In association with heise online

25 July 2012, 15:11

Wireshark updates fix DoS vulnerabilities

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Wireshark logo The developers at the Wireshark project have released versions 1.6.9 and 1.8.1 to close important security holes in their open source network protocol analyser. The updates to the cross-platform tool address two vulnerabilities that could be exploited by remote attackers to cause a denial of service (DoS).

The vulnerabilities are a problem in the Point-to-Point Protocol (PPP) dissector that leads to a crash and a bug in the Network File System (NFS) dissector that could result in excessive consumption of CPU resources; to take advantage of the holes, an attacker must inject a malformed packet onto the wire or convince a victim to read a malformed packet trace file. Versions 1.4.0 to 1.4.13, 1.6.0 to 1.6.8 and 1.8.0 are affected; upgrading to the new 1.6.9 and 1.8.1 releases fixes the problems. According to the project's security advisories, version 1.4.14 should correct these issues on the 1.4.x branch of Wireshark. However, at the time of writing, Wireshark 1.4.14 is not available on the site and release notes for that version have yet to be published.

More details about these updates, including a full list of known issues and changes, can be found in the 1.6.9 and 1.8.1 release notes. Wireshark 1.6.9 and 1.8.1 are available to download from the project's site and are licensed under the GPLv2.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit