Summary: | <net-analyzer/wireshark-1.2.5: Multiple vulnerabilities (CVE-2009-{4376,4377,4378}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Peter Volkov (RETIRED) <pva> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.wireshark.org/security/wnpa-sec-2009-09.html | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Peter Volkov (RETIRED)
2009-12-18 06:22:07 UTC
New version is in the tree. Arch teams, please, stabilize. x86 stable amd64 stable Stable for HPPA. I'm not sure on the implications here. The buffer overflow was caused by a non-constrained %s in scanf. Upstream quotes a crash, but as seen with other issues (htmldoc) code execution might be possible. Setting B2? for the time being. ppc64 done alpha/ia64/sparc stable Stable for PPC. CVE confirms code execution. Rating B2, scheduled for a GLSA. CVE-2009-4376 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4376): Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet. CVE-2009-4377 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4377): The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet, as demonstrated by fuzz-2009-12-07-11141.pcap. CVE-2009-4378 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4378): The IPMI dissector in Wireshark 1.2.0 through 1.2.4, when running on Windows, allows remote attackers to cause a denial of service (crash) via a crafted packet, related to "formatting a date/time using strftime." GLSA 201006-05 |