Summary: | <net-analyzer/wireshark-1.2.10: Multiple vulnerabilities (CVE-2010-{2284,2285,2286,2287,2992,2993,2994,2995,3133},CVE-2011-0024) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Peter Volkov (RETIRED) <pva> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | netmon |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.wireshark.org/security/wnpa-sec-2010-08.html | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Peter Volkov (RETIRED)
![]() Arch teams, please, stabilize wireshark-1.2.10. All good x86. x86 stable, thanks David amd64 done alpha/ia64/sparc stable Stable for PPC. Stable for HPPA. CVE-2010-2284 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2284): Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. CVE-2010-2285 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2285): The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. CVE-2010-2286 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2286): The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. CVE-2010-2287 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2287): Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. ppc64 done Looks like four more CVEs could be included in any GLSA that should come from this bug. http://www.wireshark.org/security/wnpa-sec-2010-08.html CVE-2010-2992 packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark 1.2.2 through 1.2.9 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger a NULL pointer dereference. CVE-2010-2993 The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. CVE-2010-2994 Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression. CVE-2010-2995 The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer overflow, different vulnerabilities than CVE-2010-2287. CVE-2010-3133 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3133): Untrusted search path vulnerability in Wireshark 1.2.10 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as a file that automatically launches Wireshark. GLSA request filed. CVE-2011-0024 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0024): Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted capture file. This issue was resolved and addressed in GLSA 201110-02 at http://security.gentoo.org/glsa/glsa-201110-02.xml by GLSA coordinator Alex Legler (a3li). This issue was resolved and addressed in GLSA 201110-02 at http://security.gentoo.org/glsa/glsa-201110-02.xml by GLSA coordinator Alex Legler (a3li). |