|
|
|
|
| |
Credit:
The information has been provided by Wireshark Security Team.
The original article can be found at: http://www.wireshark.org/security/wnpa-sec-2006-02.html
|
| |
Vulnerable Systems:
* Wirehark version 0.99.2
Immune Systems:
* Wirehark version 0.99.3
Impact:
It may be possible to make Wireshark or Ethereal crash, use up available memory, or run arbitrary code by injecting a purposefully malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
Resolution:
Upgrade to Wireshark 0.99.3.
If are running Wireshark 0.99.2 or Ethereal 0.99.0 or earlier and cannot upgrade, you can work around each of the problems listed above by doing the following:
* Disable the SCSI and Q.2931 dissectors. If you're running Wireshark under Windows, disable the DHCP dissector.
o Select Analyze Enabled Protocols... from the menu.
o Make sure "SCSI", "Q.2931", and "BOOTP/DHCP" (if needed) are un-checked.
o Click "Save", then click "OK".
* If your copy of Wireshark has ESP decryption compiled in, make sure it's disabled.
o Select Edit Preferences, then Protocols ESP from the menu.
o Make sure "Attempt to detect/decode encrypted ESP payloads" is un-checked.
|
|
|
|
|
