Executive Summary

Informations
Name CVE-2011-1141 First vendor Publication 2011-03-02
Vendor Cve Last vendor Modification 2017-09-19

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:P)
Cvss Base Score 4.3 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1141

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-399 Resource Management Errors

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:14974
 
Oval ID: oval:org.mitre.oval:def:14974
Title: Vulnerability in epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3
Description: epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements.
Family: windows Class: vulnerability
Reference(s): CVE-2011-1141
 Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
 Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18399
 
Oval ID: oval:org.mitre.oval:def:18399
Title: DSA-2201-1 wireshark - several
Description: Huzaifa Sidhpurwala, Joernchen, and Xiaopeng Zhang discovered several vulnerabilities in the Wireshark network traffic analyzer. Vulnerabilities in the DCT3, LDAP and SMB dissectors and in the code to parse pcag-ng files could lead to denial of service or the execution of arbitrary code.
Family: unix Class: patch
Reference(s): DSA-2201-1
CVE-2011-0538
CVE-2011-0713
CVE-2011-1139
CVE-2011-1140
CVE-2011-1141
 Version: 7
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
 Product(s): wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21869
 
Oval ID: oval:org.mitre.oval:def:21869
Title: RHSA-2011:0369: wireshark security update (Moderate)
Description: epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements.
Family: unix Class: patch
Reference(s): RHSA-2011:0369-01
CVE-2011-0444
CVE-2011-0538
CVE-2011-0713
CVE-2011-1139
CVE-2011-1140
CVE-2011-1141
 Version: 81
Platform(s): Red Hat Enterprise Linux 6
 Product(s): wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22896
 
Oval ID: oval:org.mitre.oval:def:22896
Title: ELSA-2011:0369: wireshark security update (Moderate)
Description: epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements.
Family: unix Class: patch
Reference(s): ELSA-2011:0369-01
CVE-2011-0444
CVE-2011-0538
CVE-2011-0713
CVE-2011-1139
CVE-2011-1140
CVE-2011-1141
 Version: 29
Platform(s): Oracle Linux 6
 Product(s): wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27893
 
Oval ID: oval:org.mitre.oval:def:27893
Title: DEPRECATED: ELSA-2011-0369 -- wireshark security update (moderate)
Description: [1.2.15-1.0.1.el6_0.1] - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect [1.2.15-1] - upgrade to 1.2.15 - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.14.html - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html - Resolves: CVE-2011-0444 CVE-2011-0538 CVE-2011-0713 CVE-2011-1139 CVE-2011-1140 CVE-2011-1141 CVE-2011-1143
Family: unix Class: patch
Reference(s): ELSA-2011-0369
CVE-2011-0444
CVE-2011-0538
CVE-2011-0713
CVE-2011-1139
CVE-2011-1140
CVE-2011-1141
 Version: 4
Platform(s): Oracle Linux 6
 Product(s): wireshark
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 37

OpenVAS Exploits

Date Description
2012-07-30 Name : CentOS Update for wireshark CESA-2011:0370 centos5 x86_64
File : nvt/gb_CESA-2011_0370_wireshark_centos5_x86_64.nasl
2012-06-27 Name : Wireshark Multiple Vulnerabilities-01 March 11 (Mac OS X)
File : nvt/gb_wireshark_mult_vuln01_mar11_macosx.nasl
2012-06-06 Name : RedHat Update for wireshark RHSA-2011:0369-01
File : nvt/gb_RHSA-2011_0369-01_wireshark.nasl
2012-02-12 Name : Gentoo Security Advisory GLSA 201110-02 (wireshark)
File : nvt/glsa_201110_02.nasl
2011-08-09 Name : CentOS Update for wireshark CESA-2011:0370 centos5 i386
File : nvt/gb_CESA-2011_0370_wireshark_centos5_i386.nasl
2011-05-12 Name : Debian Security Advisory DSA 2201-1 (wireshark)
File : nvt/deb_2201_1.nasl
2011-03-25 Name : CentOS Update for wireshark CESA-2011:0370 centos4 i386
File : nvt/gb_CESA-2011_0370_wireshark_centos4_i386.nasl
2011-03-24 Name : RedHat Update for wireshark RHSA-2011:0370-01
File : nvt/gb_RHSA-2011_0370-01_wireshark.nasl
2011-03-15 Name : Fedora Update for wireshark FEDORA-2011-2620
File : nvt/gb_fedora_2011_2620_wireshark_fc13.nasl
2011-03-15 Name : Fedora Update for wireshark FEDORA-2011-2632
File : nvt/gb_fedora_2011_2632_wireshark_fc14.nasl
2011-03-15 Name : Mandriva Update for wireshark MDVSA-2011:044 (wireshark)
File : nvt/gb_mandriva_MDVSA_2011_044.nasl
2011-03-09 Name : Wireshark Multiple Vulnerabilities March-11 (Windows)
File : nvt/gb_wireshark_mult_vuln_mar11_win01.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
71550 Wireshark LDAP Dissector Filter String Memory Consumption DoS

Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when 'epan/dissectors/packet-ldap.c' (LDAP Dissector) fails to properly process filter strings, allowing an attacker to use a crafted filter string to cause a denial of service via memory consumption.

Nessus® Vulnerability Scanner

Date Description
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0369.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0370.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110321_wireshark_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2011-10-10 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201110-02.nasl - Type : ACT_GATHER_INFO
2011-03-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2201.nasl - Type : ACT_GATHER_INFO
2011-03-23 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0370.nasl - Type : ACT_GATHER_INFO
2011-03-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0369.nasl - Type : ACT_GATHER_INFO
2011-03-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0370.nasl - Type : ACT_GATHER_INFO
2011-03-14 Name : The remote Fedora host is missing a security update.
File : fedora_2011-2620.nasl - Type : ACT_GATHER_INFO
2011-03-14 Name : The remote Fedora host is missing a security update.
File : fedora_2011-2632.nasl - Type : ACT_GATHER_INFO
2011-03-09 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-044.nasl - Type : ACT_GATHER_INFO
2011-03-02 Name : The remote Windows host contains an application that is affected by multiple ...
File : wireshark_1_4_4.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
CERT-VN http://www.kb.cert.org/vuls/id/215900
CONFIRM http://anonsvn.wireshark.org/viewvc?view=rev&revision=36101
http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html
http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
http://www.wireshark.org/security/wnpa-sec-2011-03.html
http://www.wireshark.org/security/wnpa-sec-2011-04.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5732
DEBIAN http://www.debian.org/security/2011/dsa-2201
FEDORA http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html
MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2011:044
OVAL https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
REDHAT http://www.redhat.com/support/errata/RHSA-2011-0369.html
http://www.redhat.com/support/errata/RHSA-2011-0370.html
SECTRACK http://www.securitytracker.com/id?1025148
SECUNIA http://secunia.com/advisories/43759
http://secunia.com/advisories/43795
http://secunia.com/advisories/43821
VUPEN http://www.vupen.com/english/advisories/2011/0622
http://www.vupen.com/english/advisories/2011/0719
http://www.vupen.com/english/advisories/2011/0747

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
Date Informations
2021-05-04 12:14:10
  • Multiple Updates
2021-04-22 01:15:22
  • Multiple Updates
2020-05-23 00:28:01
  • Multiple Updates
2017-09-19 09:24:18
  • Multiple Updates
2016-04-26 20:37:45
  • Multiple Updates
2014-02-17 11:01:04
  • Multiple Updates
2013-05-10 22:56:25
  • Multiple Updates