ID CVE-2010-2285
Summary The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors.
References
Vulnerable Configurations
  • Wireshark 0.99.6
    cpe:2.3:a:wireshark:wireshark:0.99.6
  • Wireshark 0.99.7
    cpe:2.3:a:wireshark:wireshark:0.99.7
  • Wireshark 0.99.8
    cpe:2.3:a:wireshark:wireshark:0.99.8
  • Wireshark 1.0.0
    cpe:2.3:a:wireshark:wireshark:1.0.0
  • Wireshark 1.0.1
    cpe:2.3:a:wireshark:wireshark:1.0.1
  • Wireshark 1.0.2
    cpe:2.3:a:wireshark:wireshark:1.0.2
  • Wireshark 1.0.3
    cpe:2.3:a:wireshark:wireshark:1.0.3
  • Wireshark 1.0.4
    cpe:2.3:a:wireshark:wireshark:1.0.4
  • Wireshark 1.0.5
    cpe:2.3:a:wireshark:wireshark:1.0.5
  • Wireshark 1.0.6
    cpe:2.3:a:wireshark:wireshark:1.0.6
  • Wireshark 1.0.7
    cpe:2.3:a:wireshark:wireshark:1.0.7
  • Wireshark 1.0.8
    cpe:2.3:a:wireshark:wireshark:1.0.8
  • Wireshark 1.0.9
    cpe:2.3:a:wireshark:wireshark:1.0.9
  • Wireshark 1.0.10
    cpe:2.3:a:wireshark:wireshark:1.0.10
  • Wireshark 1.0.11
    cpe:2.3:a:wireshark:wireshark:1.0.11
  • Wireshark 1.0.12
    cpe:2.3:a:wireshark:wireshark:1.0.12
  • Wireshark 1.0.13
    cpe:2.3:a:wireshark:wireshark:1.0.13
  • cpe:2.3:a:wireshark:wireshark:0.10.14
    cpe:2.3:a:wireshark:wireshark:0.10.14
  • cpe:2.3:a:wireshark:wireshark:0.10.13
    cpe:2.3:a:wireshark:wireshark:0.10.13
  • cpe:2.3:a:wireshark:wireshark:0.99.0
    cpe:2.3:a:wireshark:wireshark:0.99.0
  • cpe:2.3:a:wireshark:wireshark:0.99.1
    cpe:2.3:a:wireshark:wireshark:0.99.1
  • Wireshark 0.99.2
    cpe:2.3:a:wireshark:wireshark:0.99.2
  • Wireshark 0.99.3
    cpe:2.3:a:wireshark:wireshark:0.99.3
  • Wireshark 0.99.4
    cpe:2.3:a:wireshark:wireshark:0.99.4
  • Wireshark 0.99.5
    cpe:2.3:a:wireshark:wireshark:0.99.5
  • cpe:2.3:a:wireshark:wireshark:0.8.20
    cpe:2.3:a:wireshark:wireshark:0.8.20
  • Wireshark 1.2.0
    cpe:2.3:a:wireshark:wireshark:1.2.0
  • Wireshark 1.2.1
    cpe:2.3:a:wireshark:wireshark:1.2.1
  • Wireshark 1.2.2
    cpe:2.3:a:wireshark:wireshark:1.2.2
  • Wireshark 1.2.3
    cpe:2.3:a:wireshark:wireshark:1.2.3
  • Wireshark 1.2.4
    cpe:2.3:a:wireshark:wireshark:1.2.4
  • Wireshark 1.2.5
    cpe:2.3:a:wireshark:wireshark:1.2.5
  • Wireshark 1.2.6
    cpe:2.3:a:wireshark:wireshark:1.2.6
  • Wireshark 1.2.7
    cpe:2.3:a:wireshark:wireshark:1.2.7
  • Wireshark 1.2.8
    cpe:2.3:a:wireshark:wireshark:1.2.8
CVSS
Base: 3.3 (as of 15-06-2010 - 12:20)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
ADJACENT_NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_WIRESHARK-110331.NASL
    description Wireshark was updated to version 1.4.4 to fix several security issues
    last seen 2018-09-02
    modified 2018-06-29
    plugin id 53315
    published 2011-04-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53315
    title SuSE 11.1 Security Update : wireshark (SAT Patch Number 4267)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201110-02.NASL
    description The remote host is affected by the vulnerability described in GLSA-201110-02 (Wireshark: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could send specially crafted packets on a network being monitored by Wireshark, entice a user to open a malformed packet trace file using Wireshark, or deploy a specially crafted Lua script for use by Wireshark, possibly resulting in the execution of arbitrary code, or a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 56426
    published 2011-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56426
    title GLSA-201110-02 : Wireshark: Multiple vulnerabilities
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2066.NASL
    description Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer. It was discovered that NULL pointer dereferences, buffer overflows and infinite loops in the SMB, SMB PIPE, ASN1.1 and SigComp dissectors could lead to denial of service or the execution of arbitrary code.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 47584
    published 2010-07-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47584
    title Debian DSA-2066-1 : wireshark - several vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_3_WIRESHARK-101222.NASL
    description Wireshark version 1.4.2 fixes several security issues that allowed attackers to crash wireshark or potentially even execute arbitrary code (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2285, CVE-2010-2286, CVE-2010-2287, CVE-2010-2992, CVE-2010-2993, CVE-2010-2994, CVE-2010-2995, CVE-2010-3445, CVE-2010-4300, CVE-2010-4301)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75771
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75771
    title openSUSE Security Update : wireshark (openSUSE-SU-2011:0010-2)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_2_WIRESHARK-101222.NASL
    description Wireshark version 1.4.2 fixes several security issues that allowed attackers to crash wireshark or potentially even execute arbitrary code (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2285, CVE-2010-2286, CVE-2010-2287, CVE-2010-2992, CVE-2010-2993, CVE-2010-2994, CVE-2010-2995, CVE-2010-3445, CVE-2010-4300, CVE-2010-4301)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 53808
    published 2011-05-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53808
    title openSUSE Security Update : wireshark (openSUSE-SU-2011:0010-2)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2010-113.NASL
    description This advisory updates wireshark to the latest version(s), fixing several security issues : The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors (CVE-2010-2283). Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors (CVE-2010-2284). The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors (CVE-2010-2285). The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors (CVE-2010-2286). Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors (CVE-2010-2287).
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 48186
    published 2010-07-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=48186
    title Mandriva Linux Security Advisory : wireshark (MDVSA-2010:113)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_1_WIRESHARK-101222.NASL
    description Wireshark version 1.4.2 fixes several security issues that allowed attackers to crash wireshark or potentially even execute arbitrary code (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2285, CVE-2010-2286, CVE-2010-2287, CVE-2010-2992, CVE-2010-2993, CVE-2010-2994, CVE-2010-2995, CVE-2010-3445, CVE-2010-4300, CVE-2010-4301)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 53689
    published 2011-05-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53689
    title openSUSE Security Update : wireshark (openSUSE-SU-2011:0010-1)
  • NASL family Windows
    NASL id WIRESHARK_1_2_9.NASL
    description The installed version of Wireshark or Ethereal is potentially affected by multiple vulnerabilities. - The SMB dissector can be affected by a NULL pointer dereference. (Bug 4734) - The ANS.1 BER dissector can be affected by a buffer overflow. - The SMB PIPE dissector can be affected by a NULL pointer dereference on some platforms. - The SigComp Universal Decompressor Virtual Machine can be affected by an infinite loop or a buffer overflow. (Bug 4826, 4837)
    last seen 2019-02-21
    modified 2018-08-07
    plugin id 46864
    published 2010-06-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46864
    title Wireshark / Ethereal < 1.0.14 / 1.2.9 Multiple Vulnerabilities
oval via4
accepted 2013-08-19T04:00:04.543-04:00
class vulnerability
contributors
  • name J. Daniel Brown
    organization DTCC
  • name Shane Shaffer
    organization G2, Inc.
  • name Shane Shaffer
    organization G2, Inc.
  • name Shane Shaffer
    organization G2, Inc.
  • name Shane Shaffer
    organization G2, Inc.
definition_extensions
comment Wireshark is installed on the system.
oval oval:org.mitre.oval:def:6589
description The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors.
family windows
id oval:org.mitre.oval:def:11488
status accepted
submitted 2010-07-30T17:30:00.000-05:00
title Wireshark Dissector LWRES Multiple Buffer Overflow Vulnerabilities
version 13
refmap via4
bid 40728
confirm
mandriva MDVSA-2010:113
mlist [oss-security] 20100610 CVE request for new wireshark vulnerabilities
secunia
  • 40112
  • 42877
  • 43068
suse
  • SUSE-SR:2011:001
  • SUSE-SR:2011:002
vupen
  • ADV-2010-1418
  • ADV-2011-0076
  • ADV-2011-0212
Last major update 17-02-2011 - 01:56
Published 15-06-2010 - 10:04
Last modified 18-09-2017 - 21:31
Back to Top