September 28, 2016

New version of Wireshark fixes vulnerabilities in the PPP and NFS dissectors

(LiveHacking.Com) – Versions 1.6.9 and 1.8.1 of Wireshark, the open source network protocol analyzer, have been released to address two vulnerabilities that could be exploited by a remote attacker to cause a denial of service (DoS).

The first problem is a crash in the PPP dissector. It is possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Versions affected are 1.4.0 to 1.4.13, 1.6.0 to 1.6.8, 1.8.0.

The other vulnerability in the NFS dissector can cause excessive amounts of CPU. It is possible to provoke the condition by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Versions affected are 1.4.0 to 1.4.13, 1.6.0 to 1.6.8, 1.8.0.

Upgrading to 1.6.9 or 1.8.1 fixes both problems. More information (including a full list of known issues and changes) can be found in the 1.6.9 and 1.8.1 release notes. Wireshark 1.6.9 and 1.8.1 are available to download  for Windows, Mac OS X 10.5.5 and above (Intel and PPC). The source code is also available.

Share and Enjoy:
  • Print
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks