CVE-2011-1138 | Vulnerability Database | Aqua Security

Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service (application crash) via a malformed 6LoWPAN IPv6 packet.

Affected Software

Name	Vendor	Start Version	End Version
Wireshark	Wireshark	1.4.0 (including)	1.4.0 (including)
Wireshark	Wireshark	1.4.1 (including)	1.4.1 (including)
Wireshark	Wireshark	1.4.2 (including)	1.4.2 (including)
Wireshark	Wireshark	1.4.3 (including)	1.4.3 (including)
Wireshark	Ubuntu	hardy	*
Wireshark	Ubuntu	karmic	*
Wireshark	Ubuntu	lucid	*
Wireshark	Ubuntu	maverick	*
Wireshark	Ubuntu	upstream	*

References

http://anonsvn.wireshark.org/viewvc?view=rev\u0026revision=36036
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html
http://secunia.com/advisories/43759
http://secunia.com/advisories/44169
http://www.kb.cert.org/vuls/id/215900
http://www.securityfocus.com/bid/46636
http://www.securitytracker.com/id?1025148
http://www.vupen.com/english/advisories/2011/0626
http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
http://www.wireshark.org/security/wnpa-sec-2011-04.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5722
https://exchange.xforce.ibmcloud.com/vulnerabilities/65783
https://hermes.opensuse.org/messages/8086844
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16299

NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-1138
CWE	https://cwe.mitre.org/data/definitions/189.html