HOME > ADVISORIES


   ADVISORIES

CERT-In Advisory CIAD-2006-39
Multiple vulnerabilities in Wireshark (Ethereal®)

Original issue date: November 06, 2006

Severity Rating: Medium

Systems Affected

Wireshark (Ethereal®) versions prior to 0.99.4

Overview

Multiple vulnerabilities have been reported in Wireshark (Ethereal) while reading malformed packet off the network which could be exploited by remote attackers to cause a denial of service on the affected system.

Description

1. Off-by-one error in the MIME Multipart dissector ( CVE-2006-4574 )

An Off-by-one error vulnerability has been reported in the MIME Multipart dissector in Wireshark. The vulnerability could allow remote attackers to cause a denial of service on the affected system.

2. Unspecified Vulnerability in the WBXML dissector ( CVE-2006-5469 )

Unspecified vulnerability has been reported in the WBXML dissector in Wireshark The vulnerability could allow remote attackers to cause a denial of service on the affected system.

3. Vulnerability in XOT dissector in Wireshark ( CVE-2006-4805 )

A vulnerability has been reported in epan/dissectors/packet-xot.c in the XOT dissector in Wireshark which could allow remote attackers to cause a denial of service via an encoded XOT packet that produces a zero length value when it is decoded.

4. Unspecified vulnerability in the LDAP dissector ( CVE-2006-5740 )

Unspecified vulnerability has been reported in the LDAP dissector in Wireshark which could allow remote attackers to cause denial of service attack on the affected system.

5. Unspecified vulnerability in the HTTP dissector ( CVE-2006-5468 )

Unspecified vulnerability has been reported in the HTTP dissector in Wireshark which could allow remote attackers to cause denial of service attack on the affected system.

Workaround

Disable the HTTP, LDAP, XOT, WBXML, and MIME multipart dissectors.

Solution

Upgrade to version 0.99.4.
http://www.wireshark.org/


References

Wireshark
http://www.wireshark.org/security/wnpa-sec-2006-03.html

SecurityFocus
http://www.securityfocus.com/bid/20762/info

Secunia
http://secunia.com/advisories/22590

CVE Name

CVE-2006-4574
CVE-2006-5469
CVE-2006-4805
CVE-2006-5740
CVE-2006-5468

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information


Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003