Published: 03/02/2010 Updated: 19/09/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 765

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 up to and including 1.0.10 and 1.2.0 up to and including 1.2.5 allow remote malicious users to cause a denial of service (crash) via a malformed packet, as demonstrated using a stack-based buffer overflow to the dissect_getaddrsbyname_request function.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wireshark wireshark 1.0.9
wireshark wireshark 1.0.8
wireshark wireshark 1.0.0
wireshark wireshark 1.0
wireshark wireshark 1.2.5
wireshark wireshark 1.0.5
wireshark wireshark 1.0.4
wireshark wireshark 1.2.1
wireshark wireshark 1.2.2
wireshark wireshark 1.0.7
wireshark wireshark 1.0.6
wireshark wireshark 1.2
wireshark wireshark 1.2.0
wireshark wireshark 0.9.15
wireshark wireshark 1.0.10
wireshark wireshark 1.0.3
wireshark wireshark 1.0.2
wireshark wireshark 1.0.1
wireshark wireshark 1.2.3
wireshark wireshark 1.2.4

Synopsis Moderate: wireshark security update Type/Severity Security Advisory: Moderate Topic Updated wireshark packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 3, 4, and 5The Red Hat Security Response Team has rated this update as having moderatesecurity impact Commo ...

Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to the execution of arbitrary code or denial of service The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-4377 A NULL pointer dereference was found in the SMB/SMB2 dissectors CVE-2010-0304 ...

#!/usr/bin/env python # Wireshark 125 LWRES getaddrbyname stack-based buffer overflow PoC # with control over EIP on Debian 503 # by babi <bbbbaaaabbbbiiii@operamailcom> on 29 Jan 2010 # get it at wwwwiresharkorg/download/src/all-versions/wireshark-125targz import socket, sys try: host = sysargv[1] except: print "usa ...

## # $Id: wireshark_lwres_getaddrbyname_looprb 11126 2010-11-24 19:25:18Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## requir ...

## # $Id: wireshark_lwres_getaddrbynamerb 8454 2010-02-11 09:03:48Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'ms ...

CWE-119 http://www.securitytracker.com/id?1023516 http://www.wireshark.org/security/wnpa-sec-2010-02.html http://anonsvn.wireshark.org/viewvc/trunk-1.2/epan/dissectors/packet-lwres.c?view=diff&r1=31596&r2=28492&diff_format=h http://www.securityfocus.com/bid/37985 http://secunia.com/advisories/38257 http://www.openwall.com/lists/oss-security/2010/01/29/4 http://www.vupen.com/english/advisories/2010/0239 http://www.metasploit.com/modules/exploit/multi/misc/wireshark_lwres_getaddrbyname http://secunia.com/advisories/38348 http://www.debian.org/security/2010/dsa-1983 http://osvdb.org/61987 http://www.wireshark.org/security/wnpa-sec-2010-01.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:031 http://secunia.com/advisories/38829 http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036415.html https://exchange.xforce.ibmcloud.com/vulnerabilities/55951 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9933 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8490 https://access.redhat.com/errata/RHSA-2010:0360 https://nvd.nist.gov https://www.exploit-db.com/exploits/11288/https://www.debian.org/security/./dsa-1983

CVE-2010-0304

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect