Wireshark LWRES dissector buffer overflow

Added: 02/17/2010
CVE: CVE-2010-0304
BID: 37985
OSVDB: 61987

Background

Wireshark is a network packet analyzer.

Problem

A buffer overflow vulnerability in the LWRES dissector allows command execution when a user sends a specially crafted datagram over a network which is being analyzed by Wireshark.

Resolution

Upgrade to Wireshark 1.2.6 or higher.

References

<http://www.wireshark.org/security/wnpa-sec-2010-02.html&gt;

Limitations

Exploit works on Wireshark 1.0.3. Wireshark must be configured to capture and analyze the malicious traffic in order for the exploit to succeed.

Platforms

Windows XP