Wireshark Wireshark | =1.4.0 | |
Wireshark Wireshark | =1.4.5 | |
Wireshark Wireshark | =1.4.4 | |
Wireshark Wireshark | =1.4.9 | |
Wireshark Wireshark | =1.4.6 | |
Wireshark Wireshark | =1.4.3 | |
Wireshark Wireshark | =1.4.1 | |
Wireshark Wireshark | =1.4.8 | |
Wireshark Wireshark | =1.6.0 | |
Wireshark Wireshark | =1.6.1 | |
Wireshark Wireshark | =1.6.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.