[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Wireshark 1.4.0 Malformed IKE Packet Denial of Service
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Wireshark 1.4.0 Malformed IKE Packet Denial of Service
- From: vuln@xxxxxxxxxxx
- Date: Mon, 11 Jul 2011 09:40:10 GMT
Wireshark 1.4.0 Malformed IKE Packet Denial of Service
------------------------------------------------------------------
I. Summary
A flaw has been identified in Wireshark 1.4.0 when send a specific malformed
IKE packet that will cause a denial of service .
------------------------------------------------------------------
II. Description
Using PROTOS Test-Suite
c09-isakmp(https://www.ee.oulu.fi/research/ouspg/PROTOS_Test-Suite_c09-isakmp),when
we run the following command "java -jar c09-isakmp-r1.jar --host 210.77.17.129
--id 210.77.19.130 --secret dgggg --sourceport 34444 --index 3332" ,wireshark
will capture the packet index 3332,then clike the field"Type
Payload:Identification(5)",a error message will popup ,saying"Gtk-ERROR **:Byte
index 6 is off the end of the line aborting...".Then wireshark be forced to
close.
------------------------------------------------------------------
III. Impact
Denial of service
------------------------------------------------------------------
IV. Affected
Wireshark 1.4.0, tested with Windows XP SP2. Previous versions may also be
affected due to code reuse.
------------------------------------------------------------------
V. Solution
Update the software version to 1.5.0 or 1.6.0
------------------------------------------------------------------
VI. Credit
The penetration test team Of NCNIPC (China) is credited for this vulnerability.