Wireshark DECT Dissector PCAP File Processing OverflowAdded: 10/11/2011
BackgroundWireshark is a network packet analyzer.
ProblemA buffer overflow vulnerability in the DECT dissector (epan/dissectors/packet-dect.c) allows command execution via a specially crafted .pcap file.
ResolutionUpgrade to Wireshark 1.4.5 or higher.
LimitationsExploit works on Wireshark 1.4.4.
The user must open the exploit file in the affected application.
The "Wireshark DECT Dissector Remote Stack Buffer Overflow" remote exploit attempts to exploit the same vulnerability. The remote exploit has additional network and PERL module limitations, but does not require user cooperation.
Back to exploit index