Vulnerability CVE-2011-2174

Vulnerability Name:

CVE-2011-2174 (CCN-67793)

Assigned:

2011-05-31

Published:

2011-05-31

Updated:

2017-09-19

Summary:

Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-399

Vulnerability Consequences:

Denial of Service

References:

Source: CONFIRM
Type: Patch
http://anonsvn.wireshark.org/viewvc?view=revision&revision=37081

Source: MITRE
Type: CNA
CVE-2011-2174

Source: FEDORA
Type: UNKNOWN
FEDORA-2011-7821

Source: FEDORA
Type: UNKNOWN
FEDORA-2011-7846

Source: FEDORA
Type: UNKNOWN
FEDORA-2011-7858

Source: MLIST
Type: UNKNOWN
[oss-security] 20110531 CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues

Source: MLIST
Type: UNKNOWN
[oss-security] 20110601 Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues

Source: MLIST
Type: UNKNOWN
[oss-security] 20110601 Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues

Source: CCN
Type: RHSA-2012-0509
Moderate: wireshark security update

Source: CCN
Type: SA44449
Wireshark Multiple Denial of Service Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
44449

Source: SECUNIA
Type: UNKNOWN
44958

Source: SECUNIA
Type: UNKNOWN
45149

Source: SECUNIA
Type: UNKNOWN
48947

Source: DEBIAN
Type: UNKNOWN
DSA-2274

Source: DEBIAN
Type: DSA-2274
wireshark -- several vulnerabilities

Source: CCN
Type: OSVDB ID: 72978
Wireshark epan/tvbuff.c tvb_uncompress Function Double-free Remote DoS

Source: BID
Type: UNKNOWN
48066

Source: CCN
Type: BID-48066
Wireshark Versions Prior to 1.4.7/1.2.17 Multiple Denial of Service Vulnerabilities

Source: CCN
Type: wnpa-sec-2011-07
Multiple vulnerabilities in Wireshark® version 1.2.0 to 1.2.16

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.wireshark.org/security/wnpa-sec-2011-07.html

Source: CCN
Type: wnpa-sec-2011-08
Multiple vulnerabilities in Wireshark® version 1.4.0 to 1.4.6

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.wireshark.org/security/wnpa-sec-2011-08.html

Source: CCN
Type: Wireshark Bug Database - Bug 5837
Wireshark (and tshark) crashes on tcp traffic - dissector accessed an invalid memory address

Source: CONFIRM
Type: Exploit, Patch
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5908

Source: CONFIRM
Type: Patch
https://bugzilla.redhat.com/show_bug.cgi?id=710097

Source: XF
Type: UNKNOWN
wireshark-compressed-packet-dos(67793)

Source: XF
Type: UNKNOWN
wireshark-compressed-packet-dos(67793)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:14777

Vulnerable Configuration:

Configuration 1:

cpe:/a:wireshark:wireshark:1.2:*:*:*:*:*:*:*

OR cpe:/a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*

OR cpe:/a:wireshark:wireshark:1.2.1:*:*:*:*:*:*:*

OR cpe:/a:wireshark:wireshark:1.2.2:*:*:*:*:*:*:*

OR cpe:/a:wireshark:wireshark:1.2.3:*:*:*:*:*:*:*

OR cpe:/a:wireshark:wireshark:1.2.4:*:*:*:*:*:*:*

OR cpe:/a:wireshark:wireshark:1.2.5:*:*:*:*:*:*:*

OR cpe:/a:wireshark:wireshark:1.2.6:*:*:*:*:*:*:*

OR cpe:/a:wireshark:wireshark:1.2.7:*:*:*:*:*:*:*

OR cpe:/a:wireshark:wireshark:1.2.8:*:*:*:*:*:*:*

OR cpe:/a:wireshark:wireshark:1.2.9:*:*:*:*:*:*:*

OR cpe:/a:wireshark:wireshark:1.2.10:*:*:*:*:*:*:*

OR cpe:/a:wireshark:wireshark:1.2.11:*:*:*:*:*:*:*

OR cpe:/a:wireshark:wireshark:1.2.12:*:*:*:*:*:*:*

OR cpe:/a:wireshark:wireshark:1.2.13:*:*:*:*:*:*:*

OR cpe:/a:wireshark:wireshark:1.2.14:*:*:*:*:*:*:*

OR cpe:/a:wireshark:wireshark:1.2.15:*:*:*:*:*:*:*

OR cpe:/a:wireshark:wireshark:1.2.16:*:*:*:*:*:*:*

Configuration 2:

cpe:/a:wireshark:wireshark:1.4.0:*:*:*:*:*:*:*

OR cpe:/a:wireshark:wireshark:1.4.1:*:*:*:*:*:*:*

OR cpe:/a:wireshark:wireshark:1.4.2:*:*:*:*:*:*:*

OR cpe:/a:wireshark:wireshark:1.4.3:*:*:*:*:*:*:*

OR cpe:/a:wireshark:wireshark:1.4.4:*:*:*:*:*:*:*

OR cpe:/a:wireshark:wireshark:1.4.5:*:*:*:*:*:*:*

OR cpe:/a:wireshark:wireshark:1.4.6:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

Configuration CCN 1:

cpe:/a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*