This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.
The remote Windows host contains an application that is affected by
multiple denial of service vulnerabilities.
The installed version of Wireshark is 1.2.x less than 1.2.17 or 1.4.x
less than 1.4.7. As such, it is affected by the following
- An error exists in DICOM dissector that can allow denial
of service attacks when processing certain malformed
packets. (Issue #5876)
- An error exists in the handling of corrupted snoop
files that can cause application crashes. (Issue #5912)
- An error exists in the handling of compressed capture
data that can cause application crashes. (Issue #5908)
- An error exists in the handling of 'Visual Networks'
files that can cause application crashes. (Issue #5934)
- An error exists in the 'desegment_tcp()' function in the
file 'epan/dissectors/packet-tcp.c' that can allow a NULL
pointer to be dereferenced when handling certain TCP
segments. (Issue #5837)
- An error exists in the handling of corrupted 'Diameter'
dictionary files that can cause application crashes.
See also :
Upgrade to Wireshark version 1.2.17 / 1.4.7 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : true