Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3266

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2011-3266
Last Modified 13 Aug 2012 11:29:52
Published 23 Aug 2011 08:55:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2011-3266

Summary

The proto_tree_add_item function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service (infinite loop) via vectors involving a malformed IKE packet and many items in a tree.

Vulnerable Systems

Application

  • Wireshark 1.4.0

  • Wireshark 1.4.1

  • Wireshark 1.4.2

  • Wireshark 1.4.3

  • Wireshark 1.4.4

  • Wireshark 1.4.5

  • Wireshark 1.4.6

  • Wireshark 1.4.7

  • Wireshark 1.4.8

  • Wireshark 1.6.0

  • Wireshark 1.6.1


References

XF - wireshark-prototreeadditem-dos(69411)

CONFIRM - http://www.wireshark.org/security/wnpa-sec-2011-13.html

BID - 49377

BUGTRAQ - 20110728 Wireshark 1.6.1 Malformed IKE Packet Denial of Service

MANDRIVA - MDVSA-2011:138

SECTRACK - 1025875

SREASON - 8351

SUSE - openSUSE-SU-2011:1263

SUSE - SUSE-SU-2011:1262

Related Patches

Novell SUSE 2011:5281 wireshark security update for SLE 11 SP1 i586

Novell SUSE 2011:5433 wireshark security update for SLE 11 SP1 i586

Novell SUSE 2011:5433 wireshark security update for SLE 11 SP1 x86_64

Novell SUSE 2011:7796 wireshark security update for SLE 10 SP4 i586

Novell SUSE 2011:7839 wireshark security update for SLE 10 SP4 i586

Novell SUSE 2011:7839 wireshark security update for SLE 10 SP4 x86_64


Last Updated: 27 May 2016 10:57:26