CVE-2011-0713: Buffer Overflow
First published: Thu Feb 17 2011(Updated: )
A heap-based buffer overflow was found in the way Wireshark processes signalling traces generated by Gammu (www.gammu.org) from Nokia DCT3 phones in Netmonitor mode. An attacker could use this flaw to cause wireshark executable to crash or, potentially, execute arbitrary code with the privileges of the user running wireshark, if the local user opened a specially-crafted capture file. The following upstream commit fixes this issue: <a href="http://anonsvn.wireshark.org/viewvc?view=rev&revision=35953">http://anonsvn.wireshark.org/viewvc?view=rev&revision=35953</a>
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Wireshark | =1.2.0 | |
| Wireshark | =1.2.1 | |
| Wireshark | =1.2.2 | |
| Wireshark | =1.2.3 | |
| Wireshark | =1.2.4 | |
| Wireshark | =1.2.5 | |
| Wireshark | =1.2.6 | |
| Wireshark | =1.2.7 | |
| Wireshark | =1.2.8 | |
| Wireshark | =1.2.9 | |
| Wireshark | =1.2.10 | |
| Wireshark | =1.2.11 | |
| Wireshark | =1.2.12 | |
| Wireshark | =1.2.13 | |
| Wireshark | =1.2.14 | |
| Wireshark | =1.4.0 | |
| Wireshark | =1.4.1 | |
| Wireshark | =1.4.2 | |
| Wireshark | =1.4.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.wireshark.org/security/wnpa-sec-2011-04.html
- http://anonsvn.wireshark.org/viewvc?view=rev&revision=35953
- http://www.securityfocus.com/bid/46416
- http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html
- https://bugzilla.redhat.com/show_bug.cgi?id=678198
- http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
- http://www.wireshark.org/security/wnpa-sec-2011-03.html
- http://openwall.com/lists/oss-security/2011/02/16/13
- http://www.vupen.com/english/advisories/2011/0719
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:044
- http://www.vupen.com/english/advisories/2011/0622
- http://www.vupen.com/english/advisories/2011/0747
- http://www.redhat.com/support/errata/RHSA-2011-0369.html
- http://www.securitytracker.com/id?1025148
- http://secunia.com/advisories/43795
- http://www.debian.org/security/2011/dsa-2201
- http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html
- http://www.vupen.com/english/advisories/2011/0626
- http://secunia.com/advisories/43759
- http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html
- http://www.kb.cert.org/vuls/id/215900
- http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65780
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65460
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14766
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=676781
- https://rhn.redhat.com/errata/RHSA-2011-0369.html
Frequently Asked Questions
What is the severity of CVE-2011-0713?
CVE-2011-0713 has a high severity rating due to the potential for code execution and system crashes.
How do I fix CVE-2011-0713?
To fix CVE-2011-0713, upgrade Wireshark to a version that is not affected, such as 1.4.3 or later.
What versions of Wireshark are affected by CVE-2011-0713?
Affected versions include Wireshark 1.4.0, 1.4.1, 1.4.2, and multiple 1.2.x versions up to 1.2.14.
Can CVE-2011-0713 be exploited remotely?
Yes, CVE-2011-0713 can potentially be exploited remotely by an attacker sending crafted signals processed by Wireshark.
What are the potential consequences of CVE-2011-0713?
Exploitation of CVE-2011-0713 could lead to crashes or arbitrary code execution with the privileges of the user running Wireshark.
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/weakness
- agent/references
- agent/last-modified-date
- agent/remedy
- agent/description
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2011-0713
- agent/trending
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/wireshark
- canonical/wireshark
- version/wireshark/1.2.0
- version/wireshark/1.2.1
- version/wireshark/1.2.2
- version/wireshark/1.2.3
- version/wireshark/1.2.4
- version/wireshark/1.2.5
- version/wireshark/1.2.6
- version/wireshark/1.2.7
- version/wireshark/1.2.8
- version/wireshark/1.2.9
- version/wireshark/1.2.10
- version/wireshark/1.2.11
- version/wireshark/1.2.12
- version/wireshark/1.2.13
- version/wireshark/1.2.14
- version/wireshark/1.4.0
- version/wireshark/1.4.1
- version/wireshark/1.4.2
- version/wireshark/1.4.3