Main Vulnerability Database SB2012043003

SB2012043003 - Amazon Linux AMI update for wireshark

Published: April 30, 2012 Updated: March 24, 2022

Security Bulletin ID SB2012043003

CSH Severity

Medium

Patch available

YES

Number of vulnerabilities 2

Exploitation vector Remote access

Highest impact Partial DoS

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 2 vulnerabilities.

1) Input validation error (CVE-ID: CVE-2011-1143)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/U:Green

The vulnerability allows remote attackers to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.

2) Resource management error (CVE-ID: CVE-2011-1590)

CWE-ID: CWE-399 - Resource Management Errors

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.

Remediation

Install update from vendor's website.

References

https://alas.aws.amazon.com/ALAS-2012-71.html