Ethereal.iSNS.Zero.Length.Crash
Description
It indicates a possible exploit of an Integer Overflow vulnerability in the iSNS dissector for Ethereal/Wireshark.
A remote attacker could cause Ethereal to crash via a specially crafted packet.
Affected Products
Ethereal 0.10.3 - 0.10.4
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Upgrade to the latest version of Ethereal (now known as Wireshark):
https://www.wireshark.org/download.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-11 | 16.978 |