CVE - CVE-2011-1140

CVE-ID
CVE-2011-1140	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
CERT-VN:VU#215900 URL:http://www.kb.cert.org/vuls/id/215900 CONFIRM:http://anonsvn.wireshark.org/viewvc?view=rev&revision=36029 CONFIRM:http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html CONFIRM:http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html CONFIRM:http://www.wireshark.org/security/wnpa-sec-2011-03.html CONFIRM:http://www.wireshark.org/security/wnpa-sec-2011-04.html CONFIRM:https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5717 DEBIAN:DSA-2201 URL:http://www.debian.org/security/2011/dsa-2201 FEDORA:FEDORA-2011-2620 URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html FEDORA:FEDORA-2011-2632 URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html FEDORA:FEDORA-2011-2648 URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html MANDRIVA:MDVSA-2011:044 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2011:044~~ (Obsolete source) OVAL:oval:org.mitre.oval:def:14715 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14715 REDHAT:RHSA-2011:0369 URL:http://www.redhat.com/support/errata/RHSA-2011-0369.html REDHAT:RHSA-2011:0370 URL:http://www.redhat.com/support/errata/RHSA-2011-0370.html SECTRACK:1025148 URL:http://www.securitytracker.com/id?1025148 SECUNIA:43759 URL:http://secunia.com/advisories/43759 SECUNIA:43795 URL:http://secunia.com/advisories/43795 SECUNIA:43821 URL:http://secunia.com/advisories/43821 SECUNIA:44169 URL:http://secunia.com/advisories/44169 SUSE:openSUSE-SU-2011:0347 URL:https://hermes.opensuse.org/messages/8086844 VUPEN:ADV-2011-0622 URL:~~http://www.vupen.com/english/advisories/2011/0622~~ (Obsolete source) VUPEN:ADV-2011-0626 URL:~~http://www.vupen.com/english/advisories/2011/0626~~ (Obsolete source) VUPEN:ADV-2011-0719 URL:~~http://www.vupen.com/english/advisories/2011/0719~~ (Obsolete source) VUPEN:ADV-2011-0747 URL:~~http://www.vupen.com/english/advisories/2011/0747~~ (Obsolete source)
Assigning CNA
MITRE Corporation
Date Record Created
20110302	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20110302)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)