CVE-2011-3266

Description

The proto_tree_add_item function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service (infinite loop) via vectors involving a malformed IKE packet and many items in a tree.

How to fix CVE-2011-3266

To remediate CVE-2011-3266, upgrade the affected package to a fixed version below.

• Debian/wireshark—upgrade to 1.6.2-1 or later

Is CVE-2011-3266 being exploited?

Low — EPSS is 0.9%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 1.6.2-1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2011-3266