lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <64B28BC2EAD84A5BBD110DA8C2DB8D26@SVRTBkis>
Date: Sat, 22 Nov 2008 15:28:49 +0700
From: "svrt" <svrt@...v.com.vn>
To: <full-disclosure@...ts.grok.org.uk>,
	<bugtraq@...urityfocus.com>
Subject: [SVRT-04-08] Vulnerability in WireShark 1.0.4 for
	DoS Attack

Vulnerability in WireShark 1.0.4 for DoS Attack

1. General Information

On Nov 2008, Security Vulnerability Research Team of Bkis (SVRT-Bkis) has
detected a vulnerability underlying WireShark 1.0.4 (lastest version).

The flaw is in the function processing SMTP protocol and enables hacker to
perform a DoS attack by sending a SMTP request with large content to port
25. The application then enter a large loop and cannot do anything else.

We have contacted the vendor of Wireshark. They fixed this vulnerability for
Wireshark 1.0.5 but they haven't released the official version yet. Details
is here : http://wiki.wireshark.org/Development/Roadmap

SVRT Advisory              : SVRT-04-08
Initial vendor notification  : 11-14-2008
Release Date                   : 11-22-2008
Update Date                   : 11-22-2008
Discovered by                 : SVRT-Bkis
Security Rating                : Less Critical
Impact                            : DoS
Affected Software           :Wireshark 1.0.4 (prev is vulnerable)

2. Solution

Althrough the official version for this vulnerability hasn't been released
yet, the vendor has updated the fix in the prerelease Wireshark 1.0.5.

Download the prerelease version of Wireshark 1.0.5 here:
http://www.wireshark.org/download/prerelease/

----------------------------------------------------------------
Bach Khoa Internetwork Security Center (BKIS)
Hanoi University of Technology (Vietnam)
Office : 5th Floor, Hitech building - 1A Dai Co Viet, Hanoi
Email : svrt[at]bkav.com.vn
Website : www.bkav.com.vn
WebBlog : security.bkis.vn
---------------------------------------------------------------- 



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ