236515 CVE-2008-3146 2008-09-02 22:33 0000 net-analyzer/wireshark <1.0.3 NCP dissector DoS (CVE-2008-{3146,3932,3933,3934})) 2008-09-25 21:18:41 0000 1 1 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED http://www.wireshark.org/security/wnpa-sec-2008-05.html B3 [glsa] P2 normal --- 1 rbu@gentoo.org security@gentoo.org 7v5w7go9ub0o@gmail.com netmon@gentoo.org rbu@gentoo.org 2008-09-02 22:33:12 0000 CVE-2008-3146 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3146): Unspecified vulnerability in Wireshark and Ethereal on SUSE Linux allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. rbu@gentoo.org 2008-09-02 22:34:15 0000 I inquired upstream on a release date. rbu@gentoo.org 2008-09-03 08:33:53 0000 replied: "It should be out in the next couple of days." rbu@gentoo.org 2008-09-04 23:11:23 0000 It's out. To quote: Wireshark 1.0.3 fixes the following vulnerabilities: * The NCP dissector was susceptible to a number of problems, including buffer overflows and an infinite loop. (Bug 2675) Versions affected: 0.9.7 to 1.0.2 * Wireshark could crash while uncompressing zlib-compressed packet data. (Bug 2649) Versions affected: 0.10.14 to 1.0.2 * Wireshark could crash while reading a Tektronix .rf5 file. Versions affected: 0.99.6 to 1.0.2 carlo@gentoo.org 2008-09-07 15:07:04 0000 *** Bug 236978 has been marked as a duplicate of this bug. *** pva@gentoo.org 2008-09-10 06:04:58 0000 wireshark-1.0.3 was added to the tree. Arch teams, please, stabilize. jer@gentoo.org 2008-09-10 08:03:51 0000 Stable for HPPA. armin76@gentoo.org 2008-09-10 10:54:25 0000 alpha/ia64/sparc/x86 stable ranger@gentoo.org 2008-09-10 13:19:03 0000 ppc and ppc64 stable tester@gentoo.org 2008-09-10 14:15:33 0000 amd64 done.. all arches done... your turn to glsa (or not) rbu@gentoo.org 2008-09-12 14:07:36 0000 CVE-2008-3932 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3932): Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop. CVE-2008-3933 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3933): Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function. CVE-2008-3934 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3934): Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. py@gentoo.org 2008-09-18 21:56:28 0000 We already sent GLSA for this kind of stuff so... voting yes. keytoaster@gentoo.org 2008-09-22 12:39:18 0000 YES too, request filed. py@gentoo.org 2008-09-25 21:18:41 0000 GLSA 200809-17