Lucene search

K

PRIOn knowledge basePRION:CVE-2010-3445

HistoryNov 26, 2010 - 7:00 p.m.

Null pointer dereference

2010-11-2619:00:00

PRIOn knowledge base

www.prio-n.com

7

6.8 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.006 Low

EPSS

Percentile

78.4%

Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP.

CPENameOperatorVersion
wiresharkeq1.2.7
wiresharkeq1.4.0
wiresharkeq1.2.11
wiresharkeq1.2.10
wiresharkeq1.2.6
wiresharkeq1.2.8
wiresharkeq1.2.0
wiresharkeq1.2.3
wiresharkeq1.2.5
wiresharkeq1.2.1

Rows per page:

1-10 of 131

References

archives.neohapsis.com/archives/bugtraq/2010-09/0088.html

blogs.sun.com/security/entry/resource_management_errors_vulnerability_in

lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html

lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

secunia.com/advisories/42392

secunia.com/advisories/42411

secunia.com/advisories/42877

secunia.com/advisories/43068

secunia.com/advisories/43759

secunia.com/advisories/43821

www.debian.org/security/2010/dsa-2127

www.kb.cert.org/vuls/id/215900

www.mandriva.com/security/advisories?name=MDVSA-2010:200

www.openwall.com/lists/oss-security/2010/10/01/10

www.openwall.com/lists/oss-security/2010/10/12/1

www.redhat.com/support/errata/RHSA-2010-0924.html

www.redhat.com/support/errata/RHSA-2011-0370.html

www.securityfocus.com/bid/43197

www.vupen.com/english/advisories/2010/3067

www.vupen.com/english/advisories/2010/3093

www.vupen.com/english/advisories/2011/0076

www.vupen.com/english/advisories/2011/0212

www.vupen.com/english/advisories/2011/0404

www.vupen.com/english/advisories/2011/0626

www.vupen.com/english/advisories/2011/0719

xorl.wordpress.com/2010/10/15/cve-2010-3445-wireshark-asn-1-ber-stack-overflow/

bugs.wireshark.org/bugzilla/show_bug.cgi?id=5230

bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3445

lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html

lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html

lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14607

www.wireshark.org/security/wnpa-sec-2010-12.html

6.8 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.006 Low

EPSS

Percentile

78.4%

Related for PRION:CVE-2010-3445

altlinux1 openvas25 debian2 nessus20 ubuntucve1 debiancve1 veracode1 securityvulns2 freebsd1 osv1 cve1 redhat2 oraclelinux2 centos1 fedora3 gentoo1