1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Wireshark UDP LWRES GetAddrByName CVE-2010-0304

Attack: Wireshark UDP LWRES GetAddrByName CVE-2010-0304

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature will detect attempts to exploit a buffer overflow vulnerability in Wireshark.

Additional Information

Wireshark (formerly Ethereal) is an application for analyzing network traffic; it is available for Microsoft Windows and for UNIX-like operating systems.

Wireshark is prone to multiple buffer-overflow vulnerabilities that arise when handling data associated with the LWRES dissector.

No further technical details are currently available. We will update this BID as more information emerges.

These issues affect Wireshark 0.9.0 through 1.2.5.

Affected

  • Wireshark 0.9.0 through 1.2.5.

Response

Updates are available. Please see the references for more information.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube