CVE-2011-1140

Current Description

Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet.

Basic Data

PublishedMarch 03, 2011
Last ModifiedSeptember 19, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-399
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityMEDIUM
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score4.3
SeverityMEDIUM
Exploitability Score8.6
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationWiresharkWireshark1.0*******
    2.3ApplicationWiresharkWireshark1.0.0*******
    2.3ApplicationWiresharkWireshark1.0.1*******
    2.3ApplicationWiresharkWireshark1.0.2*******
    2.3ApplicationWiresharkWireshark1.0.3*******
    2.3ApplicationWiresharkWireshark1.0.4*******
    2.3ApplicationWiresharkWireshark1.0.5*******
    2.3ApplicationWiresharkWireshark1.0.6*******
    2.3ApplicationWiresharkWireshark1.0.7*******
    2.3ApplicationWiresharkWireshark1.0.8*******
    2.3ApplicationWiresharkWireshark1.0.9*******
    2.3ApplicationWiresharkWireshark1.0.10*******
    2.3ApplicationWiresharkWireshark1.0.11*******
    2.3ApplicationWiresharkWireshark1.0.12*******
    2.3ApplicationWiresharkWireshark1.0.13*******
    2.3ApplicationWiresharkWireshark1.0.14*******
    2.3ApplicationWiresharkWireshark1.0.15*******
    2.3ApplicationWiresharkWireshark1.0.16*******
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationWiresharkWireshark1.2.0*******
    2.3ApplicationWiresharkWireshark1.2.1*******
    2.3ApplicationWiresharkWireshark1.2.2*******
    2.3ApplicationWiresharkWireshark1.2.3*******
    2.3ApplicationWiresharkWireshark1.2.4*******
    2.3ApplicationWiresharkWireshark1.2.5*******
    2.3ApplicationWiresharkWireshark1.2.6*******
    2.3ApplicationWiresharkWireshark1.2.7*******
    2.3ApplicationWiresharkWireshark1.2.8*******
    2.3ApplicationWiresharkWireshark1.2.9*******
    2.3ApplicationWiresharkWireshark1.2.10*******
    2.3ApplicationWiresharkWireshark1.2.11*******
    2.3ApplicationWiresharkWireshark1.2.12*******
    2.3ApplicationWiresharkWireshark1.2.13*******
    2.3ApplicationWiresharkWireshark1.2.14*******
    2.3ApplicationWiresharkWireshark1.4.0*******
    2.3ApplicationWiresharkWireshark1.4.1*******
    2.3ApplicationWiresharkWireshark1.4.2*******
    2.3ApplicationWiresharkWireshark1.4.3*******

Vulnerable Software List

VendorProductVersions
Wireshark Wireshark 1.0, 1.0.0, 1.0.1, 1.0.10, 1.0.11, 1.0.12, 1.0.13, 1.0.14, 1.0.15, 1.0.16, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.0.6, 1.0.7, 1.0.8, 1.0.9, 1.2.0, 1.2.1, 1.2.10, 1.2.11, 1.2.12, 1.2.13, 1.2.14, 1.2.2, 1.2.3, 1.2.4, 1.2.5, 1.2.6, 1.2.7, 1.2.8, 1.2.9, 1.4.0, 1.4.1, 1.4.2, 1.4.3

References

NameSourceURLTags
http://anonsvn.wireshark.org/viewvc?view=rev&revision=36029http://anonsvn.wireshark.org/viewvc?view=rev&revision=36029CONFIRMPatch
FEDORA-2011-2648http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.htmlFEDORA
FEDORA-2011-2632http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.htmlFEDORA
FEDORA-2011-2620http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.htmlFEDORA
43759http://secunia.com/advisories/43759SECUNIA
43795http://secunia.com/advisories/43795SECUNIA
43821http://secunia.com/advisories/43821SECUNIA
44169http://secunia.com/advisories/44169SECUNIA
DSA-2201http://www.debian.org/security/2011/dsa-2201DEBIAN
VU#215900http://www.kb.cert.org/vuls/id/215900CERT-VNUS Government Resource
MDVSA-2011:044http://www.mandriva.com/security/advisories?name=MDVSA-2011:044MANDRIVA
RHSA-2011:0369http://www.redhat.com/support/errata/RHSA-2011-0369.htmlREDHAT
RHSA-2011:0370http://www.redhat.com/support/errata/RHSA-2011-0370.htmlREDHAT
1025148http://www.securitytracker.com/id?1025148SECTRACK
ADV-2011-0622http://www.vupen.com/english/advisories/2011/0622VUPEN
ADV-2011-0626http://www.vupen.com/english/advisories/2011/0626VUPEN
ADV-2011-0719http://www.vupen.com/english/advisories/2011/0719VUPEN
ADV-2011-0747http://www.vupen.com/english/advisories/2011/0747VUPEN
http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.htmlhttp://www.wireshark.org/docs/relnotes/wireshark-1.2.15.htmlCONFIRMPatch
http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.htmlhttp://www.wireshark.org/docs/relnotes/wireshark-1.4.4.htmlCONFIRMPatch
http://www.wireshark.org/security/wnpa-sec-2011-03.htmlhttp://www.wireshark.org/security/wnpa-sec-2011-03.htmlCONFIRMVendor Advisory
http://www.wireshark.org/security/wnpa-sec-2011-04.htmlhttp://www.wireshark.org/security/wnpa-sec-2011-04.htmlCONFIRMVendor Advisory
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5717https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5717CONFIRMExploit
openSUSE-SU-2011:0347https://hermes.opensuse.org/messages/8086844SUSE
oval:org.mitre.oval:def:14715https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14715OVAL