Summary
The host is installed with Wireshark and is prone to denial of service vulnerability.
Impact
Successful exploitation could allow attackers to cause a denial of service via via a malformed packet.
Impact Level: Application
Solution
Upgrade to the Wireshark version 1.6.3 or later,
For updates refer to http://www.wireshark.org/download.html
Insight
The flaw is due to an error in csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector, which fails to initialize a certain variable.
Affected
Wireshark version 1.6.x before 1.6.3
References
- http://anonsvn.wireshark.org/viewvc?view=revision&revision=39140
- http://openwall.com/lists/oss-security/2011/11/01/9
- http://www.wireshark.org/security/wnpa-sec-2011-17.html
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6351
- https://bugzilla.redhat.com/show_bug.cgi?id=750643
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2011-4100 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Comodo Internet Security Denial of Service Vulnerability-01
- Apache Traffic Server HTTP Host Header Denial of Service Vulnerability
- Apple Safari Denial Of Service Vulnerability - Jul09
- F-PROT AV 'ELF' Header Denial of Service Vulnerability
- Adobe Flash Media Server Remote Denial of Service Vulnerability (August-2011)