CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
99.4%
Added: 10/19/2011
CVE: CVE-2011-1591
BID: 47392
OSVDB: 71848
Wireshark is a network packet analyzer.
A buffer overflow vulnerability in the DECT dissector allows command execution when a user sends a specially crafted datagram over a network which is being analyzed by Wireshark.
Upgrade to Wireshark 1.4.5 or higher.
<http://www.wireshark.org/security/wnpa-sec-2011-06.html>
Exploit works on Wireshark 1.4.4.
The affected target running Wireshark must be on the same network as as the SAINTexploit host.
Exploit requires the Net-Write PERL module to be installed on the scanning host. This module is available from <http://search.cpan.org/dist/Net-Write/lib/Net/Write.pm>.
The “Wireshark DECT Dissector PCAP File Processing Overflow” client exploit attempts to exploit the same vulnerability. The client exploit does not have the same network and PERL module limitations, but requires user cooperation.
Windows