Wireshark 'call_dissector()' NULL Pointer Dereference Denial Of Service
| EKU-ID: 1955 | CVE: 2012-1593 | OSVDB-ID: |
| Author: Wireshark | Published: 2012-04-20 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 1955 | CVE: 2012-1593 | OSVDB-ID: |
| Author: Wireshark | Published: 2012-04-20 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
Source: http://www.securityfocus.com/bid/52735/info
Wireshark is prone to a remote denial-of-service vulnerability caused by a NULL-pointer-dereference error.
An attacker can exploit this issue to crash the application, resulting in a denial-of-service condition.
The following Wireshark versions are vulnerable:
1.4.0 through 1.4.11
1.6.0 through 1.6.5
PoC: http://www.exploit-db.com/sploits/18758.pcap