CVE-2011-1142

Name of the Vulnerable Software and Affected Versions Wireshark versions 1.2.x through 1.2.15 Wireshark versions 1.4.x through 1.4.4

Description The issue is related to a stack consumption vulnerability in the dissect ber choice function within the BER dissector. This vulnerability might allow remote attackers to cause a denial of service, resulting in an infinite loop. The attack vectors involve self-referential ASN.1 CHOICE values.

Recommendations For Wireshark versions 1.2.x through 1.2.15, update to a version outside of this range to mitigate the risk. For Wireshark versions 1.4.x through 1.4.4, update to a version outside of this range to mitigate the risk. As a temporary workaround, consider restricting the use of the BER dissector until a patch is available.