CVE-2011-1141

Published: Mar 3, 2011Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements.

Affected (37)

Products: Wireshark: Wireshark

1 product

Configuration A

18 vulnerable

Vulnerable Software	Affected Versions
Wireshark Wireshark	Version 1.0.0
Wireshark Wireshark	Version 1.0.10
Wireshark Wireshark	Version 1.0.11
Wireshark Wireshark	Version 1.0.12
Wireshark Wireshark	Version 1.0.13
Wireshark Wireshark	Version 1.0.14
Wireshark Wireshark	Version 1.0.15
Wireshark Wireshark	Version 1.0.16
Wireshark Wireshark	Version 1.0.1
Wireshark Wireshark	Version 1.0.2
Wireshark Wireshark	Version 1.0.3
Wireshark Wireshark	Version 1.0.4
Wireshark Wireshark	Version 1.0.5
Wireshark Wireshark	Version 1.0.6
Wireshark Wireshark	Version 1.0.7
Wireshark Wireshark	Version 1.0.8
Wireshark Wireshark	Version 1.0.9
Wireshark Wireshark	Version 1.0

Configuration B

19 vulnerable

Vulnerable Software	Affected Versions
Wireshark Wireshark	Version 1.2.0
Wireshark Wireshark	Version 1.2.10
Wireshark Wireshark	Version 1.2.11
Wireshark Wireshark	Version 1.2.12
Wireshark Wireshark	Version 1.2.13
Wireshark Wireshark	Version 1.2.14
Wireshark Wireshark	Version 1.2.1
Wireshark Wireshark	Version 1.2.2
Wireshark Wireshark	Version 1.2.3
Wireshark Wireshark	Version 1.2.4
Wireshark Wireshark	Version 1.2.5
Wireshark Wireshark	Version 1.2.6
Wireshark Wireshark	Version 1.2.7
Wireshark Wireshark	Version 1.2.8
Wireshark Wireshark	Version 1.2.9
Wireshark Wireshark	Version 1.4.0
Wireshark Wireshark	Version 1.4.1
Wireshark Wireshark	Version 1.4.2
Wireshark Wireshark	Version 1.4.3

Related CWEs

References (42)

http://anonsvn.wireshark.org/viewvc?view=rev&revision=36101

Source: cve@mitre.org

Patch

http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html

Source: cve@mitre.org

http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html

Source: cve@mitre.org

http://secunia.com/advisories/43759

Source: cve@mitre.org

http://secunia.com/advisories/43795

Source: cve@mitre.org

http://secunia.com/advisories/43821

Source: cve@mitre.org

http://www.debian.org/security/2011/dsa-2201

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/215900

Source: cve@mitre.org

US Government Resource

http://www.mandriva.com/security/advisories?name=MDVSA-2011:044

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2011-0369.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2011-0370.html

Source: cve@mitre.org

http://www.securitytracker.com/id?1025148

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2011/0622

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2011/0719

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2011/0747

Source: cve@mitre.org

http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html

Source: cve@mitre.org

Patch

http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html

Source: cve@mitre.org

Patch

http://www.wireshark.org/security/wnpa-sec-2011-03.html

Source: cve@mitre.org

Vendor Advisory

http://www.wireshark.org/security/wnpa-sec-2011-04.html

Source: cve@mitre.org

Vendor Advisory

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5732

Source: cve@mitre.org

Exploit

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14974

Source: cve@mitre.org

http://anonsvn.wireshark.org/viewvc?view=rev&revision=36101

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/43759

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/43795

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/43821

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2011/dsa-2201

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.kb.cert.org/vuls/id/215900

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.mandriva.com/security/advisories?name=MDVSA-2011:044

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2011-0369.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2011-0370.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1025148

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2011/0622

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2011/0719

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2011/0747

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.wireshark.org/security/wnpa-sec-2011-03.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.wireshark.org/security/wnpa-sec-2011-04.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5732

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14974

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.