Wireshark Multiple Flaws Let Remote Users Deny Service
Wireshark Version(s): 1.2.0 to 1.2.16, 1.4.0 to 1.4.6
Multiple vulnerabilities were reported in Wireshark. A remote user can cause denial of service conditions.
A remote user can send specially crafted DICOM data, Visual Networks file, compressed capture data, snoop file, or Diameter dictionary file to cause the target service to crash or enter an infinite loop.
Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
1. Large/infinite loop in the DICOM dissector. (Bug 5876)
2. Red Hat Security Response Team discovered that a corrupted Diameter dictionary file could crash Wireshark.
3. Red Hat Security Response Team discovered that a corrupted snoop file could crash Wireshark. (Bug 5912)
4. Malformed compressed capture data could crash Wireshark. (Bug 5908)
5. Red Hat Security Response Team discovered that a corrupted Visual Networks file could crash Wireshark. (Bug 5934)
A vulnerabilities can make Wireshark crash by injecting a series of malformed packets onto the wire or by convincing someone to read a malformed packet trace file.
Upgrade to Wireshark 1.2.17 or later. Due to the nature of these bugs Wireshark do not recommend trying to work around the problem by disabling individual dissectors.