CVE-2011-1140 Wireshark: Multiple stack consumption vulnerabilities caused DoS via crafted SMB or CLDAP packet

Bug #730410 reported by Mahyuddin Susanto
338
This bug affects 1 person
Affects Status Importance Assigned to Milestone
wireshark (Ubuntu)
Fix Released
Medium
Unassigned

Bug Description

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

 affects ubuntu/wireshark
 status inprogress
 assignee udienz
 importance medium
 security yes
 done

Common Vulnerabilities and Exposures assigned an identifier CVE-2011-1140 to
the following vulnerability:

Name: CVE-2011-1140
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1140
Assigned: 20110302
Reference:
CONFIRM:http://anonsvn.wireshark.org/viewvc?view=rev&revision=36029
Reference:
CONFIRM:http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html
Reference:
CONFIRM:http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
Reference: CONFIRM:http://www.wireshark.org/security/wnpa-sec-2011-03.html
Reference: CONFIRM:http://www.wireshark.org/security/wnpa-sec-2011-04.html
Reference: CONFIRM:https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5717

Multiple stack consumption vulnerabilities in the
dissect_ms_compressed_string and dissect_mscldap_string functions in
Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow
remote attackers to cause a denial of service (infinite recursion) via
a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iF4EAREIAAYFAk10VqsACgkQdr7GbwjmqKVkugD/UHFm+ha5tE3AWqDoUJXtuvZ6
pVmPWgF927R6wLkltYgBAL9CAO+ROEh/ETS8oEaq0MXuZP0XTq6wI5LoyJBXSOUc
=h5Yg
-----END PGP SIGNATURE-----

CVE References

visibility: private → public
Revision history for this message
Evan Huus (eapache) wrote :

Both natty and oneiric have versions of wireshark with this vulnerability fixed. Given that this bug has been "In Progress" without any activity for several months, I'm wondering if it's safe to close.

Not an expert on Ubuntu's security practices, so I'll wait for a response first.

Changed in wireshark (Ubuntu):
assignee: Mahyuddin Susanto (udienz) → nobody
status: In Progress → New
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Thanks for taking the time to report this bug and helping to make Ubuntu better. Since the package referred to in this bug is in universe or multiverse, it is community maintained. If you are able, I suggest posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures

Changed in wireshark (Ubuntu):
status: New → Confirmed
Wes (wesinator)
Changed in wireshark (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.