CVE-2011-1143
published 2011-03-03CVE-2011-1143: epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer…
PriorityP423medium4.3CVSS 2.0
AVNACMAuNCNINAP
EXPLOIT
EPSS
8.59%
94.4th percentile
epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.
Affected
50 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | wireshark | < wireshark 1.4.4-1 (bookworm) | wireshark 1.4.4-1 (bookworm) |
| wireshark | wireshark | <= 1.4.3 | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM
vendor_debian4.3LOW
vendor_redhat4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
Wireshark: Null pointer dereference causing application crash when reading malformed pcap file
vendor_redhat·2011-03-01·CVSS 4.3
CVE-2011-1143 [MEDIUM] CWE-476 Wireshark: Null pointer dereference causing application crash when reading malformed pcap file
Wireshark: Null pointer dereference causing application crash when reading malformed pcap file
epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.
Debian
CVE-2011-1143: wireshark - epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1....
vendor_debian·2011·CVSS 4.3
CVE-2011-1143 [MEDIUM] CVE-2011-1143: wireshark - epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1....
epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.
Scope: local
bookworm: resolved (fixed in 1.4.4-1)
bullseye: resolved (fixed in 1.4.4-1)
forky: resolved (fixed in 1.4.4-1)
sid: resolved (fixed in 1.4.4-1)
trixie: resolved (fixed in 1.4.4-1)
GHSA
GHSA-fqm8-3vrc-483f: epan/dissectors/packet-ntlmssp
ghsa_unreviewed·2022-05-17
CVE-2011-1143 [MEDIUM] GHSA-fqm8-3vrc-483f: epan/dissectors/packet-ntlmssp
epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.
OSV
CVE-2011-1143: epan/dissectors/packet-ntlmssp
osv·2011-03-03·CVSS 4.3
CVE-2011-1143 [MEDIUM] CVE-2011-1143: epan/dissectors/packet-ntlmssp
epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.
No detection rules found.
Bugzilla
CVE-2011-1143 Wireshark: Null pointer dereference causing application crash when reading malformed pcap file
bugzilla·2011-03-03·CVSS 4.3
CVE-2011-1143 [MEDIUM] CVE-2011-1143 Wireshark: Null pointer dereference causing application crash when reading malformed pcap file
CVE-2011-1143 Wireshark: Null pointer dereference causing application crash when reading malformed pcap file
Common Vulnerabilities and Exposures assigned an identifier CVE-2011-1143 to
the following vulnerability:
Name: CVE-2011-1143
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1143
Assigned: 20110302
Reference: CONFIRM:http://anonsvn.wireshark.org/viewvc?view=rev&revision=34018
Reference: CONFIRM:http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
Reference: CONFIRM:https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5157
epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark
before 1.4.4 allows remote attackers to cause a denial of service
(NULL pointer dereference and application crash) via a crafted .pcap
file.
Discussion:
Created wireshark
Bugzilla
CVE-2011-0538 CVE-2010-3445 CVE-2011-1143 CVE-2011-1140 CVE-2011-1138 CVE-2011-1139 wireshark various flaws [fedora-all]
bugzilla·2011-02-11·CVSS 5.0
CVE-2011-0538 [MEDIUM] CVE-2011-0538 CVE-2010-3445 CVE-2011-1143 CVE-2011-1140 CVE-2011-1138 CVE-2011-1139 wireshark various flaws [fedora-all]
CVE-2011-0538 CVE-2010-3445 CVE-2011-1143 CVE-2011-1140 CVE-2011-1138 CVE-2011-1139 wireshark various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=67
http://anonsvn.wireshark.org/viewvc?view=rev&revision=34018http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.htmlhttp://secunia.com/advisories/43759http://secunia.com/advisories/43821http://secunia.com/advisories/44169http://secunia.com/advisories/48947http://www.kb.cert.org/vuls/id/215900http://www.redhat.com/support/errata/RHSA-2011-0370.htmlhttp://www.securityfocus.com/bid/46796http://www.securitytracker.com/id?1025148http://www.vupen.com/english/advisories/2011/0626http://www.vupen.com/english/advisories/2011/0719http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.htmlhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5157https://hermes.opensuse.org/messages/8086844https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16209http://anonsvn.wireshark.org/viewvc?view=rev&revision=34018http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.htmlhttp://secunia.com/advisories/43759http://secunia.com/advisories/43821http://secunia.com/advisories/44169http://secunia.com/advisories/48947http://www.kb.cert.org/vuls/id/215900http://www.redhat.com/support/errata/RHSA-2011-0370.htmlhttp://www.securityfocus.com/bid/46796http://www.securitytracker.com/id?1025148http://www.vupen.com/english/advisories/2011/0626http://www.vupen.com/english/advisories/2011/0719http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.htmlhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5157https://hermes.opensuse.org/messages/8086844https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16209
2011-03-03
Published