Back to search
CVE-2011-4100
Published: Nov 3, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.3 does not initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugzilla.redhat.com/show_bug.cgi?id=750643
x_refsource_CONFIRM
50479
vdb-entry
x_refsource_BID
http://www.wireshark.org/security/wnpa-sec-2011-17.html
x_refsource_CONFIRM
46644
third-party-advisory
x_refsource_SECUNIA
http://anonsvn.wireshark.org/viewvc?view=revision&revision=39140
x_refsource_CONFIRM
76768
vdb-entry
x_refsource_OSVDB
oval:org.mitre.oval:def:14833
vdb-entry
signature
x_refsource_OVAL
[oss-security] 20111101 Re: CVE request for wireshark flaws
mailing-list
x_refsource_MLIST
wireshark-csn1-dissector-dos(71090)
vdb-entry
x_refsource_XF
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6351
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now