Gentoo Logo

Wireshark: Denial of Service


1.  Gentoo Linux Security Advisory

Version Information

Advisory Reference GLSA 200909-16 / wireshark
Release Date September 13, 2009
Latest Revision September 13, 2009: 01
Impact normal
Exploitable remote
Package Vulnerable versions Unaffected versions Architecture(s)
net-analyzer/wireshark < 1.2.1 >= 1.2.1 All supported architectures

Related bugreports: #278564


Multiple vulnerabilities have been discovered in Wireshark which allow for Denial of Service.

2.  Impact Information


Wireshark is a versatile network protocol analyzer.


Multiple vulnerabilities were discovered in Wireshark:

  • A buffer overflow in the IPMI dissector related to an array index error (CVE-2009-2559).
  • Multiple unspecified vulnerabilities in the Bluetooth L2CAP, RADIUS, and MIOP dissectors (CVE-2009-2560).
  • An unspecified vulnerability in the sFlow dissector (CVE-2009-2561).
  • An unspecified vulnerability in the AFS dissector (CVE-2009-2562).
  • An unspecified vulnerability in the Infiniband dissector when running on unspecified platforms (CVE-2009-2563).


A remote attacker could exploit these vulnerabilities by sending specially crafted packets on a network being monitored by Wireshark or by enticing a user to read a malformed packet trace file to cause a Denial of Service.

3.  Resolution Information


There is no known workaround at this time.


All Wireshark users should upgrade to the latest version:

Code Listing 3.1: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-1.2.1"

4.  References


Page updated September 13, 2009

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.

Copyright 2001-2015 Gentoo Foundation, Inc. Questions, Comments? Contact us.