| |||||||||||||
wireshark: multiple vulnerabilitieswireshark: multiple vulnerabilitiesPosted Feb 15, 2007 15:08 UTC (Thu) by nix (subscriber, #2304)In reply to: wireshark: multiple vulnerabilities by bronson Parent article: wireshark: multiple vulnerabilities
Many of the vulnerabilities are DoS attacks, and Perl and Python are just as capable of infinite loops as C.
(The high number of security holes is doubtless because there are so *many* protocol decoders, and they *all* listen to potentially hostile input. wu-ftpd only had one protocol decoder...)
(Log in to post comments)
wireshark: multiple vulnerabilities Posted Feb 15, 2007 21:16 UTC (Thu) by bronson (subscriber, #4806) [Link] Ah, I didn't realize that they were mostly infinite loops. Try as I might, I just can't get worked up about hostile input causing me to have to fire a ^C at Wireshark. Seems a little rich to call that a DoS, much less a full-on security vulnerability.
wireshark: multiple vulnerabilities Posted Feb 16, 2007 15:19 UTC (Fri) by jmayer (subscriber, #595) [Link] > Seems a little rich to call that a DoS, much less a full-on securityvulnerability.
But it is: In several environments tshark (the command line version of
|
|||||||||||||