Multiple Denial of Service vulnerabilities have been discovered in Wireshark.
Package | net-analyzer/wireshark on all architectures |
---|---|
Affected versions | < 1.0.3 |
Unaffected versions | >= 1.0.3 |
Wireshark is a network protocol analyzer with a graphical front-end.
The following vulnerabilities were reported:
A remote attacker could exploit these vulnerabilities by sending specially crafted packets on a network being monitored by Wireshark or by enticing a user to read a malformed packet trace file, causing a Denial of Service.
There is no known workaround at this time.
All Wireshark users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-1.0.3"
Release date
September 25, 2008
Latest revision
September 25, 2008: 01
Severity
normal
Exploitable
remote
Bugzilla entries