Resource management error in Wireshark - CVE-2011-1590

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.

How to mitigate CVE-2011-1590

Sources

• http://anonsvn.wireshark.org/viewvc?revision=36608&view=revision
• http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058900.html
• http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058983.html
• http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html
• http://openwall.com/lists/oss-security/2011/04/18/2
• http://openwall.com/lists/oss-security/2011/04/18/8
• http://secunia.com/advisories/44172
• http://secunia.com/advisories/44374
• http://secunia.com/advisories/44822
• http://secunia.com/advisories/45149
• http://secunia.com/advisories/48947
• http://securitytracker.com/id?1025388
• http://www.debian.org/security/2011/dsa-2274
• http://www.mandriva.com/security/advisories?name=MDVSA-2011:083
• http://www.osvdb.org/71846
• http://www.vupen.com/english/advisories/2011/1022
• http://www.vupen.com/english/advisories/2011/1106
• http://www.wireshark.org/security/wnpa-sec-2011-05.html
• http://www.wireshark.org/security/wnpa-sec-2011-06.html
• https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5754
• https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5793
• https://hermes.opensuse.org/messages/8701428
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15050