Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 285280 - <net-analyzer/wireshark-{1.0.9, 1.2.2}: Multiple DoS vulnerabilities (CVE-2009-{3241,3242,3243,3829})
Summary: <net-analyzer/wireshark-{1.0.9, 1.2.2}: Multiple DoS vulnerabilities (CVE-200...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://secunia.com/advisories/36754/
Whiteboard: B2 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2009-09-17 09:13 UTC by Alex Legler (RETIRED)
Modified: 2009-11-25 16:29 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alex Legler (RETIRED) archtester gentoo-dev Security 2009-09-17 09:13:41 UTC
Wireshark 1.0.9 fixes the following vulnerabilities:
  (http://www.wireshark.org/security/wnpa-sec-2009-05.html)

* The AFS dissector could crash.
* The Infiniband dissector could crash on some platforms. (c.f. bug 278564)
# The OpcUa dissector could use excessive CPU and memory.

Wireshark 1.2.2 fixes the following vulnerabilities:
  (http://www.wireshark.org/security/wnpa-sec-2009-06.html)

* The GSM A RR dissector could crash.
* The OpcUa dissector could use excessive CPU and memory.
* The TLS dissector could crash on some platforms. (Bug report states "Windows XP", not sure if this affects us)
Comment 1 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-09-18 14:28:49 UTC
CVE-2009-3241 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3241):
  Unspecified vulnerability in the OpcUa (OPC UA) dissector in
  Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote
  attackers to cause a denial of service (memory and CPU consumption)
  via malformed OPCUA Service CallRequest packets.

CVE-2009-3242 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3242):
  Unspecified vulnerability in packet.c in the GSM A RR dissector in
  Wireshark 1.2.0 and 1.2.1 allows remote attackers to cause a denial
  of service (application crash) via unknown vectors related to "an
  uninitialized dissector handle," which triggers an assertion failure.

CVE-2009-3243 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3243):
  Unspecified vulnerability in the TLS dissector in Wireshark 1.2.0 and
  1.2.1, when running on Windows, allows remote attackers to cause a
  denial of service (application crash) via unknown vectors related to
  TLS 1.2 conversations.

Comment 2 tman 2009-10-08 13:54:15 UTC
ats time to bum the new version in portage
Comment 3 tman 2009-10-08 13:54:47 UTC
it's time to bump the new version in portage
Comment 4 Peter Volkov (RETIRED) gentoo-dev 2009-10-08 18:28:59 UTC
1.0.8 dropped from the tree. 1.2.2 bumped.
Arch teams, please, stabilize wireshark-1.2.2.
Comment 5 Richard Freeman gentoo-dev 2009-10-09 02:11:33 UTC
amd64 stable
Comment 6 Markus Meier gentoo-dev 2009-10-09 19:21:00 UTC
x86 stable
Comment 7 Tobias Klausmann (RETIRED) gentoo-dev 2009-10-11 15:03:26 UTC
Stable on alpha.
Comment 8 Jeroen Roovers (RETIRED) gentoo-dev 2009-10-11 23:44:01 UTC
Stable for HPPA.
Comment 9 Raúl Porcel (RETIRED) gentoo-dev 2009-10-12 16:47:34 UTC
ia64/sparc stable
Comment 10 Brent Baude (RETIRED) gentoo-dev 2009-10-18 14:25:14 UTC
ppc64 done
Comment 11 Mounir Lamouri (volkmar) (RETIRED) gentoo-dev 2009-10-26 09:59:20 UTC
ppc stable
Bug ready to be fixed by security team.
Comment 12 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-10-31 19:30:34 UTC
CVE-2009-3829 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3829):
  Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows
  remote attackers to execute arbitrary code or cause a denial of
  service (application crash) via a crafted erf file, related to an
  "unsigned integer wrap vulnerability."

Comment 13 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-11-04 23:06:25 UTC
Rerating, GLSA request filed.
Comment 14 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-11-25 16:29:15 UTC
GLSA 200911-05