Signature Detail

APP: Wireshark Dissector LWRES Buffer Overflow

This signature detects attempts to exploit a known vulnerability against Wireshark. A successful attack can lead to arbitrary code execution.

Extended Description

Wireshark is prone to multiple buffer-overflow vulnerabilities. Exploiting these issues may allow attackers to crash the application and deny service to legitimate users. Attackers may also execute arbitrary code in the context of vulnerable users running the application. These issues affect Wireshark 0.9.0 through 1.2.5.

Affected Products

• Avaya Aura Application Enablement Services 5.2
• Avaya Aura Communication Manager 4.0
• Avaya Aura Communication Manager 4.0
• Avaya Aura Communication Manager 5.1
• Avaya Aura Communication Manager 5.2
• Avaya Aura Communication Manager 5.2.1
• Avaya Aura Session Manager 1.1
• Avaya Aura Session Manager 5.2
• Avaya Aura SIP Enablement Services 3.0
• Avaya Aura SIP Enablement Services 3.1
• Avaya Aura SIP Enablement Services 3.1.0
• Avaya Aura SIP Enablement Services 3.1.1
• Avaya Aura SIP Enablement Services 4.0
• Avaya Aura SIP Enablement Services 5.0
• Avaya Aura SIP Enablement Services 5.1
• Avaya Aura SIP Enablement Services 5.2
• Avaya Aura SIP Enablement Services 5.2.1
• Avaya Aura System Platform 1.1
• Avaya Messaging Storage Server 1.0
• Avaya Messaging Storage Server 2.0
• Avaya Messaging Storage Server 3.1
• Avaya Messaging Storage Server 3.1 SP1
• Avaya Messaging Storage Server 4.0
• Avaya Messaging Storage Server 5.0
• Avaya Messaging Storage Server 5.1
• Avaya Messaging Storage Server MM3.0
• Avaya Messaging Storage Server
• Debian Linux 5.0
• Debian Linux 5.0 Alpha
• Debian Linux 5.0 Amd64
• Debian Linux 5.0 Arm
• Debian Linux 5.0 Armel
• Debian Linux 5.0 Hppa
• Debian Linux 5.0 Ia-32
• Debian Linux 5.0 Ia-64
• Debian Linux 5.0 M68k
• Debian Linux 5.0 Mips
• Debian Linux 5.0 Mipsel
• Debian Linux 5.0 Powerpc
• Debian Linux 5.0 S/390
• Debian Linux 5.0 Sparc
• Ethereal Group Ethereal 0.10.0
• Ethereal Group Ethereal 0.10.0 .10
• Ethereal Group Ethereal 0.10.1
• Ethereal Group Ethereal 0.10.10
• Ethereal Group Ethereal 0.10.11
• Ethereal Group Ethereal 0.10.12
• Ethereal Group Ethereal 0.10.13
• Ethereal Group Ethereal 0.10.14
• Ethereal Group Ethereal 0.10.2
• Ethereal Group Ethereal 0.10.3
• Ethereal Group Ethereal 0.10.4
• Ethereal Group Ethereal 0.10.5
• Ethereal Group Ethereal 0.10.6
• Ethereal Group Ethereal 0.10.7
• Ethereal Group Ethereal 0.10.8
• Ethereal Group Ethereal 0.10.9
• Ethereal Group Ethereal 0.9.0
• Ethereal Group Ethereal 0.9.1
• Ethereal Group Ethereal 0.9.10
• Ethereal Group Ethereal 0.9.11
• Ethereal Group Ethereal 0.9.12
• Ethereal Group Ethereal 0.9.13
• Ethereal Group Ethereal 0.9.14
• Ethereal Group Ethereal 0.9.15
• Ethereal Group Ethereal 0.9.16
• Ethereal Group Ethereal 0.9.2
• Ethereal Group Ethereal 0.9.3
• Ethereal Group Ethereal 0.9.4
• Ethereal Group Ethereal 0.9.5
• Ethereal Group Ethereal 0.9.6
• Ethereal Group Ethereal 0.9.7
• Ethereal Group Ethereal 0.9.8
• Ethereal Group Ethereal 0.9.9
• Ethereal Group Ethereal 0.99.0
• Pardus Linux 2009
• Red Hat Desktop 3.0.0
• Red Hat Enterprise Linux 5 Server
• Red Hat Enterprise Linux Desktop Version 4
• Red Hat Enterprise Linux AS 3
• Red Hat Enterprise Linux AS 4
• Red Hat Enterprise Linux Desktop 5 Client
• Red Hat Enterprise Linux Desktop Workstation 5 Client
• Red Hat Enterprise Linux ES 3
• Red Hat Enterprise Linux ES 4
• Red Hat Enterprise Linux WS 3
• Red Hat Enterprise Linux WS 4
• Red Hat Fedora 12
• SuSE openSUSE 11.0
• SuSE openSUSE 11.1
• SuSE openSUSE 11.2
• SuSE SUSE Linux Enterprise 10 SP2
• SuSE SUSE Linux Enterprise 10 SP3
• SuSE SUSE Linux Enterprise 11
• SuSE SUSE Linux Enterprise Server 9
• Wireshark 1.0.0
• Wireshark 1.0.1
• Wireshark 1.0.10
• Wireshark 1.0.2
• Wireshark 1.0.3
• Wireshark 1.0.4
• Wireshark 1.0.5
• Wireshark 1.0.6
• Wireshark 1.0.7
• Wireshark 1.0.8
• Wireshark 1.0.9
• Wireshark 1.2.0
• Wireshark 1.2.1
• Wireshark 1.2.2
• Wireshark 1.2.3
• Wireshark 1.2.4
• Wireshark 1.2.5

References

• BugTraq: 37985
• CVE: CVE-2010-0304