CVE-2011-1141

epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 84%
VendorProductVersion
wiresharkwireshark
1.0
wiresharkwireshark
1.0.0
wiresharkwireshark
1.0.1
wiresharkwireshark
1.0.2
wiresharkwireshark
1.0.3
wiresharkwireshark
1.0.4
wiresharkwireshark
1.0.5
wiresharkwireshark
1.0.6
wiresharkwireshark
1.0.7
wiresharkwireshark
1.0.8
wiresharkwireshark
1.0.9
wiresharkwireshark
1.0.10
wiresharkwireshark
1.0.11
wiresharkwireshark
1.0.12
wiresharkwireshark
1.0.13
wiresharkwireshark
1.0.14
wiresharkwireshark
1.0.15
wiresharkwireshark
1.0.16
wiresharkwireshark
1.2.0
wiresharkwireshark
1.2.1
wiresharkwireshark
1.2.2
wiresharkwireshark
1.2.3
wiresharkwireshark
1.2.4
wiresharkwireshark
1.2.5
wiresharkwireshark
1.2.6
wiresharkwireshark
1.2.7
wiresharkwireshark
1.2.8
wiresharkwireshark
1.2.9
wiresharkwireshark
1.2.10
wiresharkwireshark
1.2.11
wiresharkwireshark
1.2.12
wiresharkwireshark
1.2.13
wiresharkwireshark
1.2.14
wiresharkwireshark
1.4.0
wiresharkwireshark
1.4.1
wiresharkwireshark
1.4.2
wiresharkwireshark
1.4.3
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
wireshark
bullseye
3.4.10-0+deb11u1
fixed
bullseye (security)
3.4.16-0+deb11u1
fixed
bookworm
4.0.11-1~deb12u1
fixed
bookworm (security)
4.0.11-1~deb12u1
fixed
trixie
4.4.0-1
fixed
sid
4.4.1-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
wireshark
saucy
not-affected
raring
not-affected
quantal
not-affected
precise
not-affected
oneiric
not-affected
natty
not-affected
maverick
Fixed 1.2.11-6+squeeze1build0.10.10.1
released
lucid
ignored
karmic
ignored
hardy
ignored
dapper
dne
Common Weakness Enumeration
References
http://anonsvn.wireshark.org/viewvc?view=rev&revision=36101
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html
http://secunia.com/advisories/43759
http://secunia.com/advisories/43795
http://secunia.com/advisories/43821
http://www.debian.org/security/2011/dsa-2201
http://www.kb.cert.org/vuls/id/215900
http://www.mandriva.com/security/advisories?name=MDVSA-2011:044
http://www.redhat.com/support/errata/RHSA-2011-0369.html
http://www.redhat.com/support/errata/RHSA-2011-0370.html
http://www.securitytracker.com/id?1025148
http://www.vupen.com/english/advisories/2011/0622
http://www.vupen.com/english/advisories/2011/0719
http://www.vupen.com/english/advisories/2011/0747
http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html
http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
http://www.wireshark.org/security/wnpa-sec-2011-03.html
http://www.wireshark.org/security/wnpa-sec-2011-04.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5732
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14974
http://anonsvn.wireshark.org/viewvc?view=rev&revision=36101
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html
http://secunia.com/advisories/43759
http://secunia.com/advisories/43795
http://secunia.com/advisories/43821
http://www.debian.org/security/2011/dsa-2201
http://www.kb.cert.org/vuls/id/215900
http://www.mandriva.com/security/advisories?name=MDVSA-2011:044
http://www.redhat.com/support/errata/RHSA-2011-0369.html
http://www.redhat.com/support/errata/RHSA-2011-0370.html
http://www.securitytracker.com/id?1025148
http://www.vupen.com/english/advisories/2011/0622
http://www.vupen.com/english/advisories/2011/0719
http://www.vupen.com/english/advisories/2011/0747
http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html
http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
http://www.wireshark.org/security/wnpa-sec-2011-03.html
http://www.wireshark.org/security/wnpa-sec-2011-04.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5732
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14974