4.3

CVE-2011-1590

Exploit
The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
WiresharkWireshark Version1.2.0
WiresharkWireshark Version1.2.1
WiresharkWireshark Version1.2.2
WiresharkWireshark Version1.2.3
WiresharkWireshark Version1.2.4
WiresharkWireshark Version1.2.5
WiresharkWireshark Version1.2.6
WiresharkWireshark Version1.2.7
WiresharkWireshark Version1.2.8
WiresharkWireshark Version1.2.9
WiresharkWireshark Version1.2.10
WiresharkWireshark Version1.2.11
WiresharkWireshark Version1.2.12
WiresharkWireshark Version1.2.13
WiresharkWireshark Version1.2.14
WiresharkWireshark Version1.2.15
WiresharkWireshark Version1.4.0
WiresharkWireshark Version1.4.1
WiresharkWireshark Version1.4.2
WiresharkWireshark Version1.4.3
WiresharkWireshark Version1.4.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.81% 0.758
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/48947
http://anonsvn.wireshark.org/viewvc?revision=36608&view=revision
Patch
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058900.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058983.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html
http://openwall.com/lists/oss-security/2011/04/18/2
Patch
Exploit
http://openwall.com/lists/oss-security/2011/04/18/8
Patch
Exploit
http://secunia.com/advisories/44172
Vendor Advisory
http://secunia.com/advisories/44374
http://secunia.com/advisories/44822
http://secunia.com/advisories/45149
http://securitytracker.com/id?1025388
http://www.debian.org/security/2011/dsa-2274
http://www.mandriva.com/security/advisories?name=MDVSA-2011:083
http://www.osvdb.org/71846
http://www.vupen.com/english/advisories/2011/1022
Vendor Advisory
http://www.vupen.com/english/advisories/2011/1106
http://www.wireshark.org/security/wnpa-sec-2011-05.html
http://www.wireshark.org/security/wnpa-sec-2011-06.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5754
Patch
Exploit
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5793
https://hermes.opensuse.org/messages/8701428
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15050