Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:PCAP-FORMATSTR-GENERIC |
|---|---|
Severity |
Minor |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Generic Libpcap/TCPDump PCAP File Format String Detection |
Release Date |
2013/03/14 |
Update Number |
2244 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Generic Libpcap/TCPDump PCAP File Format String Detection
This signature detects format string exploits contained within Libpcap/TCPDump packet capture (PCAP) files. Such exploits could allow an attacker to trigger a memory corruption that could be leveraged further to execute arbitrary code or cause a denial of service condition.
Extended Description
Wireshark is prone to a format-string vulnerability. Attackers can leverage this issue to execute arbitrary code within the context of the vulnerable application. Failed attacks will likely cause denial-of-service conditions. Wireshark 1.0.6 is vulnerable; other versions may also be affected.
Affected Products
- Avaya aura_sip_enablement_services 3.0
- Avaya aura_sip_enablement_services 3.1
- Avaya aura_sip_enablement_services 3.1.1
- Avaya aura_sip_enablement_services 5.0
- Avaya aura_sip_enablement_services 5.1
- Avaya communication_manager 3.0
- Avaya communication_manager 3.1
- Avaya communication_manager 3.1.4 SP2
- Avaya communication_manager 4.0
- Avaya communication_manager 4.0.3 SP1
- Avaya communication_manager 5.0
- Avaya communication_manager 5.0 SP3
- Avaya communication_manager 5.1
- Avaya emmc 1.017
- Avaya emmc 1.021
- Avaya emmc
- Avaya intuity_audix_lx 1.0
- Avaya intuity_audix_lx 2.0
- Avaya intuity_audix_lx 2.0 SP1
- Avaya intuity_audix_lx 2.0 SP2
- Debian linux 5.0
- Debian linux 5.0 Alpha
- Debian linux 5.0 Amd64
- Debian linux 5.0 Arm
- Debian linux 5.0 Armel
- Debian linux 5.0 Hppa
- Debian linux 5.0 Ia-32
- Debian linux 5.0 Ia-64
- Debian linux 5.0 M68k
- Debian linux 5.0 Mips
- Debian linux 5.0 Mipsel
- Debian linux 5.0 Powerpc
- Debian linux 5.0 S/390
- Debian linux 5.0 Sparc
- Gentoo linux
- Mandriva corporate_server 4.0
- Mandriva corporate_server 4.0.0 X86 64
- Mandriva linux_mandrake 2008.1
- Mandriva linux_mandrake 2008.1 X86 64
- Mandriva linux_mandrake 2009.0
- Mandriva linux_mandrake 2009.0 X86 64
- Pardus linux_2008
- Red_hat desktop 3.0.0
- Red_hat desktop 4.0.0
- Red_hat enterprise_linux 5 Server
- Red_hat enterprise_linux_as 3
- Red_hat enterprise_linux_as 4
- Red_hat enterprise_linux_as 4.8.Z
- Red_hat enterprise_linux_desktop 5 Client
- Red_hat enterprise_linux_desktop_workstation 5 Client
- Red_hat enterprise_linux_es 3
- Red_hat enterprise_linux_es 4
- Red_hat enterprise_linux_es 4.8.Z
- Red_hat enterprise_linux_eus 5.3.Z Server
- Red_hat enterprise_linux_ws 3
- Red_hat enterprise_linux_ws 4
- Red_hat fedora 10
- Red_hat fedora 9
- Rpath rpath_linux 1
- Suse open-enterprise-server
- Suse opensuse 10.3
- Suse opensuse 11.0
- Suse opensuse 11.1
- Suse suse_linux_enterprise 10
- Suse suse_linux_enterprise 11
- Suse suse_linux_enterprise_server 9
- Wireshark wireshark 0.99.0
- Wireshark wireshark 0.99.1
- Wireshark wireshark 0.99.2
- Wireshark wireshark 0.99.3
- Wireshark wireshark 0.99.4
- Wireshark wireshark 0.99.5
- Wireshark wireshark 0.99.6
- Wireshark wireshark 0.99.7
- Wireshark wireshark 0.99.8
- Wireshark wireshark 1.0.0
- Wireshark wireshark 1.0.1
- Wireshark wireshark 1.0.2
- Wireshark wireshark 1.0.3
- Wireshark wireshark 1.0.4
- Wireshark wireshark 1.0.5
- Wireshark wireshark 1.0.6
References
- BugTraq: 34291
- CVE: CVE-2009-1210