The installed version of Wireshark or Ethereal is potentially affected by multiple vulnerabilities :
- The Daintree SNA file parser can overflow a buffer. (Bug 4294)
- The SMB and SMB2 dissectors can crash. (Bug 4301)
- The IPMI dissector can crash on Windows. (Bug 4319)
These vulnerabilities can result in a denial of service, or possibly arbitrary code execution. A remote attacker can exploit these issues by tricking a user into opening a maliciously crafted capture file. Additionally, if Wireshark is running in promiscuous mode, one of these issues can be exploited remotely (from the same network segment).
Complete Confidentiality Impact, Complete Integrity Impact, Complete Availability Impact