CVE-2011-1140

Name of the Vulnerable Software and Affected Versions Wireshark versions 1.0.x, 1.2.0 through 1.2.14, 1.4.0 through 1.4.3

Description The issue allows remote attackers to cause a denial of service via a crafted packet. This can be achieved by exploiting the dissect ms compressed string and dissect mscldap string functions in Wireshark, leading to infinite recursion. The attack can be performed using a specially crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet.

Recommendations For Wireshark versions 1.0.x, consider updating to a version outside of the affected range to resolve the issue. For Wireshark versions 1.2.0 through 1.2.14, consider updating to a version outside of the affected range to resolve the issue. For Wireshark versions 1.4.0 through 1.4.3, consider updating to a version outside of the affected range to resolve the issue. As a temporary workaround, consider restricting the use of the dissect ms compressed string and dissect mscldap string functions until a patch is available.