Wireshark NTLMSSP Dissector Buffer Overflow Vulnerability

Wireshark is prone to a buffer-overflow vulnerability because it because it fails to properly bounds check data before copying it into an insufficiently sized buffer.

An attacker can exploit this issue to crash the affected application. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed.

The following products are affected:

Wireshark 1.6.0 through versions 1.6.12
Wireshark 1.8.0 through versions 1.8.4


 

Privacy Statement
Copyright 2010, SecurityFocus