Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 278564 - <net-analyzer/wireshark-1.2.1: Multiple DoS vulnerabilities (CVE-2009-{2559,2560,2561,2562,2563})
Summary: <net-analyzer/wireshark-1.2.1: Multiple DoS vulnerabilities (CVE-2009-{2559,2...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL: http://www.wireshark.org/security/wnp...
Whiteboard: B3 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2009-07-21 10:49 UTC by Alex Legler (RETIRED)
Modified: 2009-09-17 08:56 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alex Legler (RETIRED) archtester gentoo-dev Security 2009-07-21 10:49:56 UTC 
From the upstream advisory ($URL):
Wireshark 1.2.1 fixes the following vulnerabilities:

* The IPMI dissector could overrun a buffer. (Bug 3559) Affected: 1.2.0
* The AFS dissector could crash. (Bug 3564) Affected: 0.9.2 to 1.2.0
* The Infiniband dissector could crash on some platforms. Affected: 1.0.6 to 1.2.0
* The Bluetooth L2CAP dissector could crash. (Bug 3572) Affected: 1.2.0
* The RADIUS dissector could crash. (Bug 3578) Affected: 1.2.0
* The MIOP dissector could crash. (Bug 3652) Affected: 1.2.0
* The sFlow dissector could use excessive CPU and memory. (Bug 3570) Affected: 1.2.0
Comment 1 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-07-21 10:51:24 UTC 
Our latest stable seems to be at least vulnerable to issue 2 and maybe 3.
Comment 2 Peter Volkov (RETIRED) gentoo-dev 2009-07-21 13:57:36 UTC 
Bumped. Arch teams, please, stabilize wireshark-1.2.1.
Comment 3 Tony Vroon (RETIRED) gentoo-dev 2009-07-21 14:10:01 UTC 
+  21 Jul 2009; <chainsaw@gentoo.org> wireshark-1.2.1.ebuild:
+  Marked stable on AMD64 for security bug #278564. Tested on a Core2 Duo
+  with a Marvell "Sky2" 88E8055 NIC.
Comment 4 Tobias Klausmann (RETIRED) gentoo-dev 2009-07-21 18:39:32 UTC 
Stable on alpha
Comment 5 Christian Faulhammer (RETIRED) gentoo-dev 2009-07-21 19:21:04 UTC 
x86 stable
Comment 6 Jeroen Roovers (RETIRED) gentoo-dev 2009-07-21 20:19:11 UTC 
Stable for HPPA.
Comment 7 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-07-23 19:32:34 UTC 
CVE-2009-2559 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2559):
  Buffer overflow in the IPMI dissector in Wireshark 1.2.0 allows
  remote attackers to cause a denial of service (crash) via unspecified
  vectors related to an array index error.  NOTE: some of these details
  are obtained from third party information.

CVE-2009-2560 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2560):
  Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote
  attackers to cause a denial of service (crash) via unspecified
  vectors in the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP
  dissectors.

CVE-2009-2561 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2561):
  Unspecified vulnerability in the sFlow dissector in Wireshark 1.2.0
  allows remote attackers to cause a denial of service (CPU and memory
  consumption) via unspecified vectors.

CVE-2009-2562 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2562):
  Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2
  through 1.2.0 allows remote attackers to cause a denial of service
  (crash) via unknown vectors.

CVE-2009-2563 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2563):
  Unspecified vulnerability in the Infiniband dissector in Wireshark
  1.0.6 through 1.2.0, when running on unspecified platforms, allows
  remote attackers to cause a denial of service (crash) via unknown
  vectors.
Comment 8 Brent Baude (RETIRED) gentoo-dev 2009-07-26 13:48:02 UTC 
ppc64 done
Comment 9 Tiago Cunha (RETIRED) gentoo-dev 2009-07-31 18:27:37 UTC 
sparc stable
Comment 10 Raúl Porcel (RETIRED) gentoo-dev 2009-08-02 10:40:08 UTC 
ia64 stable
Comment 11 nixnut (RETIRED) gentoo-dev 2009-08-09 13:40:14 UTC 
ppc stable
Comment 12 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-09-17 08:56:57 UTC 
GLSA 200909-16