| |||||||||||||
wireshark: multiple vulnerabilitieswireshark: multiple vulnerabilitiesPosted Feb 10, 2007 8:09 UTC (Sat) by bronson (subscriber, #4806)Parent article: wireshark: multiple vulnerabilities
Fetchmail maybe? Especially if measured in vulns/line of code. :)
I agree, Ethereal/Wireshark has an abysmal security record. I think it's because the protocol decoders are notoriously hard to write, and are written in a brittle, dangerous language by people who tend to be more interested in getting packets decoded rather than long-term, exhaustively tested code.
It would be nice if dissectors could be written in Perl/Ruby/Python/whatever. That would get rid of almost all of the vulns.
Has a Wireshark vulnerability ever been exploited in the wild?
(Log in to post comments)
wireshark: multiple vulnerabilities Posted Feb 15, 2007 15:08 UTC (Thu) by nix (subscriber, #2304) [Link] Many of the vulnerabilities are DoS attacks, and Perl and Python are just as capable of infinite loops as C.
(The high number of security holes is doubtless because there are so *many* protocol decoders, and they *all* listen to potentially hostile input. wu-ftpd only had one protocol decoder...)
wireshark: multiple vulnerabilities Posted Feb 15, 2007 21:16 UTC (Thu) by bronson (subscriber, #4806) [Link] Ah, I didn't realize that they were mostly infinite loops. Try as I might, I just can't get worked up about hostile input causing me to have to fire a ^C at Wireshark. Seems a little rich to call that a DoS, much less a full-on security vulnerability.
wireshark: multiple vulnerabilities Posted Feb 16, 2007 15:19 UTC (Fri) by jmayer (subscriber, #595) [Link] > Seems a little rich to call that a DoS, much less a full-on securityvulnerability.
But it is: In several environments tshark (the command line version of
|
|||||||||||||