<net-analyzer/wireshark-1.6.14: CVE-2012-6054, CVE-2012-6056, CVE-2013-2478, CVE-2013-2480, CVE-2013-2481, CVE-2013-2482, CVE-2013-2483, CVE-2013-2484, CVE-2013-2485, CVE-2013-2488 <net-analyzer/wireshark-1.8.6: CVE-2013-2475, CVE-2013-2476, CVE-2013-2477, CVE-2013-2478, CVE-2013-2479, CVE-2013-2480, CVE-2013-2481, CVE-2013-2482, CVE-2013-2483, CVE-2013-2484, CVE-2013-2485, CVE-2013-2486, CVE-2013-2487, CVE-2013-2488
Arch teams, please test and mark stable: =net-analyzer/wireshark-1.6.14 =net-analyzer/wireshark-1.8.6 Stable KEYWORDS : alpha amd64 hppa ia64 ppc ppc64 sparc x86
amd64 stable
x86 stable
ppc stable
ppc64 stable
alpha stable
sparc stable
ia64 stable
Stable for HPPA.
CVE-2013-2488 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2488): The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers write access to an invalid memory location. CVE-2013-2487 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2487): epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet, related to the (1) dissect_icecandidates, (2) dissect_kinddata, (3) dissect_nodeid_list, (4) dissect_storeans, (5) dissect_storereq, (6) dissect_storeddataspecifier, (7) dissect_fetchreq, (8) dissect_findans, (9) dissect_diagnosticinfo, (10) dissect_diagnosticresponse, (11) dissect_reload_messagecontents, and (12) dissect_reload_message functions, a different vulnerability than CVE-2013-2486. CVE-2013-2486 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2486): The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet. CVE-2013-2485 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2485): The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. CVE-2013-2484 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2484): The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet. CVE-2013-2483 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2483): The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via an invalid count value in ACN_DMP_ADT_D_RE DMP data. CVE-2013-2482 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2482): The AMPQ dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. CVE-2013-2481 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2481): Integer signedness error in the dissect_mount_dirpath_call function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfs_file_name_snooping is enabled, allows remote attackers to cause a denial of service (application crash) via a negative length value. CVE-2013-2480 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2480): The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allow remote attackers to cause a denial of service (application crash) via a malformed packet. CVE-2013-2479 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2479): The dissect_mpls_echo_tlv_dd_map function in epan/dissectors/packet-mpls-echo.c in the MPLS Echo dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via invalid Sub-tlv data. CVE-2013-2478 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2478): The dissect_server_info function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which allows remote attackers to cause a denial of service (application crash) via a malformed packet that (1) triggers an integer overflow or (2) has embedded '\0' characters in a string. CVE-2013-2477 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2477): The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. CVE-2013-2476 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2476): The dissect_hartip function in epan/dissectors/packet-hartip.c in the HART/IP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a packet with a header that is too short. CVE-2013-2475 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2475): The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet. CVE-2012-6056 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6056): Integer overflow in the dissect_sack_chunk function in epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted Duplicate TSN count. CVE-2012-6054 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6054): The dissect_sflow_245_address_type function in epan/dissectors/packet-sflow.c in the sFlow dissector in Wireshark 1.8.x before 1.8.4 does not properly handle length calculations for an invalid IP address type, which allows remote attackers to cause a denial of service (infinite loop) via a packet that is neither IPv4 nor IPv6.
GLSA vote: no
NO too, closing.
