Summary: | <net-analyzer/wireshark-1.4.7: Multiple vulnerabilities (CVE-2011-{1957,1958,1959,2174,2175}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Jeroen Roovers (RETIRED) <jer> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | netmon, pva |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.wireshark.org/docs/relnotes/wireshark-1.4.7.html | ||
Whiteboard: | B3 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 369749 | ||
Bug Blocks: |
Description
Jeroen Roovers (RETIRED)
2011-06-01 17:17:03 UTC
Arch teams, please, stabilize wireshark-1.4.7. >>> Preparing source in /tmp/portage/net-analyzer/wireshark-1.4.7/work/wireshark-1.4.7 ...
* Cannot find $EPATCH_SOURCE! Value for $EPATCH_SOURCE is:
*
* /usr/portage/net-analyzer/wireshark/files/wireshark-1.4.7-wspy_dissectors_dir.patch
* ( wireshark-1.4.7-wspy_dissectors_dir.patch )
* ERROR: net-analyzer/wireshark-1.4.7 failed (prepare phase):
* Cannot find $EPATCH_SOURCE!
anyway fixing the ebuild locally it works for me on amd64. Same error on lua (see precedent stablereq of wireshark) but is not a regression. Err, patch dropped (as it should). amd64: emerged: all a ok ppc done Stable for HPPA. x86 stable. Thanks alpha/ia64/sparc stable amd64 done. Thanks Agostino and Ian CVE Assignment: > > Wireshark 1.2.17 fixes the following vulnerabilities: > > > > Large/infinite loop in the DICOM dissector. (Bug 5876) > > Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6. CVE-2011-1957 > > > > Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered > > that a corrupted Diameter dictionary file could crash Wireshark. > > Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6. CVE-2011-1958 > > > > Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered > > that a corrupted snoop file could crash Wireshark. (Bug 5912) > > Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6. CVE-2011-1959 > > > > David Maciejak of Fortinet's FortiGuard Labs discovered that malformed > > compressed capture data could crash Wireshark. (Bug 5908) > > Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6. CVE-2011-2174 > > > > Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered > > that a corrupted Visual Networks file could crash Wireshark. (Bug > > 5934) > > Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6. CVE-2011-2175 ppc64 stable, last arch done Thanks, folks. GLSA Vote: No. CVE-2011-2175 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2175): Integer underflow in the visual_read function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a malformed Visual Networks file that triggers a heap-based buffer over-read. CVE-2011-2174 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2174): Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression. CVE-2011-1959 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1959): The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that triggers a stack-based buffer over-read. CVE-2011-1958 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1958): Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Diameter dictionary file. CVE-2011-1957 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1957): The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (infinite loop) via an invalid PDU length. This issue was resolved and addressed in GLSA 201110-02 at http://security.gentoo.org/glsa/glsa-201110-02.xml by GLSA coordinator Alex Legler (a3li). This issue was resolved and addressed in GLSA 201110-02 at http://security.gentoo.org/glsa/glsa-201110-02.xml by GLSA coordinator Alex Legler (a3li). |