CVE-2011-1590

Published: Apr 29, 2011Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.

Affected (21)

Products: Wireshark: Wireshark

1 product

Configuration A

21 vulnerable

Vulnerable Software	Affected Versions
Wireshark Wireshark	Version 1.2.0
Wireshark Wireshark	Version 1.2.10
Wireshark Wireshark	Version 1.2.11
Wireshark Wireshark	Version 1.2.12
Wireshark Wireshark	Version 1.2.13
Wireshark Wireshark	Version 1.2.14
Wireshark Wireshark	Version 1.2.15
Wireshark Wireshark	Version 1.2.1
Wireshark Wireshark	Version 1.2.2
Wireshark Wireshark	Version 1.2.3
Wireshark Wireshark	Version 1.2.4
Wireshark Wireshark	Version 1.2.5
Wireshark Wireshark	Version 1.2.6
Wireshark Wireshark	Version 1.2.7
Wireshark Wireshark	Version 1.2.8
Wireshark Wireshark	Version 1.2.9
Wireshark Wireshark	Version 1.4.0
Wireshark Wireshark	Version 1.4.1
Wireshark Wireshark	Version 1.4.2
Wireshark Wireshark	Version 1.4.3
Wireshark Wireshark	Version 1.4.4

Related CWEs

References (46)

http://anonsvn.wireshark.org/viewvc?revision=36608&view=revision

Source: secalert@redhat.com

Patch

http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058900.html

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058983.html

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html

Source: secalert@redhat.com

http://openwall.com/lists/oss-security/2011/04/18/2

Source: secalert@redhat.com

ExploitPatch

http://openwall.com/lists/oss-security/2011/04/18/8

Source: secalert@redhat.com

ExploitPatch

http://secunia.com/advisories/44172

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/44374

Source: secalert@redhat.com

http://secunia.com/advisories/44822

Source: secalert@redhat.com

http://secunia.com/advisories/45149

Source: secalert@redhat.com

http://secunia.com/advisories/48947

Source: secalert@redhat.com

http://securitytracker.com/id?1025388

Source: secalert@redhat.com

http://www.debian.org/security/2011/dsa-2274

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2011:083

Source: secalert@redhat.com

http://www.osvdb.org/71846

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2011/1022

Source: secalert@redhat.com

Vendor Advisory

http://www.vupen.com/english/advisories/2011/1106

Source: secalert@redhat.com

http://www.wireshark.org/security/wnpa-sec-2011-05.html

Source: secalert@redhat.com

http://www.wireshark.org/security/wnpa-sec-2011-06.html

Source: secalert@redhat.com

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5754

Source: secalert@redhat.com

ExploitPatch

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5793

Source: secalert@redhat.com

https://hermes.opensuse.org/messages/8701428

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15050

Source: secalert@redhat.com

http://anonsvn.wireshark.org/viewvc?revision=36608&view=revision

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058900.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058983.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://openwall.com/lists/oss-security/2011/04/18/2

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

http://openwall.com/lists/oss-security/2011/04/18/8

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

http://secunia.com/advisories/44172

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/44374

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/44822

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/45149

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/48947

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1025388

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2011/dsa-2274

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2011:083

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/71846

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2011/1022

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.vupen.com/english/advisories/2011/1106

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.wireshark.org/security/wnpa-sec-2011-05.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.wireshark.org/security/wnpa-sec-2011-06.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5754

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5793

Source: af854a3a-2127-422b-91ae-364da2661108

https://hermes.opensuse.org/messages/8701428

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15050

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.