CVE-2011-1590 Information

Feb 14, 2021 cve

Description

The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.

Reference

http://anonsvn.wireshark.org/viewvc?revision=36608&view=revision http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058900.html http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058983.html http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html http://openwall.com/lists/oss-security/2011/04/18/2 http://openwall.com/lists/oss-security/2011/04/18/8 http://secunia.com/advisories/44172 http://secunia.com/advisories/44374 http://secunia.com/advisories/44822 http://secunia.com/advisories/45149 http://secunia.com/advisories/48947 http://securitytracker.com/id?1025388 http://www.debian.org/security/2011/dsa-2274 http://www.mandriva.com/security/advisories?name=MDVSA-2011:083 http://www.osvdb.org/71846 http://www.vupen.com/english/advisories/2011/1022 http://www.vupen.com/english/advisories/2011/1106 http://www.wireshark.org/security/wnpa-sec-2011-05.html http://www.wireshark.org/security/wnpa-sec-2011-06.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5754 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5793 https://hermes.opensuse.org/messages/8701428 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A15050

Share on: