APP: Wireshark ENTTEC DMX Buffer Overflow
This signature detects an attempt to exploit a known vulnerability against Wireshark tool while propcessing ENTTEC based payloads. Successful exploitation could allow an attacker to execute arbitrary codes into the context of the running application.
Extended Description
Wireshark is prone to a buffer-overflow vulnerability. Exploiting this issue may allow attackers to crash the application and deny service to legitimate users. Attackers may also execute arbitrary code in the context of vulnerable users running the application. Wireshark 1.4.2 is vulnerable; other versions may also be affected.
Affected Products
Debian linux
Short Name
APP:MISC:WSHARK-ENTTEC-BO
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Buffer CVE-2010-4538 DMX ENTTEC Overflow Wireshark bid:45634
Release Date
11/18/2014
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
UDP/3333
False Positive
Unknown
Vendors
Red_hat
Suse
Sun
Avaya
Mandriva
Debian
Wireshark
CVSS Score
9.3