Vulnerability Name:

CVE-2011-0444 (CCN-64624)

Assigned:2011-01-11
Published:2011-01-11
Updated:2017-09-19
Summary:Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c) in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of RARs.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
6.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2011-0444

Source: FEDORA
Type: UNKNOWN
FEDORA-2011-0450

Source: FEDORA
Type: UNKNOWN
FEDORA-2011-0460

Source: OSVDB
Type: UNKNOWN
70403

Source: CCN
Type: RHSA-2011-0369
Moderate: wireshark security update

Source: SECUNIA
Type: UNKNOWN
43175

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2011:007

Source: CCN
Type: OSVDB ID: 70403
Wireshark MAC-LTE Dissector RAR Saturation Overflow

Source: REDHAT
Type: UNKNOWN
RHSA-2011:0369

Source: BID
Type: UNKNOWN
45775

Source: CCN
Type: BID-45775
Wireshark Dissectors Multiple Vulnerabilities

Source: VUPEN
Type: Vendor Advisory
ADV-2011-0079

Source: VUPEN
Type: UNKNOWN
ADV-2011-0104

Source: VUPEN
Type: UNKNOWN
ADV-2011-0270

Source: VUPEN
Type: UNKNOWN
ADV-2011-0719

Source: CCN
Type: wnpa-sec-2011-01
MAC-LTE and ENTTEC vulnerabilities in Wireshark® version 1.2.0 to 1.2.13

Source: CONFIRM
Type: UNKNOWN
http://www.wireshark.org/security/wnpa-sec-2011-01.html

Source: CCN
Type: wnpa-sec-2011-02
MAC-LTE, ENTTEC, and ASN.1 BER vulnerabilities in Wireshark® version 1.4.0

Source: CONFIRM
Type: UNKNOWN
http://www.wireshark.org/security/wnpa-sec-2011-02.html

Source: MISC
Type: Patch
https://bugs.wireshark.org/bugzilla/attachment.cgi?id=5676

Source: CONFIRM
Type: Patch
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5530

Source: XF
Type: UNKNOWN
wireshark-maclte-bo(64624)

Source: XF
Type: UNKNOWN
wireshark-maclte-bo(64624)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:14283

Source: SUSE
Type: SUSE-SR:2011:007
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:wireshark:wireshark:1.2:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.7:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.8:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.9:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.10:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.11:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.12:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.13:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:wireshark:wireshark:1.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.2:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.7:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.8:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.10:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.9:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.11:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.12:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.2:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:6:*:server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20110444
    V
    		CVE-2011-0444
    2022-05-20
    oval:org.mitre.oval:def:22896
    P
    		ELSA-2011:0369: wireshark security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:21869
    P
    		RHSA-2011:0369: wireshark security update (Moderate)
    2014-02-24
    oval:org.mitre.oval:def:14283
    V
    		Buffer overflow in the MAC-LTE dissector in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2
    2013-08-19
    oval:com.redhat.rhsa:def:20110369
    P
    		RHSA-2011:0369: wireshark security update (Moderate)
    2011-03-21
    oval:com.ubuntu.precise:def:20110444000
    V
    		CVE-2011-0444 on Ubuntu 12.04 LTS (precise) - medium.
    2011-01-12
    BACK
    wireshark wireshark 1.2
    wireshark wireshark 1.2.0
    wireshark wireshark 1.2.1
    wireshark wireshark 1.2.2
    wireshark wireshark 1.2.3
    wireshark wireshark 1.2.4
    wireshark wireshark 1.2.5
    wireshark wireshark 1.2.6
    wireshark wireshark 1.2.7
    wireshark wireshark 1.2.8
    wireshark wireshark 1.2.9
    wireshark wireshark 1.2.10
    wireshark wireshark 1.2.11
    wireshark wireshark 1.2.12
    wireshark wireshark 1.2.13
    wireshark wireshark 1.4.0
    wireshark wireshark 1.4.1
    wireshark wireshark 1.4.2
    wireshark wireshark 1.2.0
    wireshark wireshark 1.2.1
    wireshark wireshark 1.2.2
    wireshark wireshark 1.2.3
    wireshark wireshark 1.2.4
    wireshark wireshark 1.2.5
    wireshark wireshark 1.2.7
    wireshark wireshark 1.2.6
    wireshark wireshark 1.2.8
    wireshark wireshark 1.2.10
    wireshark wireshark 1.4.0
    wireshark wireshark 1.2.9
    wireshark wireshark 1.2.11
    wireshark wireshark 1.2.12
    wireshark wireshark 1.4.1
    wireshark wireshark 1.4.2
    redhat enterprise linux 6
    redhat enterprise linux 6
    redhat enterprise linux desktop 6