Wireshark Lua Untrusted Search Path vulnerability

Added: 11/25/2011
CVE: CVE-2011-3360
BID: 49528
OSVDB: 75347

Background

Wireshark is a network packet analyzer.

Problem

A vulnerability in Wireshark allows execution of arbitrary Lua scripts placed in untrusted directories which are included in Wireshark's search path.

Resolution

Upgrade to Wireshark 1.4.9 or 1.6.2 or higher.

References

http://www.wireshark.org/security/wnpa-sec-2011-15.html

Limitations

Exploit works on Wireshark 1.6.0 and requires a user to open the PCAP file on the specified network share.

The smbclient program must be available on the SAINTexploit host.

Platforms

Windows

Back to exploit index