CVE-2011-0444 wireshark: buffer overflow in MAC-LTE disector
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
wireshark (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Lucid |
Won't Fix
|
Medium
|
Mahyuddin Susanto | ||
Maverick |
Fix Released
|
Medium
|
Unassigned | ||
Natty |
Fix Released
|
Medium
|
Unassigned |
Bug Description
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
affects ubuntu/wireshark
status inprogress
assignee udienz
importance medium
security yes
done
Common Vulnerabilities and Exposures assigned an identifier
CVE-2011-0444 to the following vulnerability:
Name: CVE-2011-0444
URL: http://
Reference: MISC: https:/
Reference: CONFIRM: http://
Reference: CONFIRM: http://
Reference: CONFIRM: https:/
Reference: VUPEN:ADV-2011-0079
Reference: URL: http://
Buffer overflow in the MAC-LTE dissector
(epan/dissector
and 1.4.0 through 1.4.2 allows remote attackers to cause a denial of
service (crash) and possibly execute arbitrary code via a large number
of RARs.
The upstream bug refers to two patches:
http://
overflow in the engineId preferences (seems applicable to 1.0.x also), and
http://
overflow in the MAC LTE dissector (not applicable to 1.0.x; this file is not
shipped).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://
iF4EAREIAAYFAk1
9f7PuUs18hNsw6W
=KRAV
-----END PGP SIGNATURE-----
CVE References
visibility: | private → public |
Changed in wireshark (Ubuntu Maverick): | |
status: | Fix Committed → Fix Released |
This was fixed in 1.4.4-1 in Natty.