Vulnerability Name:

CVE-2011-1956 (CCN-67789)

Assigned:2011-05-31
Published:2011-05-31
Updated:2017-09-19
Summary:The bytes_repr_len function in Wireshark 1.4.5 uses an incorrect pointer argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via arbitrary TCP traffic.
Per: http://cwe.mitre.org/data/definitions/476.html
'CWE-476: NULL Pointer Dereference'
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2011-1956

Source: MLIST
Type: Exploit
[oss-security] 20110531 CVE request for Wireshark 1.4.5 TCP DoS issue

Source: MLIST
Type: Exploit
[oss-security] 20110601 Re: CVE request for Wireshark 1.4.5 TCP DoS issue

Source: CCN
Type: SA44449
Wireshark Multiple Denial of Service Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
44449

Source: CCN
Type: OSVDB ID: 72974
Wireshark bytes_repr_len Function NULL Dereference Remote DoS

Source: CCN
Type: BID-48066
Wireshark Versions Prior to 1.4.7/1.2.17 Multiple Denial of Service Vulnerabilities

Source: CONFIRM
Type: Patch
http://www.wireshark.org/docs/relnotes/wireshark-1.4.6.html

Source: CONFIRM
Type: Patch
http://www.wireshark.org/news/20110418.html

Source: CCN
Type: wnpa-sec-2011-08
Multiple vulnerabilities in Wireshark® version 1.4.0 to 1.4.6

Source: CCN
Type: Wireshark Bug Database - Bug 5837
Wireshark (and tshark) crashes on tcp traffic - dissector accessed an invalid memory address

Source: CONFIRM
Type: Exploit
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5837

Source: XF
Type: UNKNOWN
wireshark-desegmenttcp-dos(67789)

Source: XF
Type: UNKNOWN
wireshark-desegmenttcp-dos(67789)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:14943

Vulnerable Configuration:Configuration 1:
  • cpe:/a:wireshark:wireshark:1.4.5:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:wireshark:wireshark:1.4.5:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:14943
    V
    		Vulnerability in bytes_repr_len function in Wireshark 1.4.5
    2013-08-19
    oval:com.ubuntu.precise:def:20111956000
    V
    		CVE-2011-1956 on Ubuntu 12.04 LTS (precise) - low.
    2011-06-06
    BACK
    wireshark wireshark 1.4.5
    wireshark wireshark 1.4.5