Ubuntu
wireshark package

denial of service (application crash),via a pcap-ng file that contains a large packet-length field

Bug #730408 reported by Mahyuddin Susanto
90
This bug affects 1 person
Affects Status Importance Assigned to Milestone
wireshark (Ubuntu)
New
Medium
Mahyuddin Susanto

Bug Description

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

 affects ubuntu/wireshark
 status triaged
 assignee udienz
 importance medium
 security yes
 private yes
 done

Common Vulnerabilities and Exposures assigned an identifier CVE-2011-1139 to
the following vulnerability:

Name: CVE-2011-1139
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1139
Assigned: 20110302
Reference:
CONFIRM:http://anonsvn.wireshark.org/viewvc?view=rev&revision=35855
Reference:
CONFIRM:http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html
Reference:
CONFIRM:http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
Reference: CONFIRM:http://www.wireshark.org/security/wnpa-sec-2011-03.html
Reference: CONFIRM:http://www.wireshark.org/security/wnpa-sec-2011-04.html
Reference: CONFIRM:https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5661

wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through
1.4.3 allows remote attackers to cause a denial of service
(application crash) via a pcap-ng file that contains a large
packet-length field.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iF4EAREIAAYFAk10VKcACgkQdr7GbwjmqKV87gEAh0vVefYkfk3WvcJPoEhtOmF8
ax8Om2nUyCkWcFC8XNEBAN+5zYszRM/Z3cWQwteXPAcJe3LId+pCv2vno46uDXlj
=GbTT
-----END PGP SIGNATURE-----

Jamie Strandboge (jdstrand)
visibility: private → public
security vulnerability: yes → no
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.