Wireshark contains a vulnerability in the IPSec ESP preference parser that may cause a denial of service condition.
Wireshark contains multiple off-by-one vulnerabilities in the IPSec ESP preference parser when the application has been compiled with ESP decryption support.
This vulnerability may be exploited when the remote attacker sends a specially crafted, malformed packet over the wire or by convincing the user to read a malformed packet trace file.
A remote attacker may be able to execute arbitrary code.
This vulnerability was reported in Wireshark document wnpa-sec-2006-02.
This document was written by Katie Steiner.
|Date First Published:||2006-10-25|
|Date Last Updated:||2006-10-25 17:14 UTC|