Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1142

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2011-1142
Last Modified 13 Aug 2012 11:25:20
Published 02 Mar 2011 08:00:01
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-1142

Summary

Stack consumption vulnerability in the dissect_ber_choice function in the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through 1.4.4 might allow remote attackers to cause a denial of service (infinite loop) via vectors involving self-referential ASN.1 CHOICE values.

Vulnerable Systems

Application

  • Wireshark 1.2.0

  • Wireshark 1.2.1

  • Wireshark 1.2.10

  • Wireshark 1.2.11

  • Wireshark 1.2.12

  • Wireshark 1.2.13

  • Wireshark 1.2.14

  • Wireshark 1.2.15

  • Wireshark 1.2.2

  • Wireshark 1.2.3

  • Wireshark 1.2.4

  • Wireshark 1.2.5

  • Wireshark 1.2.6

  • Wireshark 1.2.7

  • Wireshark 1.2.8

  • Wireshark 1.2.9

  • Wireshark 1.4.0

  • Wireshark 1.4.1

  • Wireshark 1.4.2

  • Wireshark 1.4.3

  • Wireshark 1.4.4


References

CONFIRM - http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html

CONFIRM - http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html

CONFIRM - https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516

VUPEN - ADV-2011-0622

SECTRACK - 1025148

MANDRIVA - MDVSA-2011:044


Last Updated: 27 May 2016 10:56:11