CVE-2011-1590
Vulnerability from cvelistv5
Published
2011-04-29 22:00
Modified
2024-08-06 22:28
Severity ?
Summary
The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.
References
secalert@redhat.comhttp://anonsvn.wireshark.org/viewvc?revision=36608&view=revisionPatch
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2011-April/058900.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2011-April/058983.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html
secalert@redhat.comhttp://openwall.com/lists/oss-security/2011/04/18/2Exploit, Patch
secalert@redhat.comhttp://openwall.com/lists/oss-security/2011/04/18/8Exploit, Patch
secalert@redhat.comhttp://secunia.com/advisories/44172Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/44374
secalert@redhat.comhttp://secunia.com/advisories/44822
secalert@redhat.comhttp://secunia.com/advisories/45149
secalert@redhat.comhttp://secunia.com/advisories/48947
secalert@redhat.comhttp://securitytracker.com/id?1025388
secalert@redhat.comhttp://www.debian.org/security/2011/dsa-2274
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:083
secalert@redhat.comhttp://www.osvdb.org/71846
secalert@redhat.comhttp://www.vupen.com/english/advisories/2011/1022Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2011/1106
secalert@redhat.comhttp://www.wireshark.org/security/wnpa-sec-2011-05.html
secalert@redhat.comhttp://www.wireshark.org/security/wnpa-sec-2011-06.html
secalert@redhat.comhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5754Exploit, Patch
secalert@redhat.comhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5793
secalert@redhat.comhttps://hermes.opensuse.org/messages/8701428
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15050
af854a3a-2127-422b-91ae-364da2661108http://anonsvn.wireshark.org/viewvc?revision=36608&view=revisionPatch
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058900.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058983.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/04/18/2Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/04/18/8Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/44172Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/44374
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/44822
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/45149
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/48947
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1025388
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2011/dsa-2274
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:083
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/71846
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/1022Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/1106
af854a3a-2127-422b-91ae-364da2661108http://www.wireshark.org/security/wnpa-sec-2011-05.html
af854a3a-2127-422b-91ae-364da2661108http://www.wireshark.org/security/wnpa-sec-2011-06.html
af854a3a-2127-422b-91ae-364da2661108https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5754Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5793
af854a3a-2127-422b-91ae-364da2661108https://hermes.opensuse.org/messages/8701428
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15050
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T22:28:41.906Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5793",
               },
               {
                  name: "MDVSA-2011:083",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_MANDRIVA",
                     "x_transferred",
                  ],
                  url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:083",
               },
               {
                  name: "FEDORA-2011-5621",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058900.html",
               },
               {
                  name: "FEDORA-2011-5529",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html",
               },
               {
                  name: "48947",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/48947",
               },
               {
                  name: "[oss-security] 20110418 Re: Wireshark 1.2.16 / 1.4.5",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://openwall.com/lists/oss-security/2011/04/18/8",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.wireshark.org/security/wnpa-sec-2011-05.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5754",
               },
               {
                  name: "oval:org.mitre.oval:def:15050",
                  tags: [
                     "vdb-entry",
                     "signature",
                     "x_refsource_OVAL",
                     "x_transferred",
                  ],
                  url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15050",
               },
               {
                  name: "SUSE-SU-2011:0611",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "https://hermes.opensuse.org/messages/8701428",
               },
               {
                  name: "FEDORA-2011-5569",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058983.html",
               },
               {
                  name: "DSA-2274",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2011/dsa-2274",
               },
               {
                  name: "44374",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/44374",
               },
               {
                  name: "71846",
                  tags: [
                     "vdb-entry",
                     "x_refsource_OSVDB",
                     "x_transferred",
                  ],
                  url: "http://www.osvdb.org/71846",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://anonsvn.wireshark.org/viewvc?revision=36608&view=revision",
               },
               {
                  name: "44822",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/44822",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.wireshark.org/security/wnpa-sec-2011-06.html",
               },
               {
                  name: "44172",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/44172",
               },
               {
                  name: "ADV-2011-1022",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2011/1022",
               },
               {
                  name: "1025388",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://securitytracker.com/id?1025388",
               },
               {
                  name: "[oss-security] 20110418 Wireshark 1.2.16 / 1.4.5",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://openwall.com/lists/oss-security/2011/04/18/2",
               },
               {
                  name: "ADV-2011-1106",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2011/1106",
               },
               {
                  name: "45149",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/45149",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2011-04-14T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-09-18T12:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5793",
            },
            {
               name: "MDVSA-2011:083",
               tags: [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
               ],
               url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:083",
            },
            {
               name: "FEDORA-2011-5621",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058900.html",
            },
            {
               name: "FEDORA-2011-5529",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html",
            },
            {
               name: "48947",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/48947",
            },
            {
               name: "[oss-security] 20110418 Re: Wireshark 1.2.16 / 1.4.5",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://openwall.com/lists/oss-security/2011/04/18/8",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.wireshark.org/security/wnpa-sec-2011-05.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5754",
            },
            {
               name: "oval:org.mitre.oval:def:15050",
               tags: [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
               ],
               url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15050",
            },
            {
               name: "SUSE-SU-2011:0611",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "https://hermes.opensuse.org/messages/8701428",
            },
            {
               name: "FEDORA-2011-5569",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058983.html",
            },
            {
               name: "DSA-2274",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2011/dsa-2274",
            },
            {
               name: "44374",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/44374",
            },
            {
               name: "71846",
               tags: [
                  "vdb-entry",
                  "x_refsource_OSVDB",
               ],
               url: "http://www.osvdb.org/71846",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://anonsvn.wireshark.org/viewvc?revision=36608&view=revision",
            },
            {
               name: "44822",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/44822",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.wireshark.org/security/wnpa-sec-2011-06.html",
            },
            {
               name: "44172",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/44172",
            },
            {
               name: "ADV-2011-1022",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2011/1022",
            },
            {
               name: "1025388",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://securitytracker.com/id?1025388",
            },
            {
               name: "[oss-security] 20110418 Wireshark 1.2.16 / 1.4.5",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://openwall.com/lists/oss-security/2011/04/18/2",
            },
            {
               name: "ADV-2011-1106",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2011/1106",
            },
            {
               name: "45149",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/45149",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2011-1590",
      datePublished: "2011-04-29T22:00:00",
      dateReserved: "2011-04-05T00:00:00",
      dateUpdated: "2024-08-06T22:28:41.906Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      fkie_nvd: {
         configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B9A59A8-7319-4F1F-AA1D-801B5F7C1974\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:wireshark:wireshark:1.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0059BA2-86B2-4DA5-A6C1-7248D07BB37C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:wireshark:wireshark:1.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C13C7D5-D344-45D2-9FF0-2C3388C94584\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:wireshark:wireshark:1.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D79DA61-F97C-4DCB-A2B7-FE67C5F10964\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:wireshark:wireshark:1.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"84D6DFA0-53A2-424C-A31C-88FD683E5674\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:wireshark:wireshark:1.2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B441815-DF95-462C-B9F9-43E2F0B04A45\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:wireshark:wireshark:1.2.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D09E4C0-0C75-4227-87E0-F2A06E240003\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:wireshark:wireshark:1.2.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8DE4A9E3-5542-4483-9FA3-7F39C644563B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:wireshark:wireshark:1.2.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD8A1D30-CB46-4B3D-BED5-1D045F3E1058\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:wireshark:wireshark:1.2.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"977DA99C-54EC-4DEA-AD8B-E71C5F77022F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:wireshark:wireshark:1.2.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8ECDB7F8-F97B-440E-98DB-893C4714D47B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:wireshark:wireshark:1.2.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"27611804-AED3-443B-B1AE-25F8337FFA49\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:wireshark:wireshark:1.2.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"77B9C6C4-A6CE-45D0-BE6C-B29E5C7A45C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:wireshark:wireshark:1.2.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B7726D3-607C-4D34-9FBE-ACBDCB1188E5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:wireshark:wireshark:1.2.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DFB96C81-69F9-49C4-A2FD-D0220A2AB4E1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:wireshark:wireshark:1.2.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"73A8F429-4E43-4076-8F87-3BAF72306991\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:wireshark:wireshark:1.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ABB6F1D5-64CC-474D-B123-818080ED7903\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:wireshark:wireshark:1.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A5E0F58D-4CE5-4051-A0F6-9BFA2FC0D2DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:wireshark:wireshark:1.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1CC3D171-73D0-4A14-A2AA-60C9739CD840\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:wireshark:wireshark:1.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CF840746-1797-4ACC-8AFD-8FBD97E9F706\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:wireshark:wireshark:1.4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"87AA0CD8-5F45-4F3C-B72E-6D94EA4B2C8B\"}]}]}]",
         descriptions: "[{\"lang\": \"en\", \"value\": \"The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.\"}, {\"lang\": \"es\", \"value\": \"El disector X.509if en Wireshark v1.2.x antes de v1.2.16 y v1.4.x antes de v1.4.5 no inicializa correctamente ciertas variables globales, lo que permite a atacantes remotos provocar una denegaci\\u00f3n de servicio (Mediante caida de la aplicaci\\u00f3n) a trav\\u00e9s de un archivo pcap debidamente modificado.\"}]",
         id: "CVE-2011-1590",
         lastModified: "2024-11-21T01:26:40.037",
         metrics: "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:N/A:P\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
         published: "2011-04-29T22:55:02.547",
         references: "[{\"url\": \"http://anonsvn.wireshark.org/viewvc?revision=36608&view=revision\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058900.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058983.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/04/18/2\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Exploit\", \"Patch\"]}, {\"url\": \"http://openwall.com/lists/oss-security/2011/04/18/8\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Exploit\", \"Patch\"]}, {\"url\": \"http://secunia.com/advisories/44172\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/44374\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/44822\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/45149\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/48947\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://securitytracker.com/id?1025388\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.debian.org/security/2011/dsa-2274\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2011:083\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.osvdb.org/71846\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2011/1022\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2011/1106\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.wireshark.org/security/wnpa-sec-2011-05.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.wireshark.org/security/wnpa-sec-2011-06.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5754\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Exploit\", \"Patch\"]}, {\"url\": \"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5793\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://hermes.opensuse.org/messages/8701428\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15050\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://anonsvn.wireshark.org/viewvc?revision=36608&view=revision\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058900.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058983.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/04/18/2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Patch\"]}, {\"url\": \"http://openwall.com/lists/oss-security/2011/04/18/8\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Patch\"]}, {\"url\": \"http://secunia.com/advisories/44172\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/44374\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/44822\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/45149\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/48947\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1025388\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2011/dsa-2274\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2011:083\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.osvdb.org/71846\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2011/1022\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2011/1106\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.wireshark.org/security/wnpa-sec-2011-05.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.wireshark.org/security/wnpa-sec-2011-06.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5754\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Patch\"]}, {\"url\": \"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5793\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://hermes.opensuse.org/messages/8701428\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15050\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
         sourceIdentifier: "secalert@redhat.com",
         vulnStatus: "Modified",
         weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-399\"}]}]",
      },
      nvd: "{\"cve\":{\"id\":\"CVE-2011-1590\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2011-04-29T22:55:02.547\",\"lastModified\":\"2024-11-21T01:26:40.037\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.\"},{\"lang\":\"es\",\"value\":\"El disector X.509if en Wireshark v1.2.x antes de v1.2.16 y v1.4.x antes de v1.4.5 no inicializa correctamente ciertas variables globales, lo que permite a atacantes remotos provocar una denegación de servicio (Mediante caida de la aplicación) a través de un archivo pcap debidamente modificado.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B9A59A8-7319-4F1F-AA1D-801B5F7C1974\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0059BA2-86B2-4DA5-A6C1-7248D07BB37C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C13C7D5-D344-45D2-9FF0-2C3388C94584\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D79DA61-F97C-4DCB-A2B7-FE67C5F10964\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84D6DFA0-53A2-424C-A31C-88FD683E5674\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B441815-DF95-462C-B9F9-43E2F0B04A45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D09E4C0-0C75-4227-87E0-F2A06E240003\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DE4A9E3-5542-4483-9FA3-7F39C644563B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD8A1D30-CB46-4B3D-BED5-1D045F3E1058\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.2.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"977DA99C-54EC-4DEA-AD8B-E71C5F77022F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.2.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8ECDB7F8-F97B-440E-98DB-893C4714D47B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.2.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27611804-AED3-443B-B1AE-25F8337FFA49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.2.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77B9C6C4-A6CE-45D0-BE6C-B29E5C7A45C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.2.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B7726D3-607C-4D34-9FBE-ACBDCB1188E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.2.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFB96C81-69F9-49C4-A2FD-D0220A2AB4E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.2.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73A8F429-4E43-4076-8F87-3BAF72306991\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABB6F1D5-64CC-474D-B123-818080ED7903\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5E0F58D-4CE5-4051-A0F6-9BFA2FC0D2DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CC3D171-73D0-4A14-A2AA-60C9739CD840\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF840746-1797-4ACC-8AFD-8FBD97E9F706\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87AA0CD8-5F45-4F3C-B72E-6D94EA4B2C8B\"}]}]}],\"references\":[{\"url\":\"http://anonsvn.wireshark.org/viewvc?revision=36608&view=revision\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058900.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058983.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/04/18/2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2011/04/18/8\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://secunia.com/advisories/44172\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/44374\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/44822\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/45149\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/48947\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://securitytracker.com/id?1025388\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2011/dsa-2274\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:083\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.osvdb.org/71846\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/1022\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/1106\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.wireshark.org/security/wnpa-sec-2011-05.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.wireshark.org/security/wnpa-sec-2011-06.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5754\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5793\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://hermes.opensuse.org/messages/8701428\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15050\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://anonsvn.wireshark.org/viewvc?revision=36608&view=revision\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058900.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058983.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/04/18/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2011/04/18/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://secunia.com/advisories/44172\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/44374\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/44822\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/45149\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/48947\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1025388\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2011/dsa-2274\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:083\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/71846\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/1022\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/1106\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.wireshark.org/security/wnpa-sec-2011-05.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.wireshark.org/security/wnpa-sec-2011-06.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5754\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5793\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://hermes.opensuse.org/messages/8701428\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15050\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.