First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 248425
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Steven Susbauer <stupendoussteve@hotmail.com>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 248425 depends on: Show dependency tree
Bug 248425 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2008-11-23 16:42 0000 
From the advisory:

On Nov 2008, Security Vulnerability Research Team of Bkis (SVRT-Bkis) has
detected a vulnerability underlying WireShark 1.0.4 (lastest version).

The flaw is in the function processing SMTP protocol and enables hacker to
perform a DoS attack by sending a SMTP request with large content to port
25. The application then enter a large loop and cannot do anything else.

We have contacted the vendor of Wireshark. They fixed this vulnerability for
Wireshark 1.0.5 but they haven't released the official version yet. Details
is here : http://wiki.wireshark.org/Development/Roadmap

------- Comment #1 From Peter Volkov 2008-12-11 11:44:27 0000 ------- 
1.0.5 out, but has some build problems, so I'll bump it as soon as I'll manage
to resolve them.

------- Comment #2 From Peter Volkov 2008-12-13 18:55:38 0000 ------- 
New version is in the tree.

------- Comment #3 From Pierre-Yves Rofes 2008-12-13 21:14:37 0000 ------- 
Arches, please test and mark stable net-analyzer/wireshark-1.0.5. Target
keywords: "alpha amd64 hppa ia64 ppc ppc64 sparc x86 ~x86-fbsd"

------- Comment #4 From Friedrich Oslage 2008-12-14 01:29:40 0000 ------- 
sparc stable

------- Comment #5 From Markus Meier 2008-12-14 12:44:58 0000 ------- 
minor doc-issues:
dodoc: READMEbsd does not exist
dodoc: READMElinux does not exist
dodoc: READMEmacos does not exist
dodoc: READMEvmware does not exist
>>> Completed installing wireshark-1.0.5 into /var/tmp/portage/net-analyzer/wireshark-1.0.5/image/

------- Comment #6 From Markus Meier 2008-12-14 12:46:10 0000 ------- 
amd64/x86 stable

------- Comment #7 From Tobias Klausmann 2008-12-14 14:12:23 0000 ------- 
Stable on alpha.

------- Comment #8 From Peter Volkov 2008-12-14 14:49:51 0000 ------- 
(In reply to comment #5)
> dodoc: READMEbsd does not exist

It was fixed in 1.1.x long time ago but seems that I forgot about stable.
Thanks for notice. Fixed in 1.0.5 too.

------- Comment #9 From Jeroen Roovers 2008-12-15 22:24:22 0000 ------- 
Stable for HPPA.

------- Comment #10 From Raúl Porcel 2008-12-16 10:28:13 0000 ------- 
ia64 stable

------- Comment #11 From Brent Baude 2008-12-16 15:55:41 0000 ------- 
ppc64 done

------- Comment #12 From Tobias Scherbaum 2008-12-18 18:20:05 0000 ------- 
ppc stable

------- Comment #13 From Craig (Security Padawan) 2009-01-11 18:52:23 0000 ------- 
GLSA together with #242996.

------- Comment #14 From Robert Buchholz 2009-03-17 11:11:49 0000 ------- 
CVE-2008-6472 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6472):
  The WLCCP dissector in Wireshark 0.99.7 through 1.0.4 allows remote
  attackers to cause a denial of service (infinite loop) via
  unspecified vectors.

------- Comment #15 From Craig (Security Padawan) 2009-06-30 18:11:53 0000 ------- 
GLSA 200906-05, thanks everyone
First Last Prev Next    No search results available      Search page      Enter new bug