OpenFlow Dissector Memory Exhaustion Vulnerability
CVE-2016-9376 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:N/A:P
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-openflow_v5.c by ensuring that certain length values were sufficiently large.
Learn more about our Network Penetration Testing.