Wireshark LWRES dissector buffer overflow

Added: 02/17/2010
CVE: CVE-2010-0304
BID: 37985
OSVDB: 61987

Background

Wireshark is a network packet analyzer.

Problem

A buffer overflow vulnerability in the LWRES dissector allows command execution when a user sends a specially crafted datagram over a network which is being analyzed by Wireshark.

Resolution

Upgrade to Wireshark 1.2.6 or higher.

References

http://www.wireshark.org/security/wnpa-sec-2010-02.html

Limitations

Exploit works on Wireshark 1.0.3. Wireshark must be configured to capture and analyze the malicious traffic in order for the exploit to succeed.

Platforms

Windows XP

Back to exploit index