| Summary: | <net-analyzer/wireshark-{1.6.15,1.8.7} - multiple vulnerabilities (CVE-2013-{3555,3556,3557,3558,3559,3560,3561,3562}) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Jeroen Roovers (RETIRED) <jer> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | minor | CC: | netmon |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://www.wireshark.org/news/20130517.html | ||
| Whiteboard: | B3 [glsa] | ||
| Package list: | Runtime testing required: | --- | |
|
Description
Jeroen Roovers (RETIRED)
2013-05-18 14:38:55 UTC
Arch teams, please test and mark stable: =net-analyzer/wireshark-1.6.15 =net-analyzer/wireshark-1.8.7 Stable KEYWORDS : alpha amd64 hppa ia64 ppc ppc64 sparc x86 amd64 stable (In reply to comment #2) > amd64 stable The other half, too, please. Stable for HPPA. amd64 stable x86 stable ppc stable sparc stable alpha stable ia64 stable ppc64 stable SPARC still needs to stabilise 1.6.15. sparc stable CVE-2013-3562 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3562): Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet. CVE-2013-3561 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3561): Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector. CVE-2013-3560 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3560): The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. CVE-2013-3559 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3559): epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet. CVE-2013-3558 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3558): The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. CVE-2013-3557 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3557): The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. CVE-2013-3556 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3556): The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. CVE-2013-3555 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3555): epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. Adding to existing GLSA draft This issue was resolved and addressed in GLSA 201308-05 at http://security.gentoo.org/glsa/glsa-201308-05.xml by GLSA coordinator Sergey Popov (pinkbyte). |