CVE-2011-0538
published 2011-02-08CVE-2011-0538: Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which…
PriorityP336medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
7.51%
93.7th percentile
Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | wireshark | < wireshark 1.4.3-3 (bookworm) | wireshark 1.4.3-3 (bookworm) |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | >= 0 < 1.4.3-3 | 1.4.3-3 |
| wireshark | wireshark | >= 0 < 1.4.3-3 | 1.4.3-3 |
| wireshark | wireshark | >= 0 < 1.4.3-3 | 1.4.3-3 |
| wireshark | wireshark | >= 0 < 1.4.3-3 | 1.4.3-3 |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8LOW
vendor_redhat6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
Wireshark: memory corruption when reading a malformed pcap file (upstream bug #5652)
vendor_redhat·2011-02-03·CVSS 6.8
CVE-2011-0538 [MEDIUM] Wireshark: memory corruption when reading a malformed pcap file (upstream bug #5652)
Wireshark: memory corruption when reading a malformed pcap file (upstream bug #5652)
Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file.
Debian
CVE-2011-0538: wireshark - Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitia...
vendor_debian·2011·CVSS 6.8
CVE-2011-0538 [MEDIUM] CVE-2011-0538: wireshark - Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitia...
Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file.
Scope: local
bookworm: resolved (fixed in 1.4.3-3)
bullseye: resolved (fixed in 1.4.3-3)
forky: resolved (fixed in 1.4.3-3)
sid: resolved (fixed in 1.4.3-3)
trixie: resolved (fixed in 1.4.3-3)
GHSA
GHSA-mh8c-wx62-vg9v: Wireshark 1
ghsa_unreviewed·2022-05-17
CVE-2011-0538 [MEDIUM] CWE-119 GHSA-mh8c-wx62-vg9v: Wireshark 1
Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file.
OSV
CVE-2011-0538: Wireshark 1
osv·2011-02-08·CVSS 6.8
CVE-2011-0538 [MEDIUM] CVE-2011-0538: Wireshark 1
Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file.
No detection rules found.
Bugzilla
CVE-2011-0538 CVE-2010-3445 CVE-2011-1143 CVE-2011-1140 CVE-2011-1138 CVE-2011-1139 wireshark various flaws [fedora-all]
bugzilla·2011-02-11·CVSS 5.0
CVE-2011-0538 [MEDIUM] CVE-2011-0538 CVE-2010-3445 CVE-2011-1143 CVE-2011-1140 CVE-2011-1138 CVE-2011-1139 wireshark various flaws [fedora-all]
CVE-2011-0538 CVE-2010-3445 CVE-2011-1143 CVE-2011-1140 CVE-2011-1138 CVE-2011-1139 wireshark various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=67
Bugzilla
CVE-2011-0538 Wireshark: memory corruption when reading a malformed pcap file (upstream bug #5652)
bugzilla·2011-02-09·CVSS 6.8
CVE-2011-0538 [MEDIUM] CVE-2011-0538 Wireshark: memory corruption when reading a malformed pcap file (upstream bug #5652)
CVE-2011-0538 Wireshark: memory corruption when reading a malformed pcap file (upstream bug #5652)
Common Vulnerabilities and Exposures assigned an identifier CVE-2011-0538 to
the following vulnerability:
Name: CVE-2011-0538
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0538
Assigned: 20110120
Reference: MLIST:[oss-security] 20110204 Wireshark: Freeing uninitialized pointer
Reference: URL:http://openwall.com/lists/oss-security/2011/02/04/1
Reference: MISC:https://srcm.symantec.com/EditVulnerabilityFixes.aspx?docId=549474
Reference: CONFIRM:https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5652
Reference: BID:46167
Reference: URL:http://www.securityfocus.com/bid/46167
Wireshark 1.5.0, 1.4.3, and earlier frees an uninitialized pointer
during processing of a .pcap file in t
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.htmlhttp://openwall.com/lists/oss-security/2011/02/04/1http://secunia.com/advisories/43759http://secunia.com/advisories/43795http://secunia.com/advisories/43821http://www.debian.org/security/2011/dsa-2201http://www.kb.cert.org/vuls/id/215900http://www.mandriva.com/security/advisories?name=MDVSA-2011:044http://www.redhat.com/support/errata/RHSA-2011-0369.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0370.htmlhttp://www.securityfocus.com/bid/46167http://www.securitytracker.com/id?1025148http://www.vupen.com/english/advisories/2011/0622http://www.vupen.com/english/advisories/2011/0626http://www.vupen.com/english/advisories/2011/0719http://www.vupen.com/english/advisories/2011/0747http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.htmlhttp://www.wireshark.org/docs/relnotes/wireshark-1.4.4.htmlhttp://www.wireshark.org/security/wnpa-sec-2011-03.htmlhttp://www.wireshark.org/security/wnpa-sec-2011-04.htmlhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5652https://bugzilla.redhat.com/show_bug.cgi?id=676232https://exchange.xforce.ibmcloud.com/vulnerabilities/65182https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14605http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.htmlhttp://openwall.com/lists/oss-security/2011/02/04/1http://secunia.com/advisories/43759http://secunia.com/advisories/43795http://secunia.com/advisories/43821http://www.debian.org/security/2011/dsa-2201http://www.kb.cert.org/vuls/id/215900http://www.mandriva.com/security/advisories?name=MDVSA-2011:044http://www.redhat.com/support/errata/RHSA-2011-0369.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0370.htmlhttp://www.securityfocus.com/bid/46167http://www.securitytracker.com/id?1025148http://www.vupen.com/english/advisories/2011/0622http://www.vupen.com/english/advisories/2011/0626http://www.vupen.com/english/advisories/2011/0719http://www.vupen.com/english/advisories/2011/0747http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.htmlhttp://www.wireshark.org/docs/relnotes/wireshark-1.4.4.htmlhttp://www.wireshark.org/security/wnpa-sec-2011-03.htmlhttp://www.wireshark.org/security/wnpa-sec-2011-04.htmlhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5652https://bugzilla.redhat.com/show_bug.cgi?id=676232https://exchange.xforce.ibmcloud.com/vulnerabilities/65182https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14605
2011-02-08
Published