Launchpad.net

CVE 2010-3445

Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP.

Related bugs and status

CVE-2010-3445 (Candidate) is related to these bugs:

Bug #682549: CVE-2010-4300 and CVE-2010-3445

		In	Importance	Status
682549	CVE-2010-4300 and CVE-2010-3445	wireshark (Ubuntu)	Medium	Fix Released
682549	CVE-2010-4300 and CVE-2010-3445	wireshark (Ubuntu Maverick)	Medium	Fix Released
682549	CVE-2010-4300 and CVE-2010-3445	wireshark (Ubuntu Lucid)	Medium	Won't Fix

Bug #730413: CVE-2011-0538 Wireshark: memory corruption when reading a malformed pcap file

		In	Importance	Status
730413	CVE-2011-0538 Wireshark: memory corruption when reading a malformed pcap file	wireshark (Ubuntu)	Medium	Invalid
730413	CVE-2011-0538 Wireshark: memory corruption when reading a malformed pcap file	wireshark (Ubuntu Karmic)	Medium	Invalid
730413	CVE-2011-0538 Wireshark: memory corruption when reading a malformed pcap file	wireshark (Ubuntu Lucid)	Medium	Invalid
730413	CVE-2011-0538 Wireshark: memory corruption when reading a malformed pcap file	wireshark (Ubuntu Maverick)	Medium	Invalid

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2010-3445

Related bugs and status

Related bugs

References