Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 258013 (CVE-2009-0599) - net-analyzer/wireshark <1.0.6 Multiple problems in Wireshark versions 0.99.6 to 1.0.5 (CVE-2009-{0599,0600,0601})
Summary: net-analyzer/wireshark <1.0.6 Multiple problems in Wireshark versions 0.99.6 ...
Status: RESOLVED FIXED
Alias: CVE-2009-0599
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL: http://www.wireshark.org/security/wnp...
Whiteboard: B3 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2009-02-07 12:27 UTC by Peter Volkov (RETIRED)
Modified: 2009-06-30 18:12 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Peter Volkov (RETIRED) gentoo-dev 2009-02-07 12:27:17 UTC 
Just coping description from advisory:

http://www.wireshark.org/security/wnpa-sec-2009-01.html
=============================================================================
Wireshark 1.0.6 fixes the following vulnerabilities:

    * On non-Windows systems, Wireshark could crash if the HOME environment variable contained sprintf-style string formatting characters. Discovered by babi. (Bug 3150) Versions affected: 0.99.8 to 1.0.5
    * Wireshark could crash while reading a malformed NetScreen snoop file. Discovered by babi. (Bug 3151) Versions affected: 0.99.7 to 1.0.5
    * Wireshark could crash while reading a Tektronix K12 text capture file. (Bug 1937) Versions affected: 0.99.6 to 1.0.5 

Impact

It may be possible to make Wireshark crash by altering the HOME environment variable or by convincing someone to read a malformed packet trace file. 
=============================================================================

New ebuild is in the tree. arch teams, please, stabilize this package.
Comment 1 Tobias Klausmann (RETIRED) gentoo-dev 2009-02-07 15:47:40 UTC 
Stable on alpha.
Comment 2 Jeroen Roovers (RETIRED) gentoo-dev 2009-02-07 18:16:45 UTC 
Stable for HPPA.
Comment 3 Markus Meier gentoo-dev 2009-02-08 14:08:45 UTC 
amd64/x86 stable
Comment 4 Raúl Porcel (RETIRED) gentoo-dev 2009-02-09 19:11:00 UTC 
ia64/sparc stable
Comment 5 Brent Baude (RETIRED) gentoo-dev 2009-02-10 16:04:03 UTC 
ppc64 done
Comment 6 Tobias Scherbaum (RETIRED) gentoo-dev 2009-02-11 17:14:29 UTC 
ppc stable
Comment 7 Robert Buchholz (RETIRED) gentoo-dev 2009-02-12 19:22:43 UTC 
We could easily add these to the existing GLSA requests, but independent of that I'd say no... however... : YES
Comment 8 Stefan Behte (RETIRED) gentoo-dev Security 2009-02-17 20:46:08 UTC 
CVE-2009-0599 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0599):
  Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through
  1.0.5 allows user-assisted remote attackers to cause a denial of
  service (application crash) via a malformed NetScreen snoop file.

CVE-2009-0600 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0600):
  Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers
  to cause a denial of service (application crash) via a crafted
  Tektronix K12 text capture file, as demonstrated by a file with
  exactly one frame.

CVE-2009-0601 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0601):
  Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on
  non-Windows platforms allows local users to cause a denial of service
  (application crash) via format string specifiers in the HOME
  environment variable.
Comment 9 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2009-02-22 00:02:24 UTC 
glsa-voting:

same as rbu comment #7. I would have said No (~ client-side dos) but if this can go with an already existing draft, then Yes.
Comment 10 Pierre-Yves Rofes (RETIRED) gentoo-dev 2009-04-19 12:50:09 UTC 
this will have a glsa with #242996 and #248925.
Comment 11 Stefan Behte (RETIRED) gentoo-dev Security 2009-06-30 18:12:14 UTC 
GLSA 200906-05, thanks everyone