OpenFlow Dissector Memory Exhaustion Vulnerability

OpenFlow Dissector Memory Exhaustion Vulnerability

CVE-2016-9376 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-openflow_v5.c by ensuring that certain length values were sufficiently large.

Learn more about our Network Penetration Testing.