There have been fixed a security vulnerability in Wireshark, free open source program for analyzing network protocols. The vulnerability is related to ASN.1 BER and related dissectors. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
Affected versions
-3.0.x versions 3.0.0-3.0.2
-2.6.x versions 2.6.0-2.6.9
-2.4.x versions 2.4.0-2.4.15
Non vulnerable version can be downloaded here.
More information in the security advisory
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment