Wireshark DOF Dissector 'packet-dof.c' Infinite Loop Denial of Service Vulnerability



Wireshark is prone to a remote denial-of-service vulnerability.

Attackers can exploit this issue to cause the application to enter an infinite loop which may cause denial-of-service.

Wireshark 2.2.0 through 2.2.5 are vulnerable.

Information

Bugtraq ID: 97634
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2017-7704

Remote: Yes
Local: No
Published: Apr 12 2017 12:00AM
Updated: Apr 13 2017 08:05PM
Credit: Buildbot Builder
Vulnerable: Wireshark Wireshark 2.2.5
Wireshark Wireshark 2.2.4
Wireshark Wireshark 2.2.3
Wireshark Wireshark 2.2.2
Wireshark Wireshark 2.2.1
Wireshark Wireshark 2.2


Not Vulnerable: Wireshark Wireshark 2.2.6


Exploit


A sample packet trace file is available in the Wireshark bug report. Please see the references for more information.


Related Posts

Comments