Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2174

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-2174
Last Modified 03 Jan 2013 11:28:10
Published 06 Jun 2011 03:55:02
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-2174

Summary

Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression.

Vulnerable Systems

Application

  • Wireshark 1.2

  • Wireshark 1.2.0

  • Wireshark 1.2.1

  • Wireshark 1.2.10

  • Wireshark 1.2.11

  • Wireshark 1.2.12

  • Wireshark 1.2.13

  • Wireshark 1.2.14

  • Wireshark 1.2.15

  • Wireshark 1.2.16

  • Wireshark 1.2.2

  • Wireshark 1.2.3

  • Wireshark 1.2.4

  • Wireshark 1.2.5

  • Wireshark 1.2.6

  • Wireshark 1.2.7

  • Wireshark 1.2.8

  • Wireshark 1.2.9

  • Wireshark 1.4.0

  • Wireshark 1.4.1

  • Wireshark 1.4.2

  • Wireshark 1.4.3

  • Wireshark 1.4.4

  • Wireshark 1.4.5

  • Wireshark 1.4.6


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=710097

CONFIRM - https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5908

CONFIRM - http://www.wireshark.org/security/wnpa-sec-2011-08.html

CONFIRM - http://www.wireshark.org/security/wnpa-sec-2011-07.html

CONFIRM - http://anonsvn.wireshark.org/viewvc?view=revision&revision=37081

XF - wireshark-compressed-packet-dos(67793)

BID - 48066

DEBIAN - DSA-2274

SECUNIA - 45149

SECUNIA - 44958

SECUNIA - 44449

MLIST - [oss-security] 20110601 Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues

MLIST - [oss-security] 20110531 CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues

FEDORA - FEDORA-2011-7858

FEDORA - FEDORA-2011-7846

FEDORA - FEDORA-2011-7821

SECUNIA - 48947

Related Patches

Novell SUSE 2011:5281 wireshark security update for SLE 11 SP1 i586

Novell SUSE 2011:7796 wireshark security update for SLE 10 SP4 i586


Last Updated: 27 May 2016 11:01:33