Wireshark.PN.DCP.Data.Remote.Format.String

Release Date Dec 30, 2011
Severity high
Impact System Compromise: Remote attackers can gain control of vulnerable systems.
Description This indicates an attack attempt to exploit a Format String vulnerability in Wireshark. The vulnerability is caused by an error when the vulnerable software handles a malicious PN-DCP packet. It allows a remote attacker to crash the application or execute arbitrary code via sending a crafted PN-DCP packet.
Affected Products Wireshark Wireshark 1.0.6 Wireshark Wireshark 1.0.5 Wireshark Wireshark 1.0.4 Wireshark Wireshark 1.0.3 Wireshark Wireshark 1.0.2 Wireshark Wireshark 1.0.1 Wireshark Wireshark 1.0 Wireshark Wireshark 0.99.8 Wireshark Wireshark 0.99.7 Wireshark Wireshark 0.99.6 Wireshark Wireshark 0.99.5 Wireshark Wireshark 0.99.4 Wireshark Wireshark 0.99.3 Wireshark Wireshark 0.99.2 Wireshark Wireshark 0.99.1 Wireshark Wireshark 0.99
Recommended Actions Upgrade to the latest version, available from the web site: http://media-2.cacetech.com/wireshark/src/wireshark-1.0.7.tar.bz2
Coverage IPS VCM
Common Vulnerabilities and Exposures (CVE) CVE-2009-1210
Reference/s http://www.securityfocus.com/bid/34291 (BugTraq)

Fortinet