CVE-2012-6054

Name of the Vulnerable Software and Affected Versions Wireshark versions 1.8.x through 1.8.3

Description The issue arises from improper length calculations for invalid IP address types in the sFlow dissector. This allows remote attackers to cause a denial of service, resulting in an infinite loop, by sending a packet that is neither IPv4 nor IPv6.

Recommendations For Wireshark versions 1.8.x through 1.8.3, update to version 1.8.4 or later to resolve the issue. As a temporary workaround, consider disabling the dissect sflow 245 address type function until a patch is available. Restrict access to the sFlow dissector to minimize the risk of exploitation. Avoid processing packets with unknown or invalid IP address types in the affected Wireshark versions until the issue is resolved.