Executive Summary

Informations
Name CVE-2011-1143 First vendor Publication 2011-03-02
Vendor Cve Last vendor Modification 2017-09-19

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:P)
Cvss Base Score 4.3 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1143

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:16209
 
Oval ID: oval:org.mitre.oval:def:16209
Title: epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file
Description: epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.
Family: windows Class: vulnerability
Reference(s): CVE-2011-1143
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21771
 
Oval ID: oval:org.mitre.oval:def:21771
Title: RHSA-2011:0370: wireshark security update (Moderate)
Description: epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.
Family: unix Class: patch
Reference(s): RHSA-2011:0370-01
CESA-2011:0370
CVE-2010-3445
CVE-2011-0024
CVE-2011-0538
CVE-2011-1139
CVE-2011-1140
CVE-2011-1141
CVE-2011-1143
Version: 94
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23150
 
Oval ID: oval:org.mitre.oval:def:23150
Title: ELSA-2011:0370: wireshark security update (Moderate)
Description: epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.
Family: unix Class: patch
Reference(s): ELSA-2011:0370-01
CVE-2010-3445
CVE-2011-0024
CVE-2011-0538
CVE-2011-1139
CVE-2011-1140
CVE-2011-1141
CVE-2011-1143
Version: 33
Platform(s): Oracle Linux 5
Product(s): wireshark
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 90

OpenVAS Exploits

Date Description
2012-07-30 Name : CentOS Update for wireshark CESA-2011:0370 centos5 x86_64
File : nvt/gb_CESA-2011_0370_wireshark_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for wireshark CESA-2012:0509 centos6
File : nvt/gb_CESA-2012_0509_wireshark_centos6.nasl
2012-07-09 Name : RedHat Update for wireshark RHSA-2012:0509-01
File : nvt/gb_RHSA-2012_0509-01_wireshark.nasl
2012-06-27 Name : Wireshark Denial of Service Vulnerability-02 March 11 (Mac OS X)
File : nvt/gb_wireshark_dos_vuln02_mar11_macosx.nasl
2012-02-12 Name : Gentoo Security Advisory GLSA 201110-02 (wireshark)
File : nvt/glsa_201110_02.nasl
2011-08-09 Name : CentOS Update for wireshark CESA-2011:0370 centos5 i386
File : nvt/gb_CESA-2011_0370_wireshark_centos5_i386.nasl
2011-03-25 Name : CentOS Update for wireshark CESA-2011:0370 centos4 i386
File : nvt/gb_CESA-2011_0370_wireshark_centos4_i386.nasl
2011-03-24 Name : RedHat Update for wireshark RHSA-2011:0370-01
File : nvt/gb_RHSA-2011_0370-01_wireshark.nasl
2011-03-15 Name : Fedora Update for wireshark FEDORA-2011-2620
File : nvt/gb_fedora_2011_2620_wireshark_fc13.nasl
2011-03-15 Name : Fedora Update for wireshark FEDORA-2011-2632
File : nvt/gb_fedora_2011_2632_wireshark_fc14.nasl
2011-03-09 Name : Wireshark Denial of Service Vulnerability March-11 (Windows)
File : nvt/gb_wireshark_dos_vuln_mar11_win02.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
71548 Wireshark NTLMSSP Dissector PCAP File Handling DoS

Wireshark contains a flaw that may allow a denial of service. The issue is triggered when the 'dissect_ntlmssp_string()' function in 'epan/dissectors/packet-ntlmssp.c' suffers a NULL pointer dereference error, allowing a context-dependent attacker to use a crafted pcap file to cause a denial of service.

Nessus® Vulnerability Scanner

Date Description
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_wireshark-110411.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_wireshark-110411.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2012-71.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0509.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0370.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110321_wireshark_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120423_wireshark_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-04-25 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-0509.nasl - Type : ACT_GATHER_INFO
2012-04-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0509.nasl - Type : ACT_GATHER_INFO
2011-10-10 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201110-02.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_wireshark-110411.nasl - Type : ACT_GATHER_INFO
2011-04-07 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_wireshark-110331.nasl - Type : ACT_GATHER_INFO
2011-03-23 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0370.nasl - Type : ACT_GATHER_INFO
2011-03-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0370.nasl - Type : ACT_GATHER_INFO
2011-03-14 Name : The remote Fedora host is missing a security update.
File : fedora_2011-2632.nasl - Type : ACT_GATHER_INFO
2011-03-14 Name : The remote Fedora host is missing a security update.
File : fedora_2011-2620.nasl - Type : ACT_GATHER_INFO
2011-03-09 Name : The remote Fedora host is missing a security update.
File : fedora_2011-2648.nasl - Type : ACT_GATHER_INFO
2011-03-09 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-044.nasl - Type : ACT_GATHER_INFO
2011-03-02 Name : The remote Windows host contains an application that is affected by multiple ...
File : wireshark_1_4_4.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/46796
CERT-VN http://www.kb.cert.org/vuls/id/215900
CONFIRM http://anonsvn.wireshark.org/viewvc?view=rev&revision=34018
http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5157
FEDORA http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html
OVAL https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
REDHAT http://www.redhat.com/support/errata/RHSA-2011-0370.html
SECTRACK http://www.securitytracker.com/id?1025148
SECUNIA http://secunia.com/advisories/43759
http://secunia.com/advisories/43821
http://secunia.com/advisories/44169
http://secunia.com/advisories/48947
SUSE https://hermes.opensuse.org/messages/8086844
VUPEN http://www.vupen.com/english/advisories/2011/0626
http://www.vupen.com/english/advisories/2011/0719

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
Date Informations
2021-05-05 01:08:14
  • Multiple Updates
2021-05-04 12:14:10
  • Multiple Updates
2021-04-22 01:15:23
  • Multiple Updates
2020-05-24 01:07:32
  • Multiple Updates
2020-05-23 01:44:05
  • Multiple Updates
2020-05-23 00:28:01
  • Multiple Updates
2017-09-19 09:24:18
  • Multiple Updates
2016-04-26 20:37:46
  • Multiple Updates
2014-06-14 13:30:30
  • Multiple Updates
2014-02-17 11:01:04
  • Multiple Updates
2013-11-04 21:21:30
  • Multiple Updates
2013-05-10 22:56:25
  • Multiple Updates
2013-01-04 13:19:02
  • Multiple Updates