CVE-2010-4300
published 2010-11-26CVE-2010-4300: Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and…
PriorityP353high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
13.78%
96.0th percentile
Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption.
Affected
20 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | wireshark | < wireshark 1.2.11-4 (bookworm) | wireshark 1.2.11-4 (bookworm) |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | >= 0 < 1.2.11-4 | 1.2.11-4 |
| wireshark | wireshark | >= 0 < 1.2.11-4 | 1.2.11-4 |
| wireshark | wireshark | >= 0 < 1.2.11-4 | 1.2.11-4 |
| wireshark | wireshark | >= 0 < 1.2.11-4 | 1.2.11-4 |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-98x8-hpq6-xj2q: Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss
ghsa_unreviewed·2022-05-17
CVE-2010-4300 [HIGH] CWE-119 GHSA-98x8-hpq6-xj2q: Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss
Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption.
OSV
CVE-2010-4300: Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss
osv·2010-11-26·CVSS 7.5
CVE-2010-4300 [HIGH] CVE-2010-4300: Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss
Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption.
Red Hat
Wireshark: Heap-based buffer overflow in LDSS dissector
vendor_redhat·2010-11-18·CVSS 7.5
CVE-2010-4300 [HIGH] CWE-122 Wireshark: Heap-based buffer overflow in LDSS dissector
Wireshark: Heap-based buffer overflow in LDSS dissector
Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption.
Statement: This issue did not affect the versions of wireshark as shipped with Red Hat Enterprise Linux 4 and 5 as they did not include support for the Local Download Sharing Service (LDSS) protocol.
This issue was addressed in Red Hat Enterprise Linux 6 via
https://rhn.redhat.com/errata/RHSA-2010-0924.html.
Package: wireshark (Red Hat Enterprise Linux 4) - Not affected
Package: wireshar
Debian
CVE-2010-4300: wireshark - Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissector...
vendor_debian·2010·CVSS 7.5
CVE-2010-4300 [HIGH] CVE-2010-4300: wireshark - Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissector...
Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption.
Scope: local
bookworm: resolved (fixed in 1.2.11-4)
bullseye: resolved (fixed in 1.2.11-4)
forky: resolved (fixed in 1.2.11-4)
sid: resolved (fixed in 1.2.11-4)
trixie: resolved (fixed in 1.2.11-4)
No detection rules found.
Bugzilla
CVE-2010-4300 Wireshark: Heap-based buffer overflow in LDSS dissector [fedora-12]
bugzilla·2010-11-23·CVSS 7.5
CVE-2010-4300 [HIGH] CVE-2010-4300 Wireshark: Heap-based buffer overflow in LDSS dissector [fedora-12]
CVE-2010-4300 Wireshark: Heap-based buffer overflow in LDSS dissector [fedora-12]
fedora-12 tracking bug for wireshark: see blocks bug list for full details of the security issue(s).
This bug is never intended to be made public, please put any public notes
in the 'blocks' bugs.
[bug automatically created by: add-tracking-bugs]
Discussion:
wireshark-1.2.13-1.fc12 has been submitted as an update for Fedora 12.
https://admin.fedoraproject.org/updates/wireshark-1.2.13-1.fc12
---
wireshark-1.2.13-1.fc12 has been pushed to the Fedora 12 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
su -c 'yum --enablerepo=updates-testing update wireshark'. You can provide feedback for this update here: htt
Bugzilla
CVE-2010-4300 Wireshark: Heap-based buffer overflow in LDSS dissector
bugzilla·2010-11-23·CVSS 7.5
CVE-2010-4300 [HIGH] CVE-2010-4300 Wireshark: Heap-based buffer overflow in LDSS dissector
CVE-2010-4300 Wireshark: Heap-based buffer overflow in LDSS dissector
A heap-based buffer overflow flaw was found in the way
the Local Download Sharing Service (LDSS) dissector of Wireshark
network traffic analyzer processed certain captures. A remote
attacker could use this flaw to cause a tshark executable
crash or, potentially, arbitrary code execution with the
privileges of the user running tshark, if the local user
opened a specially-crafted captures file.
References:
[1] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5318
[2] http://www.wireshark.org/security/wnpa-sec-2010-14.html
[3] http://www.openwall.com/lists/oss-security/2010/11/22/17
Upstream changeset:
[4] http://anonsvn.wireshark.org/viewvc?view=rev&revision=34581
Public PoC:
[5] https://bugs.wireshark.org/bugzilla/
http://blogs.sun.com/security/entry/buffer_overflow_vulnerability_in_wiresharkhttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlhttp://osvdb.org/69354http://secunia.com/advisories/42290http://secunia.com/advisories/42411http://secunia.com/advisories/42877http://secunia.com/advisories/43068http://www.exploit-db.com/exploits/15676http://www.mandriva.com/security/advisories?name=MDVSA-2010:242http://www.redhat.com/support/errata/RHSA-2010-0924.htmlhttp://www.securityfocus.com/bid/44987http://www.securitytracker.com/id?1024762http://www.vupen.com/english/advisories/2010/3038http://www.vupen.com/english/advisories/2010/3068http://www.vupen.com/english/advisories/2010/3093http://www.vupen.com/english/advisories/2011/0076http://www.vupen.com/english/advisories/2011/0212http://www.vupen.com/english/advisories/2011/0404http://www.wireshark.org/security/wnpa-sec-2010-13.htmlhttp://www.wireshark.org/security/wnpa-sec-2010-14.htmlhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5318https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14287http://blogs.sun.com/security/entry/buffer_overflow_vulnerability_in_wiresharkhttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlhttp://osvdb.org/69354http://secunia.com/advisories/42290http://secunia.com/advisories/42411http://secunia.com/advisories/42877http://secunia.com/advisories/43068http://www.exploit-db.com/exploits/15676http://www.mandriva.com/security/advisories?name=MDVSA-2010:242http://www.redhat.com/support/errata/RHSA-2010-0924.htmlhttp://www.securityfocus.com/bid/44987http://www.securitytracker.com/id?1024762http://www.vupen.com/english/advisories/2010/3038http://www.vupen.com/english/advisories/2010/3068http://www.vupen.com/english/advisories/2010/3093http://www.vupen.com/english/advisories/2011/0076http://www.vupen.com/english/advisories/2011/0212http://www.vupen.com/english/advisories/2011/0404http://www.wireshark.org/security/wnpa-sec-2010-13.htmlhttp://www.wireshark.org/security/wnpa-sec-2010-14.htmlhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5318https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14287
2010-11-26
Published