| Summary: | <net-analyzer/wireshark-{1.8.12,1.10.5} - multiple vulnerabilities (CVE-2013-{7112,7113,7114}) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Jeroen Roovers (RETIRED) <jer> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | minor | CC: | netmon |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | B3 [noglsa] | ||
| Package list: | Runtime testing required: | --- | |
1.8.12: http://www.wireshark.org/lists/wireshark-announce/201312/msg00001.html 1.10.4: http://www.wireshark.org/lists/wireshark-announce/201312/msg00000.html Arch teams, please test and mark stable: =net-analyzer/wireshark-1.8.12 =net-analyzer/wireshark-1.10.4 Targeted stable KEYWORDS : alpha amd64 hppa ia64 ppc ppc64 sparc x86 Stable for HPPA. 1.10.4 appears to be somewhat problematic[1]. Let's go for 1.10.5 instead. Arch teams, please test and mark stable: =net-analyzer/wireshark-1.8.12 =net-analyzer/wireshark-1.10.5 Targeted stable KEYWORDS : alpha amd64 hppa ia64 ppc ppc64 sparc x86 [1] http://www.wireshark.org/lists/wireshark-announce/201312/msg00002.html ppc stable ppc64 stable alpha stable amd64 stable x86 stable sparc stable CVE-2013-7114 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7114): Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote attackers to cause a denial of service (application crash) via a long domain name in a packet. CVE-2013-7113 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7113): epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. CVE-2013-7112 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7112): The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. ia64 stable. Maintainer(s), please cleanup. Security, please vote. Thanks for your work! GLSA vote: no GLSA vote: no. Closing as [noglsa]. |
1.8.12: The following vulnerabilities have been fixed. * [1]wnpa-sec-2013-66 The SIP dissector could go into an infinite loop. Discovered by Alain Botti. ([2]Bug 9388) Versions affected: 1.10.0 to 1.10.3, 1.8.0 to 1.8.11 [3]CVE-2013-7112 * [4]wnpa-sec-2013-68 The NTLMSSP v2 dissector could crash. Discovered by Garming Sam. ([5]Bug 9488) Versions affected: 1.10.0 to 1.10.3, 1.8.0 to 1.8.11 [6]CVE-2013-7114 1.10.4: The following vulnerabilities have been fixed. * [1]wnpa-sec-2013-66 The SIP dissector could go into an infinite loop. Discovered by Alain Botti. ([2]Bug 9388) Versions affected: 1.10.0 to 1.10.3, 1.8.0 to 1.8.11 [3]CVE-2013-7112 * [4]wnpa-sec-2013-67 The BSSGP dissector could crash. Discovered by Laurent Butti. ([5]Bug 9488) Versions affected: 1.10.0 to 1.10.3 [6]CVE-2013-7113 * [7]wnpa-sec-2013-68 The NTLMSSP v2 dissector could crash. Discovered by Garming Sam. Versions affected: 1.10.0 to 1.10.3, 1.8.0 to 1.8.11 [8]CVE-2013-7114