Published: 20/09/2011 Updated: 19/09/2017
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 975
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

Untrusted search path vulnerability in Wireshark 1.4.x prior to 1.4.9 and 1.6.x prior to 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

wireshark wireshark 1.4.3

wireshark wireshark 1.4.2

wireshark wireshark 1.4.1

wireshark wireshark 1.4.0

wireshark wireshark 1.4.7

wireshark wireshark 1.4.4

wireshark wireshark 1.4.6

wireshark wireshark 1.4.5

wireshark wireshark 1.4.8

wireshark wireshark 1.6.0

wireshark wireshark 1.6.1

Vendor Advisories

The Microsoft Vulnerability Research group discovered that insecure load path handling could lead to execution of arbitrary Lua script code For the oldstable distribution (lenny), this problem has been fixed in version 102-3+lenny15 This build will be released shortly For the stable distribution (squeeze), this problem has been fixed in versio ...
Debian Bug report logs - #780372 CVE-2015-2187 CVE-2015-2188 CVE-2015-2189 CVE-2015-2190 CVE-2015-2191 CVE-2015-2192 Package: wireshark; Maintainer for wireshark is Balint Reczey <rbalint@ubuntucom>; Source for wireshark is src:wireshark (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Th ...
Debian Bug report logs - #776135 wireshark: Multiple security issues in 1122 and prior versions Package: wireshark; Maintainer for wireshark is Balint Reczey <rbalint@ubuntucom>; Source for wireshark is src:wireshark (PTS, buildd, popcon) Reported by: balint@balintreczeyhu Date: Sat, 24 Jan 2015 10:51:01 UTC Severity: ...


## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking in ...

Metasploit Modules

Wireshark console.lua Pre-Loading Script Execution

This module exploits a vulnerability in Wireshark 1.6 or less. When opening a pcap file, Wireshark will actually check if there's a 'console.lua' file in the same directory, and then parse/execute the script if found. Versions affected by this vulnerability: 1.6.0 to 1.6.1, 1.4.0 to 1.4.8

msf > use exploit/windows/misc/wireshark_lua
      msf exploit(wireshark_lua) > show targets
      msf exploit(wireshark_lua) > set TARGET <target-id>
      msf exploit(wireshark_lua) > show options
            ...show and set options...
      msf exploit(wireshark_lua) > exploit