CVE-2011-3266

2011-08-2400:55:00

Debian Security Bug Tracker

security-tracker.debian.org

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

70.8%

JSON

The proto_tree_add_item function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service (infinite loop) via vectors involving a malformed IKE packet and many items in a tree.

OSVersionArchitecturePackageVersionFilename
Debian12allwireshark< 1.6.2-1wireshark_1.6.2-1_all.deb
Debian11allwireshark< 1.6.2-1wireshark_1.6.2-1_all.deb
Debian10allwireshark< 1.6.2-1wireshark_1.6.2-1_all.deb
Debian999allwireshark< 1.6.2-1wireshark_1.6.2-1_all.deb
Debian13allwireshark< 1.6.2-1wireshark_1.6.2-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	wireshark	< 1.6.2-1	wireshark_1.6.2-1_all.deb
Debian	11	all	wireshark	< 1.6.2-1	wireshark_1.6.2-1_all.deb
Debian	10	all	wireshark	< 1.6.2-1	wireshark_1.6.2-1_all.deb
Debian	999	all	wireshark	< 1.6.2-1	wireshark_1.6.2-1_all.deb
Debian	13	all	wireshark	< 1.6.2-1	wireshark_1.6.2-1_all.deb