QwikSec

Security Database

CVE

CWE

Training

CVE-2010-0304

Published: Feb 3, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allow remote attackers to cause a denial of service (crash) via a malformed packet, as demonstrated using a stack-based buffer overflow to the dissect_getaddrsbyname_request function.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_DEBIAN

http://www.wireshark.org/security/wnpa-sec-2010-02.html

x_refsource_CONFIRM

[oss-security] 20100129 Re: CVE id request: Wireshark

mailing-list

x_refsource_MLIST

http://www.metasploit.com/modules/exploit/multi/misc/wireshark_lwres_getaddrbyname

x_refsource_MISC

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_BID

oval:org.mitre.oval:def:9933

vdb-entry

signature

x_refsource_OVAL

vdb-entry

x_refsource_OSVDB

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_VUPEN

http://anonsvn.wireshark.org/viewvc/trunk-1.2/epan/dissectors/packet-lwres.c?view=diff&r1=31596&r2=28492&diff_format=h

x_refsource_MISC

vdb-entry

x_refsource_SECTRACK

vendor-advisory

x_refsource_MANDRIVA

wireshark-lwres-bo(55951)

vdb-entry

x_refsource_XF

http://www.wireshark.org/security/wnpa-sec-2010-01.html

x_refsource_CONFIRM

oval:org.mitre.oval:def:8490

vdb-entry

signature

x_refsource_OVAL

FEDORA-2010-3556

vendor-advisory

x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

CVE-2010-0304 - Security Vulnerability | QwikSec