Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 290710 (CVE-2009-2560) - <net-analyzer/wireshark-{1.0.10, 1.2.3}: DoS (CVE-2009-{2560,3549,3550,3551})
Summary: <net-analyzer/wireshark-{1.0.10, 1.2.3}: DoS (CVE-2009-{2560,3549,3550,3551})
Status: RESOLVED FIXED
Alias: CVE-2009-2560
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL: http://www.wireshark.org/news/2009102...
Whiteboard: B3 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2009-10-27 10:10 UTC by Alex Legler (RETIRED)
Modified: 2009-11-25 16:29 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alex Legler (RETIRED) archtester gentoo-dev Security 2009-10-27 10:10:21 UTC
** Please note that this issue is confidential and no information should be
disclosed until it is made public, see "Whiteboard" for a date **

Gerals Combs informed us about the following issues:

* The Paltalk dissector could crash on alignment-sensitive processors.
  CVE-2009-3549, Wireshark Bug 3689, fixed in r29064
  Affected: 1.2.0 to 1.2.2

* The DCERPC/NT dissector could crash.
  CVE-2009-3550, fixed in r30208
  Affected: <=1.0.9, 1.2.0 to 1.2.2

* The SMB dissector could crash.
  CVE-2009-3551, fixed in r30595
  Affected: 1.2.0 to 1.2.2

* The RADIUS dissector could crash.
  CVE-2009-2560, Wireshark bug 3578, fixed in r28891
  Affected: <=1.0.9 (1.2.0 is already obsolete for us)

The updated versions are expected today.
Comment 1 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-10-27 19:37:34 UTC
This is now public via the following advisories:

wnpa-sec-2009-07:
Multiple vulnerabilities in Wireshark® version 0.10.10 to 1.2.2
http://www.wireshark.org/security/wnpa-sec-2009-07.html

wnpa-sec-2009-08:
Multiple vulnerabilities in Wireshark® version 0.10.10 to 1.0.9
http://www.wireshark.org/security/wnpa-sec-2009-08.html

Peter/Netmon, please bump.
Comment 2 Peter Volkov (RETIRED) gentoo-dev 2009-10-28 09:22:07 UTC
bumped. Arch teams, please, stabilize wireshark-1.2.3.
Comment 3 Christian Faulhammer (RETIRED) gentoo-dev 2009-10-28 23:20:19 UTC
x86 stable
Comment 4 Tony Vroon (RETIRED) gentoo-dev 2009-10-29 13:53:06 UTC
+  29 Oct 2009; <chainsaw@gentoo.org> wireshark-1.2.3.ebuild:
+  Marked stable on AMD64 as requested by Alex "a3li" Legler in security bug
+  #290710. Tested capture on a Marvell "sky2" 88E8055 Gig-copper NIC.
Comment 5 Jeroen Roovers (RETIRED) gentoo-dev 2009-10-29 14:52:25 UTC
Stable for HPPA.
Comment 6 Raúl Porcel (RETIRED) gentoo-dev 2009-10-30 17:11:26 UTC
alpha/ia64/sparc stable
Comment 7 Brent Baude (RETIRED) gentoo-dev 2009-10-31 13:45:01 UTC
ppc64 done
Comment 8 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-10-31 19:30:56 UTC
CVE-2009-3549 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3549):
  packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through
  1.2.2, on SPARC and certain other platforms, allows remote attackers
  to cause a denial of service (application crash) via a file that
  records a malformed packet trace.

CVE-2009-3550 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3550):
  The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0
  through 1.2.2 allows remote attackers to cause a denial of service
  (NULL pointer dereference and application crash) via a file that
  records a malformed packet trace.  NOTE: some of these details are
  obtained from third party information.

CVE-2009-3551 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3551):
  Off-by-one error in the dissect_negprot_response function in
  packet-smb.c in the SMB dissector in Wireshark 1.2.0 through 1.2.2
  allows remote attackers to cause a denial of service (application
  crash) via a file that records a malformed packet trace.  NOTE: some
  of these details are obtained from third party information.

Comment 9 nixnut (RETIRED) gentoo-dev 2009-11-01 16:02:12 UTC
ppc stable
Comment 10 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-11-04 23:06:38 UTC
GLSA together with bug 285280.
Comment 11 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-11-25 16:29:19 UTC
GLSA 200911-05