Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 490434 (CVE-2013-6336) - <net-analyzer/wireshark-{1.8.11,1.10.3} : Multiple Denial of Service Vulnerabilities (CVE-2013-{6336,6337,6338,6339,6340})
Summary: <net-analyzer/wireshark-{1.8.11,1.10.3} : Multiple Denial of Service Vulnerab...
Status: RESOLVED FIXED
Alias: CVE-2013-6336
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://secunia.com/advisories/55492/
Whiteboard: B3 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2013-11-04 20:56 UTC by Agostino Sarubbo
Modified: 2013-12-16 18:32 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2013-11-04 20:56:14 UTC
From ${URL} :

Description

Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious 
people to cause a DoS (Denial of Service).

1) An error within the IEEE 802.15.4 dissector can be exploited to cause a crash.

2) An error within the NBAP dissector can be exploited to cause a crash.

3) An error within the SIP dissector can be exploited to cause a crash.

4) An error within the OpenWire dissector can be exploited to trigger an infinite loop.

5) An error within the TCP dissector can be exploited to cause a crash.

The vulnerabilities are reported in versions prior to 1.10.3 and 1.8.11.


Solution:
Update to version 1.10.3 or 1.8.11.

Provided and/or discovered by:
1, 3, 5) Reported by the vendor.

The vendor credits:
2) Laurent Butti.
4) Murali.

Original Advisory:
http://www.wireshark.org/docs/relnotes/wireshark-1.10.3.html
http://www.wireshark.org/docs/relnotes/wireshark-1.8.11.html


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2013-11-05 02:02:53 UTC
CVE-2013-6340 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6340):
  epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x before
  1.8.11 and 1.10.x before 1.10.3 does not properly determine the amount of
  remaining data, which allows remote attackers to cause a denial of service
  (application crash) via a crafted packet.

CVE-2013-6339 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6339):
  The dissect_openwire_type function in epan/dissectors/packet-openwire.c in
  the OpenWire dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before
  1.10.3 allows remote attackers to cause a denial of service (loop) via a
  crafted packet.

CVE-2013-6338 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6338):
  The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP
  dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not
  properly initialize a data structure, which allows remote attackers to cause
  a denial of service (application crash) via a crafted packet.

CVE-2013-6337 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6337):
  Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before
  1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of
  service (application crash) via a crafted packet.

CVE-2013-6336 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6336):
  The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in
  the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x
  before 1.10.3 uses an incorrect pointer chain, which allows remote attackers
  to cause a denial of service (application crash) via a crafted packet.
Comment 2 Jeroen Roovers (RETIRED) gentoo-dev 2013-11-08 14:48:48 UTC
Arch teams, please test and mark stable:
=net-analyzer/wireshark-1.8.11
=net-analyzer/wireshark-1.10.3
Targeted stable KEYWORDS : alpha amd64 hppa ia64 ppc ppc64 sparc x86
Comment 3 Jeroen Roovers (RETIRED) gentoo-dev 2013-11-08 18:11:11 UTC
Stable for HPPA.
Comment 4 Agostino Sarubbo gentoo-dev 2013-11-09 09:34:03 UTC
amd64 stable
Comment 5 Agostino Sarubbo gentoo-dev 2013-11-09 09:35:06 UTC
x86 stable
Comment 6 Agostino Sarubbo gentoo-dev 2013-11-09 09:37:11 UTC
alpha stable
Comment 7 Agostino Sarubbo gentoo-dev 2013-11-09 09:37:22 UTC
ppc stable
Comment 8 Agostino Sarubbo gentoo-dev 2013-11-09 09:37:32 UTC
ppc64 stable
Comment 9 Agostino Sarubbo gentoo-dev 2013-11-09 09:37:41 UTC
sparc stable
Comment 10 Agostino Sarubbo gentoo-dev 2013-11-12 20:14:06 UTC
ia64 stable.

Maintainer(s), please cleanup.
Security, please vote.
Comment 11 Chris Reffett (RETIRED) gentoo-dev Security 2013-12-03 19:29:02 UTC
GLSA vote: no.
Comment 12 Chris Reffett (RETIRED) gentoo-dev Security 2013-12-03 19:31:48 UTC
Strike that, we have a GLSA request open already. Added to request.
Comment 13 Yury German Gentoo Infrastructure gentoo-dev 2013-12-04 04:15:38 UTC
Maintainer(s), Thank you for cleanup!
Comment 14 GLSAMaker/CVETool Bot gentoo-dev 2013-12-16 18:32:14 UTC
This issue was resolved and addressed in
 GLSA 201312-13 at http://security.gentoo.org/glsa/glsa-201312-13.xml
by GLSA coordinator Sergey Popov (pinkbyte).