Published: 08/02/2011 Updated: 19/09/2017

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 685

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Wireshark 1.2.0 up to and including 1.2.14, 1.4.0 up to and including 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wireshark wireshark 1.2.8
wireshark wireshark 1.2.7
wireshark wireshark 1.2.5
wireshark wireshark 1.2.0
wireshark wireshark 1.4.3
wireshark wireshark 1.5.0
wireshark wireshark 1.2.11
wireshark wireshark 1.2.14
wireshark wireshark 1.2.2
wireshark wireshark 1.4.0
wireshark wireshark 1.2.12
wireshark wireshark 1.2.6
wireshark wireshark 1.2.4
wireshark wireshark 1.2.1
wireshark wireshark 1.2.9
wireshark wireshark 1.2.10
wireshark wireshark 1.2.13
wireshark wireshark 1.2.3
wireshark wireshark 1.4.1
wireshark wireshark 1.4.2

Debian Bug report logs - #613202 CVE-2011-0538 Package: wireshark; Maintainer for wireshark is Balint Reczey <rbalint@ubuntucom>; Source for wireshark is src:wireshark (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Sun, 13 Feb 2011 14:03:02 UTC Severity: important Tags: security Found ...

Huzaifa Sidhpurwala, Joernchen, and Xiaopeng Zhang discovered several vulnerabilities in the Wireshark network traffic analyzer Vulnerabilities in the DCT3, LDAP and SMB dissectors and in the code to parse pcag-ng files could lead to denial of service or the execution of arbitrary code For the oldstable distribution (lenny), this problem has been ...

source: wwwsecurityfocuscom/bid/46167/info Wireshark is prone to a memory-corruption vulnerability because it fails to properly handle certain files Successful exploits may allow attackers to execute arbitrary code within the context of the affected application Failed exploit attempts will likely crash the application github ...

CWE-119 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5652 http://www.securityfocus.com/bid/46167 http://openwall.com/lists/oss-security/2011/02/04/1 http://www.wireshark.org/security/wnpa-sec-2011-04.html http://www.wireshark.org/security/wnpa-sec-2011-03.html http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html https://bugzilla.redhat.com/show_bug.cgi?id=676232 http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html http://www.vupen.com/english/advisories/2011/0719 http://secunia.com/advisories/43821 http://www.redhat.com/support/errata/RHSA-2011-0370.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:044 http://www.vupen.com/english/advisories/2011/0622 http://www.vupen.com/english/advisories/2011/0747 http://www.redhat.com/support/errata/RHSA-2011-0369.html http://www.securitytracker.com/id?1025148 http://secunia.com/advisories/43795 http://www.debian.org/security/2011/dsa-2201 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html http://www.kb.cert.org/vuls/id/215900 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html http://www.vupen.com/english/advisories/2011/0626 http://secunia.com/advisories/43759 https://exchange.xforce.ibmcloud.com/vulnerabilities/65182 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14605 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=613202 https://nvd.nist.gov https://www.exploit-db.com/exploits/35314/https://www.debian.org/security/./dsa-2201

CVE-2011-0538

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect