CVE-2011-0445

Published: 13 January 2011

The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (assertion failure) via crafted packets, as demonstrated by fuzz-2010-12-30-28473.pcap.

Notes

Author	Note
mdeslaur	1.4.x only

Priority

Status

Package	Release	Status
wireshark Launchpad, Ubuntu, Debian	dapper	Does not exist
	hardy	Not vulnerable (1.0.0-1ubuntu0.2)
	karmic	Not vulnerable (1.2.2-2)
	lucid	Not vulnerable (1.2.7-1)
	maverick	Not vulnerable (1.2.11-4build0.10.10.1)
	upstream	Released (1.2.14, 1.4.3)

References

http://www.wireshark.org/security/wnpa-sec-2011-02.html
https://www.cve.org/CVERecord?id=CVE-2011-0445
NVD
Launchpad
Debian

Bugs

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5537

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›