漏洞起因
边界条件错误
危险等级
低
影响系统
Wireshark Wireshark 1.2.5
Wireshark Wireshark 1.2.4
Wireshark Wireshark 1.2.3
Wireshark Wireshark 1.2.2
Wireshark Wireshark 1.2.1
Wireshark Wireshark 1.2
Wireshark Wireshark 1.0.10
Wireshark Wireshark 1.0.9
Wireshark Wireshark 1.0.8
Wireshark Wireshark 1.0.7
Wireshark Wireshark 1.0.6
Wireshark Wireshark 1.0.5
Wireshark Wireshark 1.0.4
Wireshark Wireshark 1.0.3
Wireshark Wireshark 1.0.2
Wireshark Wireshark 1.0.1
Wireshark Wireshark 1.0
Ethereal Group Ethereal 0.99
Ethereal Group Ethereal 0.10.14
Ethereal Group Ethereal 0.10.13
Ethereal Group Ethereal 0.10.12
Ethereal Group Ethereal 0.10.11
Ethereal Group Ethereal 0.10.10
Ethereal Group Ethereal 0.10.9
+ Gentoo Linux
Ethereal Group Ethereal 0.10.8
Ethereal Group Ethereal 0.10.7
Ethereal Group Ethereal 0.10.6
+ MandrakeSoft Linux Mandrake 10.1 x86_64
+ MandrakeSoft Linux Mandrake 10.1
Ethereal Group Ethereal 0.10.5
Ethereal Group Ethereal 0.10.4
Ethereal Group Ethereal 0.10.3
+ MandrakeSoft Linux Mandrake 10.0 AMD64
+ MandrakeSoft Linux Mandrake 10.0
+ RedHat Fedora Core2
+ RedHat Fedora Core1
+ S.u.S.E. Linux Personal 9.2
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.0
Ethereal Group Ethereal 0.10.2
Ethereal Group Ethereal 0.10.1
Ethereal Group Ethereal 0.10 .10
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
+ MandrakeSoft Linux Mandrake 10.2 x86_64
+ MandrakeSoft Linux Mandrake 10.2
+ MandrakeSoft Linux Mandrake 10.1 x86_64
+ MandrakeSoft Linux Mandrake 10.1
Ethereal Group Ethereal 0.10
Ethereal Group Ethereal 0.9.16
+ MandrakeSoft Linux Mandrake 9.2 amd64
+ MandrakeSoft Linux Mandrake 9.2
Ethereal Group Ethereal 0.9.15
Ethereal Group Ethereal 0.9.14
Ethereal Group Ethereal 0.9.13
+ MandrakeSoft Linux Mandrake 9.1 ppc
+ MandrakeSoft Linux Mandrake 9.1
+ RedHat Fedora Core1
Ethereal Group Ethereal 0.9.12
Ethereal Group Ethereal 0.9.11
Ethereal Group Ethereal 0.9.10
+ Conectiva Linux 9.0
Ethereal Group Ethereal 0.9.9
+ MandrakeSoft Linux Mandrake 9.1 ppc
+ MandrakeSoft Linux Mandrake 9.1
Ethereal Group Ethereal 0.9.8
+ RedHat Linux 9.0 i386
+ RedHat Linux 8.0 i386
+ RedHat Linux 8.0
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2
+ Terra Soft Solutions Yellow Dog Linux 3.0
Ethereal Group Ethereal 0.9.7
Ethereal Group Ethereal 0.9.6
+ Conectiva Linux Enterprise Edition 1.0
Ethereal Group Ethereal 0.9.5
Ethereal Group Ethereal 0.9.4
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
Ethereal Group Ethereal 0.9.3
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2 alpha
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.0 sparc
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
+ RedHat Linux 6.2 sparc
+ RedHat Linux 6.2 i386
+ RedHat Linux 6.2 alpha
Ethereal Group Ethereal 0.9.2
Ethereal Group Ethereal 0.9.1
– Compaq Tru64 5.0
– Debian Linux 2.2 sparc
– Debian Linux 2.2 powerpc
– Debian Linux 2.2 IA-32
– Debian Linux 2.2 arm
– Debian Linux 2.2 alpha
– Debian Linux 2.2 68k
– HP HP-UX 11.0
– IBM AIX 5.1
– Linux kernel 2.4
– Microsoft Windows 2000 Professional
– Microsoft Windows 95
– Microsoft Windows 98
– Microsoft Windows 98SE
– Microsoft Windows ME
– Microsoft Windows NT Workstation 4.0
– NetBSD NetBSD 1.5
– OpenBSD OpenSSH 3.0
– SCO Unixware 7.0
– SGI IRIX 6.0
– Sun Solaris 8
Ethereal Group Ethereal 0.9
不受影响系统
Wireshark Wireshark 1.2.6
危害
远程攻击者可以利用漏洞使应用程序崩溃。
攻击所需条件
攻击者必须访问Wireshark或构建恶意文件。
漏洞信息
Wireshark是一款开放源代码的网络协议分析工具。
Wireshark LWRES解析器存在多个缓冲区溢出,远程攻击者可以利用漏洞使应用程序崩溃。
攻击者也可以通过诱使用户解析畸形报文跟踪文件触发。
测试方法
厂商解决方案
Wireshark 1.2.6已经修复此漏洞,建议用户下载使用:
http://www.wireshark.org/
漏洞提供者
Babi
0 条评论。