Back to search
CVE-2010-4300
Published: Nov 26, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5318
x_refsource_CONFIRM
SUSE-SR:2011:001
vendor-advisory
x_refsource_SUSE
ADV-2010-3093
vdb-entry
x_refsource_VUPEN
43068
third-party-advisory
x_refsource_SECUNIA
42290
third-party-advisory
x_refsource_SECUNIA
1024762
vdb-entry
x_refsource_SECTRACK
ADV-2011-0212
vdb-entry
x_refsource_VUPEN
ADV-2010-3068
vdb-entry
x_refsource_VUPEN
69354
vdb-entry
x_refsource_OSVDB
42877
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2011:002
vendor-advisory
x_refsource_SUSE
RHSA-2010:0924
vendor-advisory
x_refsource_REDHAT
15676
exploit
x_refsource_EXPLOIT-DB
ADV-2011-0404
vdb-entry
x_refsource_VUPEN
http://www.wireshark.org/security/wnpa-sec-2010-14.html
x_refsource_CONFIRM
ADV-2011-0076
vdb-entry
x_refsource_VUPEN
oval:org.mitre.oval:def:14287
vdb-entry
signature
x_refsource_OVAL
MDVSA-2010:242
vendor-advisory
x_refsource_MANDRIVA
http://www.wireshark.org/security/wnpa-sec-2010-13.html
x_refsource_CONFIRM
ADV-2010-3038
vdb-entry
x_refsource_VUPEN
42411
third-party-advisory
x_refsource_SECUNIA
44987
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now