Systems that run Wireshark versions prior to 1.4.4 are susceptible to a denial of service attack. This vulnerability affects 32-bit operating systems while reading a malformed 6LoWPAN (IPv6 over LoW Power wireless Area Networks) packet. Wireshark lacks the proper exception handling when the packet is intentionally varied in length which corrupts the packets buffer and causes Wireshark to crash. An attacker may take advantage of this weakness in order to arrive to a denial of service condition. The vulnerability was discovered by Paul Makowski of SEI/CERT and was tested against both the stable version (1.4.x) and the version in development (1.5.x). While it is confirmed that version 1.5.x is not vulnerable, a fix has been released which is included in version 1.4.4 and users running Wireshark are advised to upgrade to this version. Several other security related fixes are also included in this version.
For more information about this vulnerability visit Wireshark’s bug database here.