** Please note that this issue is confidential and no information should be disclosed until it is made public, see "Whiteboard" for a date ** Gerals Combs informed us about the following issues: * The Paltalk dissector could crash on alignment-sensitive processors. CVE-2009-3549, Wireshark Bug 3689, fixed in r29064 Affected: 1.2.0 to 1.2.2 * The DCERPC/NT dissector could crash. CVE-2009-3550, fixed in r30208 Affected: <=1.0.9, 1.2.0 to 1.2.2 * The SMB dissector could crash. CVE-2009-3551, fixed in r30595 Affected: 1.2.0 to 1.2.2 * The RADIUS dissector could crash. CVE-2009-2560, Wireshark bug 3578, fixed in r28891 Affected: <=1.0.9 (1.2.0 is already obsolete for us) The updated versions are expected today.
This is now public via the following advisories: wnpa-sec-2009-07: Multiple vulnerabilities in Wireshark® version 0.10.10 to 1.2.2 http://www.wireshark.org/security/wnpa-sec-2009-07.html wnpa-sec-2009-08: Multiple vulnerabilities in Wireshark® version 0.10.10 to 1.0.9 http://www.wireshark.org/security/wnpa-sec-2009-08.html Peter/Netmon, please bump.
bumped. Arch teams, please, stabilize wireshark-1.2.3.
x86 stable
+ 29 Oct 2009; <chainsaw@gentoo.org> wireshark-1.2.3.ebuild: + Marked stable on AMD64 as requested by Alex "a3li" Legler in security bug + #290710. Tested capture on a Marvell "sky2" 88E8055 Gig-copper NIC.
Stable for HPPA.
alpha/ia64/sparc stable
ppc64 done
CVE-2009-3549 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3549): packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. CVE-2009-3550 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3550): The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party information. CVE-2009-3551 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3551): Off-by-one error in the dissect_negprot_response function in packet-smb.c in the SMB dissector in Wireshark 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party information.
ppc stable
GLSA together with bug 285280.
GLSA 200911-05