CVE-2010-3445
CVE-2010-3445
Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://archives.neohapsis.com/archives/bugtraq/2010-09/0088.htmlhttp://blogs.sun.com/security/entry/resource_management_errors_vulnerability_inhttp://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5230https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3445http://secunia.com/advisories/42392http://secunia.com/advisories/42411http://secunia.com/advisories/42877