CVE-2011-1591

Related Files

Wireshark 1.4.4 Remote Stack Buffer Overflow

Posted Feb 2, 2012

Authored by Paul Makowski, sickness | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in Wireshark versions 1.4.4 and below by sending an malicious packet.

tags | exploit, overflow

advisories | CVE-2011-1591, OSVDB-71848

SHA-256 | 511f64f5e1e6f3db59de9b6a6c43ae3aaf55d251853f709490e4c55d464cb353

Download | Favorite | View

Wireshark 1.4.4 Local Stack Buffer Overflow

Posted Feb 2, 2012

Authored by Paul Makowski, sickness | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in Wireshark versions 1.4.4 and below. When opening a malicious .pcap file in Wireshark, a stack buffer overflow occurs, resulting in arbitrary code execution.

tags | exploit, overflow, arbitrary, code execution

advisories | CVE-2011-1591, OSVDB-71848

SHA-256 | acc61f711bf3fc96f88a363a4b7cccba3e7feabb4a6da3f77f3cf131516df027

Download | Favorite | View

Wireshark 1.4.4 DECT Dissector Buffer Overflow

Posted Nov 23, 2011

Authored by ipv

Wireshark versions 1.4.4 and below DECT dissector remote buffer overflow exploit.

tags | exploit, remote, overflow

advisories | CVE-2011-1591

SHA-256 | 91fcc95ca27f4ef01b2a8297dc35149955807464bfbe20fa97d69586760f6ff2

Download | Favorite | View

Mandriva Linux Security Advisory 2011-083

Posted May 12, 2011

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-083 - This advisory updates wireshark to the latest version (1.2.16), fixing several security issues. The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted.pcap file. Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted.pcap file. The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x before 1.4.5 on Windows uses an incorrect integer data type during decoding of SETCLIENTID calls, which allows remote attackers to cause a denial of service via a crafted.pcap file. The updated packages have been upgraded to the latest 1.2.x version which is not vulnerable to these issues.

tags | advisory, remote, denial of service, overflow, arbitrary

systems | linux, windows, mandriva

advisories | CVE-2011-1590, CVE-2011-1591, CVE-2011-1592

SHA-256 | 538e687f9f31c6f045044b996e6f5ea1ccf12e7f4446439a4c6bf761add69dc4

Download | Favorite | View

Wireshark 1.4.4 packet-dect.c Stack Buffer Overflow

Posted Apr 19, 2011

Authored by corelanc0d3r, sickness | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in Wireshark versions 1.4.4 and below. When opening a malicious .pcap file in Wireshark, a stack buffer overflow occurs, resulting in arbitrary code execution. This exploit bypasses DEP and ASLR and works on XP, Vista & Windows 7.

tags | exploit, overflow, arbitrary, code execution

systems | windows

advisories | CVE-2011-1591, OSVDB-71848

SHA-256 | 8f106e8404d0b3f4126f6f01b343c0f70315188f1d02c21066e67ef03f0f07b9

Download | Favorite | View