Denial of Service Vulnerability in Wireshark IKEv1 Protocol Dissector

Denial of Service Vulnerability in Wireshark IKEv1 Protocol Dissector

CVE-2011-3266 · LOW Severity

AV:N/AC:H/AU:N/C:N/I:N/A:P

The proto_tree_add_item function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service (infinite loop) via vectors involving a malformed IKE packet and many items in a tree.

Learn more about our User Device Pen Test.