4.3

CVE-2011-1592

Exploit
The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x before 1.4.5 on Windows uses an incorrect integer data type during decoding of SETCLIENTID calls, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
WiresharkWireshark Version1.4.0
   MicrosoftWindows
WiresharkWireshark Version1.4.1
   MicrosoftWindows
WiresharkWireshark Version1.4.2
   MicrosoftWindows
WiresharkWireshark Version1.4.3
   MicrosoftWindows
WiresharkWireshark Version1.4.4
   MicrosoftWindows
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.67% 0.737
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://openwall.com/lists/oss-security/2011/04/18/2
Patch
Exploit
http://openwall.com/lists/oss-security/2011/04/18/8
Patch
Exploit
http://secunia.com/advisories/44172
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:083
http://www.vupen.com/english/advisories/2011/1022
Vendor Advisory
http://www.wireshark.org/security/wnpa-sec-2011-06.html
Vendor Advisory
http://anonsvn.wireshark.org/viewvc?revision=34115&view=revision
Patch
http://www.osvdb.org/71847
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5209
Patch
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/66833
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14987