Executive Summary

Informations
Name CVE-2011-0713 First vendor Publication 2011-03-02
Vendor Cve Last vendor Modification 2012-08-13

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score 6.8 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0713

CWE : Common Weakness Enumeration

idName
CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:14766
 
Oval ID: oval:org.mitre.oval:def:14766
Title: Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3
Description: Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file.
Family: windows Class: vulnerability
Reference(s): CVE-2011-0713
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application19

OpenVAS Exploits

DateDescription
2012-06-27Name : Wireshark Multiple Vulnerabilities March-11 (Mac OS X)
File : nvt/gb_wireshark_mult_vuln_mar11_macosx.nasl
2012-06-06Name : RedHat Update for wireshark RHSA-2011:0369-01
File : nvt/gb_RHSA-2011_0369-01_wireshark.nasl
2012-02-12Name : Gentoo Security Advisory GLSA 201110-02 (wireshark)
File : nvt/glsa_201110_02.nasl
2011-05-12Name : Debian Security Advisory DSA 2201-1 (wireshark)
File : nvt/deb_2201_1.nasl
2011-03-15Name : Mandriva Update for wireshark MDVSA-2011:044 (wireshark)
File : nvt/gb_mandriva_MDVSA_2011_044.nasl
2011-03-15Name : Fedora Update for wireshark FEDORA-2011-2620
File : nvt/gb_fedora_2011_2620_wireshark_fc13.nasl
2011-03-15Name : Fedora Update for wireshark FEDORA-2011-2632
File : nvt/gb_fedora_2011_2632_wireshark_fc14.nasl
2011-03-09Name : Wireshark Multiple Vulnerabilities - March-11 (Windows)
File : nvt/gb_wireshark_mult_vuln_mar11_win.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
71554Wireshark Nokia DCT3 Trace File Handling Overflow

Nessus® Vulnerability Scanner

DateDescription
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0369.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0370.nasl - Type : ACT_GATHER_INFO
2011-10-10Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201110-02.nasl - Type : ACT_GATHER_INFO
2011-04-07Name : The remote SuSE 11 host is missing a security update.
File : suse_11_wireshark-110331.nasl - Type : ACT_GATHER_INFO
2011-03-24Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2201.nasl - Type : ACT_GATHER_INFO
2011-03-23Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0370.nasl - Type : ACT_GATHER_INFO
2011-03-22Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0369.nasl - Type : ACT_GATHER_INFO
2011-03-22Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0370.nasl - Type : ACT_GATHER_INFO
2011-03-14Name : The remote Fedora host is missing a security update.
File : fedora_2011-2620.nasl - Type : ACT_GATHER_INFO
2011-03-14Name : The remote Fedora host is missing a security update.
File : fedora_2011-2632.nasl - Type : ACT_GATHER_INFO
2011-03-09Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-044.nasl - Type : ACT_GATHER_INFO
2011-03-09Name : The remote Fedora host is missing a security update.
File : fedora_2011-2648.nasl - Type : ACT_GATHER_INFO
2011-03-02Name : The remote Windows host contains an application that is affected by multiple ...
File : wireshark_1_4_4.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/46416
CERT-VN http://www.kb.cert.org/vuls/id/215900
CONFIRM http://anonsvn.wireshark.org/viewvc?view=rev&revision=35953
http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html
http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
http://www.wireshark.org/security/wnpa-sec-2011-03.html
http://www.wireshark.org/security/wnpa-sec-2011-04.html
https://bugzilla.redhat.com/show_bug.cgi?id=678198
DEBIAN http://www.debian.org/security/2011/dsa-2201
FEDORA http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html
MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2011:044
MLIST http://openwall.com/lists/oss-security/2011/02/16/13
REDHAT http://www.redhat.com/support/errata/RHSA-2011-0369.html
SECTRACK http://www.securitytracker.com/id?1025148
SECUNIA http://secunia.com/advisories/43759
http://secunia.com/advisories/43795
VUPEN http://www.vupen.com/english/advisories/2011/0622
http://www.vupen.com/english/advisories/2011/0626
http://www.vupen.com/english/advisories/2011/0719
http://www.vupen.com/english/advisories/2011/0747
XF http://xforce.iss.net/xforce/xfdb/65460
http://xforce.iss.net/xforce/xfdb/65780

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2014-02-17 11:00:29
  • Multiple Updates
2013-05-10 22:54:38
  • Multiple Updates