683335 – (CVE-2011-0024) VUL-0: wireshark pcap buffer overflow

Bug 683335 (CVE-2011-0024) - VUL-0: wireshark pcap buffer overflow

Summary: VUL-0: wireshark pcap buffer overflow

Status:	RESOLVED FIXED

Alias:	CVE-2011-0024

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	General (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P5 - None Severity: Normal
Target Milestone:	---
Assignee:	Chunyan Liu
QA Contact:	Security Team bot

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2011-03-29 08:36 UTC by Ludwig Nussel
Modified:	2019-05-02 10:06 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	Other
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ludwig Nussel 2011-03-29 08:36:47 UTC

Your friendly security team received the following report via mitre.
Please respond ASAP.
The issue is public.

-------8<-------
======================================================
Name: CVE-2011-0024
Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted capture file.

Reference: CONFIRM: https://bugzilla.redhat.com/show_bug.cgi?id=671331
Reference: VUPEN: http://www.vupen.com/english/advisories/2011/0719
Reference: REDHAT: http://www.redhat.com/support/errata/RHSA-2011-0370.html
Reference: SECUNIA: http://secunia.com/advisories/43821

Comment 1 Bernhard Wiedemann 2011-04-11 14:56:37 UTC

This bug (683335) was mentioned in
https://build.opensuse.org/request/show/66852

Comment 2 Sebastian Krahmer 2011-04-13 09:32:13 UTC

Box received updates too. Closing.