Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1956

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-1956
Last Modified 13 Aug 2012 11:27:05
Published 06 Jun 2011 03:55:02
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1956

Summary

The bytes_repr_len function in Wireshark 1.4.5 uses an incorrect pointer argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via arbitrary TCP traffic.

Vulnerable Systems

Application

  • Wireshark 1.4.5


References

CONFIRM - http://www.wireshark.org/news/20110418.html

CONFIRM - http://www.wireshark.org/docs/relnotes/wireshark-1.4.6.html

CONFIRM - https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5837

XF - wireshark-desegmenttcp-dos(67789)

SECUNIA - 44449

MLIST - [oss-security] 20110601 Re: CVE request for Wireshark 1.4.5 TCP DoS issue

MLIST - [oss-security] 20110531 CVE request for Wireshark 1.4.5 TCP DoS issue


Last Updated: 27 May 2016 10:56:52