CVE-2011-1956 Information

Description

The bytes_repr_len function in Wireshark 1.4.5 uses an incorrect pointer argument which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via arbitrary TCP traffic.

Reference

http://openwall.com/lists/oss-security/2011/05/31/19 http://openwall.com/lists/oss-security/2011/06/01/9 http://secunia.com/advisories/44449 http://www.wireshark.org/docs/relnotes/wireshark-1.4.6.html http://www.wireshark.org/news/20110418.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5837 https://exchange.xforce.ibmcloud.com/vulnerabilities/67789 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A14943