Vulnerability Details : CVE-2011-1959
The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that triggers a stack-based buffer over-read.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2011-1959
- cpe:2.3:a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.12:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.13:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.14:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.15:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.16:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.4.6:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-1959
0.78%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 79 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-1959
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST |
CWE ids for CVE-2011-1959
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-1959
-
http://openwall.com/lists/oss-security/2011/06/01/11
oss-security - Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues
-
http://www.debian.org/security/2011/dsa-2274
Debian -- Security Information -- DSA-2274-1 wireshark
-
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5912
5912 – Corrupted snoop file can crash WiresharkExploit
-
http://openwall.com/lists/oss-security/2011/06/01/1
oss-security - Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/67792
Wireshark snoop denial of service CVE-2011-1959 Vulnerability Report
-
https://bugzilla.redhat.com/show_bug.cgi?id=710039
710039 – (CVE-2011-1959) CVE-2011-1959 wireshark: Stack-based buffer over-read from tvbuff buffer when reading snoop capture filesExploit;Patch
-
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061290.html
[SECURITY] Fedora 15 Update: wireshark-1.4.7-1.fc15
-
http://www.wireshark.org/security/wnpa-sec-2011-07.html
Wireshark · wnpa-sec-2011-07 · Multiple vulnerabilities in WiresharkVendor Advisory
-
http://openwall.com/lists/oss-security/2011/05/31/20
oss-security - CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues
-
http://www.wireshark.org/security/wnpa-sec-2011-08.html
Wireshark · wnpa-sec-2011-08 · Multiple vulnerabilities in WiresharkVendor Advisory
-
http://anonsvn.wireshark.org/viewvc?view=revision&revision=37068
code.wireshark Code Review - wireshark.git/treePatch
-
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html
[SECURITY] Fedora 13 Update: wireshark-1.2.17-1.fc13
-
http://rhn.redhat.com/errata/RHSA-2013-0125.html
RHSA-2013:0125 - Security Advisory - Red Hat Customer Portal
-
http://www.securityfocus.com/bid/48066
Wireshark Versions Prior to 1.4.7/1.2.17 Multiple Denial of Service Vulnerabilities
-
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061437.html
[SECURITY] Fedora 14 Update: wireshark-1.4.7-1.fc14
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14656
Repository / Oval Repository
Jump to