Summary: | <net-analyzer/wireshark-1.0.7: Multiple Vulnerabilities (CVE-2009-{1210,1266,1268,1269}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Robert Buchholz (RETIRED) <rbu> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | netmon, pva, wolfgang.ztoeg |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.wireshark.org/docs/relnotes/wireshark-1.0.7.html | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Robert Buchholz (RETIRED)
2009-04-01 23:40:12 UTC
Fix is already available but I think we better wait for official release as this package has a long history of similar issues... http://anonsvn.wireshark.org/viewvc?view=rev&revision=27926 wireshark-1.0.7 which fixes this issue was just added to the tree. Arch teams, please, stabilize. ppc and ppc64 done amd64 stable alpha/ia64/sparc/x86 stable Stable for HPPA. GLSA together with bug #242996, bug #248425 and bug #258013. CVE-2009-1268 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1268): The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet. CVE-2009-1269 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1269): Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. CVE-2009-1266 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1266): Unspecified vulnerability in Wireshark before 1.0.7-0.1-1 has unknown impact and attack vectors. For reducing risk of root exploit the only suid/sgid program should be dumpcap. therefore please remove in ebuild: fowners 0:wireshark /usr/bin/tshark fperms 6550 /usr/bin/tshark (In reply to comment #10) > For reducing risk of root exploit the only suid/sgid program should be dumpcap. > therefore please remove in ebuild: > fowners 0:wireshark /usr/bin/tshark > fperms 6550 /usr/bin/tshark > Please file a new bug for this. GLSA 200906-05, thanks everyone |