CVE-2011-1141

Wireshark 1.0.x 1.2.0-1.2.14 1.4.0-1.4.3 - Denial of Service via LDAP Filter String

Title source: llm

Description

epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements.

References (21)

Core 21

Core References

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/43759

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html

Patch x_refsource_confirm

http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2011/0747

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/43795

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/215900

Patch x_refsource_confirm

http://anonsvn.wireshark.org/viewvc?view=rev&revision=36101

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2011-0370.html

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2011/0719

Patch x_refsource_confirm

http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html

Vendor Advisory x_refsource_confirm

http://www.wireshark.org/security/wnpa-sec-2011-04.html

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2011/0622

Vendor Advisory x_refsource_confirm

http://www.wireshark.org/security/wnpa-sec-2011-03.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2011-0369.html

Exploit x_refsource_confirm

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5732

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2011:044

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1025148

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2011/dsa-2201

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14974

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/43821

Scores

EPSS 0.0188

EPSS Percentile 83.4%

Details

CWE

CWE-399

Status published

Products (37)

wireshark/wireshark 1.0

wireshark/wireshark 1.0.0

wireshark/wireshark 1.0.1

wireshark/wireshark 1.0.2

wireshark/wireshark 1.0.3

wireshark/wireshark 1.0.4

wireshark/wireshark 1.0.5

wireshark/wireshark 1.0.6

wireshark/wireshark 1.0.7

wireshark/wireshark 1.0.8

... and 27 more

Published Mar 03, 2011

Tracked Since Feb 18, 2026