|Wireshark IPsec ESP preference parser off-by-one vulnerable Windows version detected (WiresharkEspOffbyoneWin)|
|Platforms:||Microsoft Windows 95, Microsoft Windows NT: 4.0, Microsoft Windows 98, Microsoft Windows 98SE, Microsoft Windows 2000, Microsoft Windows Me, Microsoft Windows XP, Microsoft Windows 2003 Server, Wireshark Wireshark: 0.99.2|
Wireshark (formerly known as Ethereal) is vulnerable to a denial of service attack, caused by multiple off-by-one errors in the IPsec ESP preference parser in version 0.99.2, if Wireshark was compiled with ESP decryption support. A vulnerable version of Wireshark for Windows has been detected.
Upgrade to the latest version of Wireshark (0.99.3 or later), as listed in Wireshark Security Advisory wnpa-sec-2006-02. See References.
|False Positives:||A workaround for this vulnerability has been provided by the Wireshark development team. If this workaround has been applied, the installation will still flag vulnerable, even though the vulnerability has been remediated.|
|False Negatives:||This check will only detect the most recently installed version of Wireshark. Previously installed versions of Wireshark that were not uninstalled prior to the most recent installation will not be tested but may be vulnerable.|
|Required Permission:||Windows login|
IBM Internet Security Systems X-Force Database
Know Your Risks
Common Vulnerabilties & Exposures