ID CVE-2011-3482
Summary The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.2 does not initialize a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
References
Vulnerable Configurations
  • Wireshark 1.6.1
    cpe:2.3:a:wireshark:wireshark:1.6.1
  • Wireshark 1.6.0
    cpe:2.3:a:wireshark:wireshark:1.6.0
CVSS
Base: 4.3 (as of 20-09-2011 - 10:08)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Windows
    NASL id WIRESHARK_1_6_2.NASL
    description The installed version of Wireshark is 1.6.x before 1.6.2. This version is affected by the following vulnerabilities : - An error exists in IKE dissector that can allow denial of service attacks when processing certain malformed packets. (CVE-2011-3266) - A buffer exception handling vulnerability exists that can allow denial of service attacks when processing certain malformed packets. (Issue #6135) - It may be possible to make Wireshark execute Lua scripts using a method similar to DLL hijacking. (Issue #6136) - An error exists in OpenSafety dissector that can allow denial of service attacks when processing certain malformed packets. (Issue #6138) - An error exists in CSN.1 dissector that can allow denial of service attacks when processing certain malformed packets. (Issue #6139)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 56164
    published 2011-09-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56164
    title Wireshark 1.6.x < 1.6.2 Multiple Vulnerabilities
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2011-138.NASL
    description This advisory updates wireshark to the latest version (1.6.2), fixing several security issues : The proto_tree_add_item function in Wireshark 1.6.1, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service (infinite loop) via vectors involving a malformed IKE packet and many items in a tree (CVE-2011-3266). Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory (CVE-2011-3360). The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.2 does not initialize a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a malformed packet (CVE-2011-3482). Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (application crash) via a malformed capture file that leads to an invalid root tvbuff, related to a buffer exception handling vulnerability. (CVE-2011-3483). The unxorFrame function in epan/dissectors/packet-opensafety.c in the OpenSafety dissector in Wireshark 1.6.x before 1.6.2 does not properly validate a certain frame size, which allows remote attackers to cause a denial of service (loop and application crash) via a malformed packet (CVE-2011-3484). The updated packages have been upgraded to the latest 1.6.x version (1.6.2) which is not vulnerable to these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 61928
    published 2012-09-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61928
    title Mandriva Linux Security Advisory : wireshark (MDVSA-2011:138)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201110-02.NASL
    description The remote host is affected by the vulnerability described in GLSA-201110-02 (Wireshark: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could send specially crafted packets on a network being monitored by Wireshark, entice a user to open a malformed packet trace file using Wireshark, or deploy a specially crafted Lua script for use by Wireshark, possibly resulting in the execution of arbitrary code, or a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 56426
    published 2011-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56426
    title GLSA-201110-02 : Wireshark: Multiple vulnerabilities
oval via4
accepted 2013-08-19T04:00:42.178-04:00
class vulnerability
contributors
  • name Shane Shaffer
    organization G2, Inc.
  • name Shane Shaffer
    organization G2, Inc.
  • name Shane Shaffer
    organization G2, Inc.
definition_extensions
comment Wireshark is installed on the system.
oval oval:org.mitre.oval:def:6589
description The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.2 does not initialize a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
family windows
id oval:org.mitre.oval:def:14886
status accepted
submitted 2012-02-27T15:34:33.178-04:00
title CSN.1 dissector in Wireshark 1.6.x before 1.6.2 denial of service vulnerability
version 8
refmap via4
confirm
mandriva MDVSA-2011:138
mlist
  • [oss-security] 20110913 CVE Request: Multiple issues fixed in wireshark 1.6.2
  • [oss-security] 20110914 Re: CVE Request: Multiple issues fixed in wireshark 1.6.2
Last major update 13-08-2012 - 23:30
Published 20-09-2011 - 06:55
Last modified 18-09-2017 - 21:33
Back to Top