CVE-2011-0445 — Reachable Assertion in Wireshark

CWE-3996 documents5 sources

Severity

5.0MEDIUMNVD

EPSS

0.7%

top 28.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wireshark Debian Wireshark

Timeline

PublishedJan 13

Latest updateMay 17

Description

The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (assertion failure) via crafted packets, as demonstrated by fuzz-2010-12-30-28473.pcap.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶debiandebian/wireshark

▶NVDwireshark/wireshark1.4.0, 1.4.1, 1.4.2+2

🔴Vulnerability Details

GHSA

GHSA-hgjq-pwcf-8rg2: The ASN↗2022-05-17

▶

📋Vendor Advisories

Red Hat

wireshark: DoS via crafted packets to ASN.1 BER dissector (upstream bug #5537)↗2011-01-11

▶

Debian

CVE-2011-0445: wireshark - The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers...↗2011

▶

💬Community

Bugzilla

CVE-2011-0445 wireshark: DoS via crafted packets to ASN.1 BER dissector (upstream bug #5537) [fedora-14]↗2011-01-13

▶

Bugzilla

CVE-2011-0445 wireshark: DoS via crafted packets to ASN.1 BER dissector (upstream bug #5537)↗2011-01-13

▶