CVE-2011-1956

Published: Jun 6, 2011Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

The bytes_repr_len function in Wireshark 1.4.5 uses an incorrect pointer argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via arbitrary TCP traffic.

Affected (1)

Products: Wireshark: Wireshark

Wireshark

1 product

Wireshark

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Wireshark Wireshark	Version 1.4.5

References (16)

http://openwall.com/lists/oss-security/2011/05/31/19

Source: secalert@redhat.com

Exploit

http://openwall.com/lists/oss-security/2011/06/01/9

Source: secalert@redhat.com

Exploit

http://secunia.com/advisories/44449

Source: secalert@redhat.com

http://www.wireshark.org/docs/relnotes/wireshark-1.4.6.html

Source: secalert@redhat.com

Patch

http://www.wireshark.org/news/20110418.html

Source: secalert@redhat.com

Patch

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5837

Source: secalert@redhat.com

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/67789

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14943

Source: secalert@redhat.com

http://openwall.com/lists/oss-security/2011/05/31/19