Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 339401 (CVE-2010-3445) - <net-analyzer/wireshark-1.2.12: Stack Overflow Vulnerability in BER Dissector (CVE-2010-3445)
Summary: <net-analyzer/wireshark-1.2.12: Stack Overflow Vulnerability in BER Dissector...
Status: RESOLVED FIXED
Alias: CVE-2010-3445
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: Gentoo Security
URL: https://bugs.wireshark.org/bugzilla/s...
Whiteboard: A2 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2010-10-01 23:05 UTC by Tim Sammut (RETIRED)
Modified: 2011-10-09 20:01 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Tim Sammut (RETIRED) gentoo-dev 2010-10-01 23:05:04 UTC
From $URL:

Wireshark 1.4.0, 1.2.x, and 1.0.x are vulnerable to a stack overflow in the BER
dissector as described at http://seclists.org/bugtraq/2010/Sep/87

This has been fixed in r34111; this bug report exists mainly to get the sample
capture that the NCNIPC sent into the fuzz menagerie.
Comment 1 Tim Sammut (RETIRED) gentoo-dev 2010-10-12 02:31:59 UTC
Wireshark 1.2.12 has been released.

http://www.wireshark.org/docs/relnotes/wireshark-1.2.12.html
Comment 2 Peter Volkov (RETIRED) gentoo-dev 2010-10-14 14:47:29 UTC
Thank you Tim! 1.2.12 was just added to the tree. Arch teams, please, stabilize it. Note although upstream bug is still opened release notes mention this vulnerability to be fixed there.
Comment 3 Markos Chandras (RETIRED) gentoo-dev 2010-10-14 16:11:49 UTC
amd64 done
Comment 4 David Abbott (RETIRED) gentoo-dev 2010-10-14 18:20:37 UTC
Tested on x86 all good here.
Comment 5 Brent Baude (RETIRED) gentoo-dev 2010-10-15 12:47:09 UTC
ppc done
Comment 6 Jeroen Roovers (RETIRED) gentoo-dev 2010-10-15 14:57:15 UTC
Stable for HPPA.
Comment 7 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2010-10-15 15:40:41 UTC
x86 stable, thanks David
Comment 8 Tobias Klausmann (RETIRED) gentoo-dev 2010-10-16 17:47:03 UTC
Stable on alpha.
Comment 9 Tobias Klausmann (RETIRED) gentoo-dev 2010-10-16 17:47:10 UTC
Stable on alpha.
Comment 10 Raúl Porcel (RETIRED) gentoo-dev 2010-10-17 11:03:08 UTC
ia64/sparc stable
Comment 11 Mark Loeser (RETIRED) gentoo-dev 2010-10-25 23:03:51 UTC
ppc64 done
Comment 12 Tim Sammut (RETIRED) gentoo-dev 2010-10-26 00:32:52 UTC
Thanks, folks. GLSA together with bug 330479.
Comment 13 GLSAMaker/CVETool Bot gentoo-dev 2011-06-24 00:18:07 UTC
CVE-2010-3445 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3445):
  Stack consumption vulnerability in the dissect_ber_unknown function in
  epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before
  1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of
  service (NULL pointer dereference and crash) via a long string in an unknown
  ASN.1/BER encoded packet, as demonstrated using SNMP.
Comment 14 GLSAMaker/CVETool Bot gentoo-dev 2011-10-09 20:00:44 UTC
This issue was resolved and addressed in
 GLSA 201110-02 at http://security.gentoo.org/glsa/glsa-201110-02.xml
by GLSA coordinator Alex Legler (a3li).
Comment 15 GLSAMaker/CVETool Bot gentoo-dev 2011-10-09 20:01:44 UTC
This issue was resolved and addressed in
 GLSA 201110-02 at http://security.gentoo.org/glsa/glsa-201110-02.xml
by GLSA coordinator Alex Legler (a3li).