exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2011-4102

Status Candidate

Overview

Heap-based buffer overflow in the erf_read_header function in wiretap/erf.c in the ERF file parser in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (application crash) via a malformed file.

Related Files

Red Hat Security Advisory 2013-0125-01
Posted Jan 8, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0125-01 - Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. A heap-based buffer overflow flaw was found in the way Wireshark handled Endace ERF capture files. If Wireshark opened a specially-crafted ERF capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file.

tags | advisory, denial of service, overflow, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2011-1958, CVE-2011-1959, CVE-2011-2175, CVE-2011-2698, CVE-2011-4102, CVE-2012-0041, CVE-2012-0042, CVE-2012-0066, CVE-2012-0067, CVE-2012-4285, CVE-2012-4289, CVE-2012-4290, CVE-2012-4291
SHA-256 | eb30de7fd8f00a0a922069cfe6ff4ed5abf41c0cacda471253febe3314fe484d
Red Hat Security Advisory 2012-0509-01
Posted Apr 23, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0509-01 - Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file.

tags | advisory, denial of service, arbitrary
systems | linux, redhat
advisories | CVE-2011-1143, CVE-2011-1590, CVE-2011-1957, CVE-2011-1958, CVE-2011-1959, CVE-2011-2174, CVE-2011-2175, CVE-2011-2597, CVE-2011-2698, CVE-2011-4102, CVE-2012-0041, CVE-2012-0042, CVE-2012-0066, CVE-2012-0067, CVE-2012-1595
SHA-256 | a8e8a801da4b7a24fc2903f6f33c984e1248132f1730c633edd984d26d065336
Debian Security Advisory 2351-1
Posted Nov 22, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2351-1 - Huzaifa Sidhpurwala discovered a buffer overflow in Wireshark's ERF dissector, which could lead to the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2011-4102
SHA-256 | 8ad5bd3c82f4a866ef130e1db2b7312fb606ef04dcd9be1c94bb5eeff2651887
Mandriva Linux Security Advisory 2011-164
Posted Nov 2, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-164 - This advisory updates wireshark to the latest version (1.6.3), fixing several security issues. An uninitialized variable in the CSN.1 dissector could cause a crash. Huzaifa Sidhpurwala of Red Hat Security Response Team discovered that the Infiniband dissector could dereference a NULL pointer. Huzaifa Sidhpurwala of Red Hat Security Response Team discovered a buffer overflow in the ERF file reader. The updated packages have been upgraded to the latest 1.6.x version which is not vulnerable to these issues.

tags | advisory, overflow
systems | linux, redhat, mandriva
advisories | CVE-2011-4100, CVE-2011-4101, CVE-2011-4102
SHA-256 | db68935e03bc26d480a3863e093cf87d2a9d9d664061a92252578d30c1c013c0
Page 1 of 1
Back1Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close