| Snyk

Threat Intelligence

0.83% (82^nd percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk IDSNYK-DEBIAN9-WIRESHARK-607067
published19 Aug 2020
disclosed26 Nov 2010

Report a new vulnerability Found a mistake?

Introduced: 26 Nov 2010

CVE-2010-4301 (opens in a new tab) CWE-399 (opens in a new tab)

Amendment

The Debian security team deemed this advisory irrelevant for Debian:9.

NVD Description

Note: Versions mentioned in the description apply only to the upstream wireshark package and not the wireshark package as distributed by Debian.

epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet, related to Discover Attributes.

References

https://security-tracker.debian.org/tracker/CVE-2010-4301
http://www.securityfocus.com/bid/44986
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5303
http://www.wireshark.org/security/wnpa-sec-2010-14.html
http://www.exploit-db.com/exploits/15973
https://bugs.wireshark.org/bugzilla/attachment.cgi?id=5315&action=edit
http://osvdb.org/69355
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14713
http://secunia.com/advisories/42290
http://secunia.com/advisories/42877
http://secunia.com/advisories/43068
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://www.vupen.com/english/advisories/2010/3038
http://www.vupen.com/english/advisories/2011/0076
http://www.vupen.com/english/advisories/2011/0212