Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 355335 (CVE-2011-0713) - net-analyzer/wireshark: heap-based buffer overflow when reading malformed Nokia DCT3 phone signalling traces (CVE-2011-0713)
Summary: net-analyzer/wireshark: heap-based buffer overflow when reading malformed Nok...
Status: RESOLVED DUPLICATE of bug 354197
Alias: CVE-2011-0713
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High major
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: B2 [ebuild blocked]
Keywords:
Depends on:
Blocks:
 
Reported: 2011-02-17 15:56 UTC by Paweł Hajdan, Jr. (RETIRED)
Modified: 2011-03-03 07:55 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2011-02-17 15:56:07 UTC 
A heap-based buffer overflow was found in the way Wireshark
processes signalling traces generated by Gammu (www.gammu.org)
from Nokia DCT3 phones in Netmonitor mode.

An attacker could use this flaw to cause wireshark executable
to crash or, potentially, execute arbitrary code with the privileges
of the user running wireshark, if the local user opened a
specially-crafted capture file.

The following upstream commit fixes this issue:
http://anonsvn.wireshark.org/viewvc?view=rev&revision=35953
Comment 1 Tim Sammut (RETIRED) gentoo-dev 2011-03-02 03:42:46 UTC 
We'll work this in bug 354197.
Comment 2 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2011-03-03 07:55:07 UTC 
According to http://www.wireshark.org/security/wnpa-sec-2011-04.html this is fixed in wireshark-1.4.4, I think it will be simpler to close it as a dupe then.

*** This bug has been marked as a duplicate of bug 354197 ***