Gentoo Bug 271062 - <net-analyzer/wireshark-1.0.8: PCNFSD DoS (CVE-2009-1829)

First Last Prev Next No search results available Search page Enter new bug

Bug#:	271062
Alias:
Product:
Component:
Status:	RESOLVED
Resolution:	FIXED
Assigned To:	Gentoo Security <security@gentoo.org>

Hardware:
OS:
Version:
Priority:
Severity:

Reporter:	Peter Volkov <pva@gentoo.org>
Add CC:
CC:

URL:
Summary:
Status Whiteboard:
Keywords:

Flags:			Requestee:
	Pending
	Approved
	Assigned_To		()

Filename	Description	Type	Creator	Created	Size	Actions
Create a New Attachment (proposed patch, testcase, etc.)						View All

Bug 271062 depends on:			Show dependency tree
Bug 271062 blocks:			Show dependency tree

Additional Comments: (this is where you put emerge --info)

Add to CC list

Not eligible to see or edit group visibility for this bug.

Leave as RESOLVED FIXED
Reopen bug
Mark bug as VERIFIED
Mark bug as CLOSED

View Bug Activity | Format For Printing | XML | Clone This Bug

Description:

Opened: 2009-05-24 14:16 0000

Just coping wireshark security announcement:

http://www.wireshark.org/security/wnpa-sec-2009-03.htm

PCNFSD vulnerability in Wireshark® versions 0.8.20 to 1.0.7

Docid: wnpa-sec-2009-03
Date: May 21, 2009
Versions affected: 0.8.20 up to and including 1.0.7

Description: Wireshark 1.0.8 fixes the following vulnerability:

    * The PCNFSD dissector could crash. Versions affected: 0.8.20 to 1.0.7

------- Comment #1 From Peter Volkov 2009-05-24 14:21:17 0000 -------

arch teams, please, stabilize wireshark-1.0.8.

------- Comment #2 From Markus Meier 2009-05-24 20:11:14 0000 -------

amd64/x86 stable

------- Comment #3 From Jeroen Roovers 2009-05-24 21:25:17 0000 -------

Stable for HPPA.

------- Comment #4 From Brent Baude 2009-05-25 16:04:46 0000 -------

ppc64 done

------- Comment #5 From Brent Baude 2009-05-25 16:04:53 0000 -------

ppc done

------- Comment #6 From Tiago Cunha 2009-05-26 11:04:09 0000 -------

sparc stable

------- Comment #7 From Raúl Porcel 2009-05-27 15:35:05 0000 -------

alpha/ia64 stable

------- Comment #8 From Stefan Behte 2009-05-27 17:55:42 0000 -------

No voting on this one, there will be a GLSA together with a bunch of other
wireshark stuff.

------- Comment #9 From Robert Buchholz 2009-05-30 12:20:37 0000 -------

CVE-2009-1829 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1829):
  Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20
  through 1.0.7 allows remote attackers to cause a denial of service
  (crash) via crafted PCNFSD packets.

------- Comment #10 From Stefan Behte 2009-06-30 18:12:59 0000 -------

GLSA 200906-05, thanks everyone

First Last Prev Next No search results available Search page Enter new bug

Bugzilla Bug 271062

<net-analyzer/wireshark-1.0.8: PCNFSD DoS (CVE-2009-1829)

Last modified: 2009-06-30 18:12:59 0000