Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 258013
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Peter Volkov <pva@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 258013 depends on: Show dependency tree
Bug 258013 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2009-02-07 12:27 0000 
Just coping description from advisory:

http://www.wireshark.org/security/wnpa-sec-2009-01.html
=============================================================================
Wireshark 1.0.6 fixes the following vulnerabilities:

    * On non-Windows systems, Wireshark could crash if the HOME environment
variable contained sprintf-style string formatting characters. Discovered by
babi. (Bug 3150) Versions affected: 0.99.8 to 1.0.5
    * Wireshark could crash while reading a malformed NetScreen snoop file.
Discovered by babi. (Bug 3151) Versions affected: 0.99.7 to 1.0.5
    * Wireshark could crash while reading a Tektronix K12 text capture file.
(Bug 1937) Versions affected: 0.99.6 to 1.0.5 

Impact

It may be possible to make Wireshark crash by altering the HOME environment
variable or by convincing someone to read a malformed packet trace file. 
=============================================================================

New ebuild is in the tree. arch teams, please, stabilize this package.

------- Comment #1 From Tobias Klausmann 2009-02-07 15:47:40 0000 ------- 
Stable on alpha.

------- Comment #2 From Jeroen Roovers 2009-02-07 18:16:45 0000 ------- 
Stable for HPPA.

------- Comment #3 From Markus Meier 2009-02-08 14:08:45 0000 ------- 
amd64/x86 stable

------- Comment #4 From Raúl Porcel 2009-02-09 19:11:00 0000 ------- 
ia64/sparc stable

------- Comment #5 From Brent Baude 2009-02-10 16:04:03 0000 ------- 
ppc64 done

------- Comment #6 From Tobias Scherbaum 2009-02-11 17:14:29 0000 ------- 
ppc stable

------- Comment #7 From Robert Buchholz 2009-02-12 19:22:43 0000 ------- 
We could easily add these to the existing GLSA requests, but independent of
that I'd say no... however... : YES

------- Comment #8 From Stefan Behte 2009-02-17 20:46:08 0000 ------- 
CVE-2009-0599 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0599):
  Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through
  1.0.5 allows user-assisted remote attackers to cause a denial of
  service (application crash) via a malformed NetScreen snoop file.

CVE-2009-0600 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0600):
  Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers
  to cause a denial of service (application crash) via a crafted
  Tektronix K12 text capture file, as demonstrated by a file with
  exactly one frame.

CVE-2009-0601 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0601):
  Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on
  non-Windows platforms allows local users to cause a denial of service
  (application crash) via format string specifiers in the HOME
  environment variable.

------- Comment #9 From Raphael Marichez 2009-02-22 00:02:24 0000 ------- 
glsa-voting:

same as rbu comment #7. I would have said No (~ client-side dos) but if this
can go with an already existing draft, then Yes.

------- Comment #10 From Pierre-Yves Rofes 2009-04-19 12:50:09 0000 ------- 
this will have a glsa with #242996 and #248925.

------- Comment #11 From Stefan Behte 2009-06-30 18:12:14 0000 ------- 
GLSA 200906-05, thanks everyone
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug