Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2010-3445

Опубликовано: 13 сент. 2010
Источник: redhat
CVSS2: 2.9

Описание

Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP.

Отчет

The Red Hat Security Response Team has rated this issue as having low security impact, a future update to wireshark in Red Hat Enterprise Linux 4 and 5 may address this flaw. This issue was addressed in Red Hat Enterprise Linux 6 via https://rhn.redhat.com/errata/RHSA-2010-0924.html.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 3wiresharkAffected
Red Hat Enterprise Linux 4wiresharkFixedRHSA-2011:037021.03.2011
Red Hat Enterprise Linux 5wiresharkFixedRHSA-2011:037021.03.2011
Red Hat Enterprise Linux 6wiresharkFixedRHSA-2010:092430.11.2010

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
https://bugzilla.redhat.com/show_bug.cgi?id=639486wireshark: stack overflow in BER dissector

2.9 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2010-3445

ubuntu
больше 14 лет назад

Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP.

nvd логотип

CVE-2010-3445

nvd
больше 14 лет назад

Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP.

debian логотип

CVE-2010-3445

debian
больше 14 лет назад

Stack consumption vulnerability in the dissect_ber_unknown function in ...

github логотип

GHSA-27pv-p83w-4xp4

github
около 3 лет назад

Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP.

oracle-oval логотип

ELSA-2011-0013

oracle-oval
больше 14 лет назад

ELSA-2011-0013: wireshark security update (MODERATE)

2.9 Low

CVSS2