Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1140

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-1140
Last Modified 13 Aug 2012 11:25:19
Published 02 Mar 2011 08:00:01
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1140

Summary

Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet.

Vulnerable Systems

Application

  • Wireshark 1.0

  • Wireshark 1.0.0

  • Wireshark 1.0.1

  • Wireshark 1.0.10

  • Wireshark 1.0.11

  • Wireshark 1.0.12

  • Wireshark 1.0.13

  • Wireshark 1.0.14

  • Wireshark 1.0.15

  • Wireshark 1.0.16

  • Wireshark 1.0.2

  • Wireshark 1.0.3

  • Wireshark 1.0.4

  • Wireshark 1.0.5

  • Wireshark 1.0.6

  • Wireshark 1.0.7

  • Wireshark 1.0.8

  • Wireshark 1.0.9

  • Wireshark 1.2.0

  • Wireshark 1.2.1

  • Wireshark 1.2.10

  • Wireshark 1.2.11

  • Wireshark 1.2.12

  • Wireshark 1.2.13

  • Wireshark 1.2.14

  • Wireshark 1.2.2

  • Wireshark 1.2.3

  • Wireshark 1.2.4

  • Wireshark 1.2.5

  • Wireshark 1.2.6

  • Wireshark 1.2.7

  • Wireshark 1.2.8

  • Wireshark 1.2.9

  • Wireshark 1.4.0

  • Wireshark 1.4.1

  • Wireshark 1.4.2

  • Wireshark 1.4.3


References

CERT-VN - VU#215900

CONFIRM - http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html

CONFIRM - http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html

CONFIRM - http://anonsvn.wireshark.org/viewvc?view=rev&revision=36029

SUSE - openSUSE-SU-2011:0347

CONFIRM - https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5717

CONFIRM - http://www.wireshark.org/security/wnpa-sec-2011-04.html

CONFIRM - http://www.wireshark.org/security/wnpa-sec-2011-03.html

VUPEN - ADV-2011-0747

VUPEN - ADV-2011-0719

VUPEN - ADV-2011-0626

VUPEN - ADV-2011-0622

SECTRACK - 1025148

REDHAT - RHSA-2011:0370

REDHAT - RHSA-2011:0369

MANDRIVA - MDVSA-2011:044

DEBIAN - DSA-2201

SECUNIA - 44169

SECUNIA - 43821

SECUNIA - 43795

SECUNIA - 43759

FEDORA - FEDORA-2011-2620

FEDORA - FEDORA-2011-2632

FEDORA - FEDORA-2011-2648

Related Patches

Novell SUSE 2011:7439 wireshark security update for SLE 10 SP3 i586

Novell SUSE 2011:7439 wireshark security update for SLE 10 SP3 x86_64


Last Updated: 27 May 2016 10:56:11