Wireshark ZigBee ZCL Dissector Infinite Loop Denial of Service

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Wireshark ZigBee ZCL Dissector Infinite Loop Denial of Service
# Published : 2011-01-11
# Author : Fred Fierling
# Previous Title : Objectivity/DB Lack of Authentication Remote Exploit
# Next Title : Inetserv 3.23 SMTP Denial of Service Vulnerability

Source:  http://www.securityfocus.com/bid/44986/info

Wireshark is prone to a remote denial-of-service vulnerability because it fails to properly handle certain types of packets.

Attackers can exploit this issue to cause the application to enter an infinite loop which may cause denial-of-service conditions.

Wireshark 1.4.0 to 1.4.1 are vulnerable. 

http://www.exploit-db.com/sploits/44986.pcap