Vulnerability Name:

CVE-2011-1141 (CCN-65782)

Assigned:2011-03-01
Published:2011-03-01
Updated:2017-09-19
Summary:epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
2.9 Low (REDHAT CVSS v2 Vector: AV:A/AC:M/Au:N/C:N/I:N/A:P)
2.1 Low (REDHAT Temporal CVSS v2 Vector: AV:A/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Adjacent_Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-399
Vulnerability Consequences:Denial of Service
References:Source: CONFIRM
Type: Patch
http://anonsvn.wireshark.org/viewvc?view=rev&revision=36101

Source: MITRE
Type: CNA
CVE-2011-1141

Source: FEDORA
Type: UNKNOWN
FEDORA-2011-2632

Source: FEDORA
Type: UNKNOWN
FEDORA-2011-2620

Source: CCN
Type: RHSA-2011-0369
Moderate: wireshark security update

Source: CCN
Type: RHSA-2011-0370
Moderate: wireshark security update

Source: CCN
Type: SA43554
Wireshark Denial of Service and Buffer Overflow Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
43759

Source: SECUNIA
Type: UNKNOWN
43795

Source: SECUNIA
Type: UNKNOWN
43821

Source: DEBIAN
Type: UNKNOWN
DSA-2201

Source: DEBIAN
Type: DSA-2201
wireshark -- several vulnerabilities

Source: CCN
Type: US-CERT VU#215900
Wireshark 6LoWPAN denial of service vulnerability

Source: CERT-VN
Type: US Government Resource
VU#215900

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2011:044

Source: CCN
Type: OSVDB ID: 71550
Wireshark LDAP Dissector Filter String Memory Consumption DoS

Source: REDHAT
Type: UNKNOWN
RHSA-2011:0369

Source: REDHAT
Type: UNKNOWN
RHSA-2011:0370

Source: CCN
Type: BID-46626
Wireshark 1.4.3 and 1.2.14 Multiple Security Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1025148

Source: VUPEN
Type: UNKNOWN
ADV-2011-0622

Source: VUPEN
Type: UNKNOWN
ADV-2011-0719

Source: VUPEN
Type: UNKNOWN
ADV-2011-0747

Source: CONFIRM
Type: Patch
http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html

Source: CCN
Type: Wireshark Web Site
Wireshark 1.4.4 Release Notes

Source: CONFIRM
Type: Patch
http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html

Source: CCN
Type: wnpa-sec-2011-03
Multiple vulnerabilities in Wireshark version 1.2.0 to 1.2.14

Source: CONFIRM
Type: Vendor Advisory
http://www.wireshark.org/security/wnpa-sec-2011-03.html

Source: CCN
Type: wnpa-sec-2011-04
MAC-LTE, ENTTEC, and ASN.1 BER vulnerabilities in Wireshark version 1.4.0

Source: CONFIRM
Type: Vendor Advisory
http://www.wireshark.org/security/wnpa-sec-2011-04.html

Source: CONFIRM
Type: Exploit
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5732

Source: XF
Type: UNKNOWN
wireshark-ldap-filters-dos(65782)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:14974

Vulnerable Configuration:Configuration 1:
  • cpe:/a:wireshark:wireshark:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.0.15:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.0.16:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.7:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.8:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.9:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.10:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.11:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.12:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.13:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.14:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.3:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration RedHat 10:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 11:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.7:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.8:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.10:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.9:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.11:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.2.12:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.2:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_eus:5.6.z::server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_long_life:5.6:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:18399
    P
    		DSA-2201-1 wireshark - several
    2014-06-23
    oval:org.mitre.oval:def:22896
    P
    		ELSA-2011:0369: wireshark security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:23150
    P
    		ELSA-2011:0370: wireshark security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:21771
    P
    		RHSA-2011:0370: wireshark security update (Moderate)
    2014-02-24
    oval:org.mitre.oval:def:21869
    P
    		RHSA-2011:0369: wireshark security update (Moderate)
    2014-02-24
    oval:org.mitre.oval:def:14974
    V
    		Vulnerability in epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3
    2013-08-19
    oval:com.redhat.rhsa:def:20110369
    P
    		RHSA-2011:0369: wireshark security update (Moderate)
    2011-03-21
    oval:com.redhat.rhsa:def:20110370
    P
    		RHSA-2011:0370: wireshark security update (Moderate)
    2011-03-21
    oval:com.ubuntu.precise:def:20111141000
    V
    		CVE-2011-1141 on Ubuntu 12.04 LTS (precise) - low.
    2011-03-02
    BACK
    wireshark wireshark 1.0
    wireshark wireshark 1.0.0
    wireshark wireshark 1.0.1
    wireshark wireshark 1.0.2
    wireshark wireshark 1.0.3
    wireshark wireshark 1.0.4
    wireshark wireshark 1.0.5
    wireshark wireshark 1.0.6
    wireshark wireshark 1.0.7
    wireshark wireshark 1.0.8
    wireshark wireshark 1.0.9
    wireshark wireshark 1.0.10
    wireshark wireshark 1.0.11
    wireshark wireshark 1.0.12
    wireshark wireshark 1.0.13
    wireshark wireshark 1.0.14
    wireshark wireshark 1.0.15
    wireshark wireshark 1.0.16
    wireshark wireshark 1.2.0
    wireshark wireshark 1.2.1
    wireshark wireshark 1.2.2
    wireshark wireshark 1.2.3
    wireshark wireshark 1.2.4
    wireshark wireshark 1.2.5
    wireshark wireshark 1.2.6
    wireshark wireshark 1.2.7
    wireshark wireshark 1.2.8
    wireshark wireshark 1.2.9
    wireshark wireshark 1.2.10
    wireshark wireshark 1.2.11
    wireshark wireshark 1.2.12
    wireshark wireshark 1.2.13
    wireshark wireshark 1.2.14
    wireshark wireshark 1.4.0
    wireshark wireshark 1.4.1
    wireshark wireshark 1.4.2
    wireshark wireshark 1.4.3
    wireshark wireshark 1.2.0
    wireshark wireshark 1.2.1
    wireshark wireshark 1.2.2
    wireshark wireshark 1.2.3
    wireshark wireshark 1.2.4
    wireshark wireshark 1.2.5
    wireshark wireshark 1.2.7
    wireshark wireshark 1.2.6
    wireshark wireshark 1.2.8
    wireshark wireshark 1.2.10
    wireshark wireshark 1.4.0
    wireshark wireshark 1.2.9
    wireshark wireshark 1.2.11
    wireshark wireshark 1.2.12
    wireshark wireshark 1.4.1
    wireshark wireshark 1.4.2
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 5
    redhat enterprise linux 5
    redhat enterprise linux 5
    redhat enterprise linux 6
    redhat enterprise linux 6
    redhat enterprise linux desktop 6
    redhat enterprise linux eus 5.6.z
    redhat enterprise linux long life 5.6