U radu programskog paketa Wireshark otkrivene su dvije ranjivosti koje udaljeni napadači mogu iskoristiti za napad uskraćivanjem usluga (DoS napad). Prva ranjivost je otkrivena u funkciji "dissect_ber_unknown" u datoteci "epan/dissectors/packet-ber.c", a druga ranjivost se javlja zbog preljeva međuspremnika u funkciji "dissect_ldss_transfer" u "epan/dissectors/packet-ldss.c". Za napad je potrebno podmetnuti posebno oblikovani ASN.1/BER, odnosno LDSS paket. Korisnicima se savjetuje korištenje najnovije inačice.
Oracle Solaris Express Wireshark Buffer Overflow and Denial of Service
VUPEN ID VUPEN/ADV-2011-0404
CVE ID CVE-2010-3445
CWE ID Available in VUPEN VNS Customer Area
CVSS V2 Available in VUPEN VNS Customer Area
Rated as Moderate Risk
Impact Available in VUPEN VNS Customer Area
Authentication Level Available in VUPEN VNS Customer Area
Access Vector Available in VUPEN VNS Customer Area
Release Date 2011-02-16
Share Twitter LinkedIn Facebook Delicious Digg Slashdot
Technical Description
Two vulnerabilities have been identified in Oracle Solaris Express, which could be exploited by remote attackers to cause a denial of service or compromise a vulnerable system. These issues are caused by errors in Wireshark. For additional information, see : VUPEN/ADV-2010-3038 - VUPEN/ADV-2010-2613
Affected Products
Oracle Solaris 11 Express
Solution
Upgrade to snv_151a and apply bug fixes 6993610 and 7001836.
References
http://www.vupen.com/english/advisories/2011/0404
http://blogs.sun.com/security/entry/resource_management_errors_vulnerability_in
http://blogs.sun.com/security/entry/buffer_overflow_vulnerability_in_wireshark
Changelog
2011-02-16 : Initial release
Posljednje sigurnosne preporuke