CVE-2011-1590

Related Files

Red Hat Security Advisory 2012-0509-01

Posted Apr 23, 2012

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0509-01 - Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file.

tags | advisory, denial of service, arbitrary

systems | linux, redhat

advisories | CVE-2011-1143, CVE-2011-1590, CVE-2011-1957, CVE-2011-1958, CVE-2011-1959, CVE-2011-2174, CVE-2011-2175, CVE-2011-2597, CVE-2011-2698, CVE-2011-4102, CVE-2012-0041, CVE-2012-0042, CVE-2012-0066, CVE-2012-0067, CVE-2012-1595

SHA-256 | a8e8a801da4b7a24fc2903f6f33c984e1248132f1730c633edd984d26d065336

Download | Favorite | View

Debian Security Advisory 2274-1

Posted Jul 8, 2011

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2274-1 - Wireshark packages have been updated. Huzaifa Sidhpurwala, David Maciejak and others discovered several vulnerabilities in the X.509if and DICOM dissectors and in the code to process various capture and dictionary files, which could lead to denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability

systems | linux, debian

advisories | CVE-2011-1590, CVE-2011-1957, CVE-2011-1958, CVE-2011-1959, CVE-2011-2174, CVE-2011-2175

SHA-256 | 2e759c091207431ba7ec3a25ef20e3b921b32fd2d87ada68fdcb7887ba58e1e5

Download | Favorite | View

Mandriva Linux Security Advisory 2011-083

Posted May 12, 2011

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-083 - This advisory updates wireshark to the latest version (1.2.16), fixing several security issues. The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted.pcap file. Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted.pcap file. The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x before 1.4.5 on Windows uses an incorrect integer data type during decoding of SETCLIENTID calls, which allows remote attackers to cause a denial of service via a crafted.pcap file. The updated packages have been upgraded to the latest 1.2.x version which is not vulnerable to these issues.

tags | advisory, remote, denial of service, overflow, arbitrary

systems | linux, windows, mandriva

advisories | CVE-2011-1590, CVE-2011-1591, CVE-2011-1592

SHA-256 | 538e687f9f31c6f045044b996e6f5ea1ccf12e7f4446439a4c6bf761add69dc4

Download | Favorite | View