Summary: | <net-analyzer/wireshark-{1.8.13,1.10.6}: multiple vulnerabilities (CVE-2014-{2281,2282,2283,2299}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Jeroen Roovers (RETIRED) <jer> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | netmon |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.wireshark.org/lists/wireshark-announce/201403/msg00000.html | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Jeroen Roovers (RETIRED)
2014-03-07 22:54:49 UTC
Arch teams, please test and mark stable: =net-analyzer/wireshark-1.8.13 =net-analyzer/wireshark-1.10.6 Targeted stable KEYWORDS : alpha amd64 hppa ia64 ppc ppc64 sparc x86 Stable for HPPA. amd64 stable x86 stable sparc stable ppc stable ia64 stable alpha stable ppc64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. Arches and Maintainer(s), Thank you for your work. Created new GLSA request. CVE-2014-2299 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2299): Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large record in MPEG data. CVE-2014-2283 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2283): epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 uses inconsistent memory-management approaches, which allows remote attackers to cause a denial of service (use-after-free error and application crash) via a crafted UMTS Radio Link Control packet. CVE-2014-2282 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2282): The dissect_protocol_data_parameter function in epan/dissectors/packet-m3ua.c in the M3UA dissector in Wireshark 1.10.x before 1.10.6 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted SS7 MTP3 packet. CVE-2014-2281 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2281): The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet. This issue was resolved and addressed in GLSA 201406-33 at http://security.gentoo.org/glsa/glsa-201406-33.xml by GLSA coordinator Mikle Kolyada (Zlogene). |