NWP Dissector In Wireshark Dissector/Parser Bugs Let Remote Users Deny Service Vulnerabilities
16 Mar. 2016
Summary
The dissect_nwp function in epan/dissectors/packet-nwp.c in the NWP dissector in Wireshark 2.0.x before 2.0.1 mishandles the packet type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Vulnerable Systems:
* Wireshark 2.0.x before 2.0.1
Immune Systems:
* Wireshark 2.0.x after 2.0.1
Multiple vulnerabilities were reported in Wireshark. A remote user can cause the target dissector to crash or enter an infinite loop.A remote user can send specially crafted data to cause the target dissector or parser to crash.