News: Pwning the pen tester: Malicious Wireshark packet capture fil...

Advisories

Discover Security Vulnerabilities News

Discover How To Secure My Firewall HOWTOs

Pwning the pen tester: Malicious Wireshark packet capture file risk revealed

Pwning the pen tester: Malicious Wireshark packet capture file risk revealed

Maliciously constructed Wireshark packet capture files might be used to distribute malware, providing recipients can be tricked into double clicking file URL fields. A CVE has been assigned to the security issue (now resolved through a recent update) due its potential for harm, despite the fact that some social engineering trickery is required.

Variants of the same attack could potentially be thrown against users of the popular network security tool, widely used by security analysts and penetration testers, whether they use Windows or Xubuntu Linux-based systems.

The attack, discovered by security researcher Lukas Euler of Positive Security, is explained in a recent post on GitLab that features proof-of-concept videos.

Even though developers of Wireshark normally avoid asking for a CVE to be created for potential security issues that require user interaction, an exception was made in this case because of the “low barrier to entry and level of control” an attacker might gain.

The issue, tracked as CVE-2021-22191, was resolved through a recent update.

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.