Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 536034 - <net-analyzer/wireshark-1.12.3: Multiple vulnerabilities (CVE-2015-{0559,0560,0561,0562,0563,0564})
Summary: <net-analyzer/wireshark-1.12.3: Multiple vulnerabilities (CVE-2015-{0559,0560...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://www.wireshark.org/docs/relnot...
Whiteboard: B3 [glsa cve]
Keywords:
Depends on: 532854
Blocks:
  Show dependency tree
 
Reported: 2015-01-08 15:31 UTC by Agostino Sarubbo
Modified: 2015-10-31 15:10 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2015-01-08 15:31:37 UTC
From ${URL} :

The following vulnerabilities have been fixed.

wnpa-sec-2015-01

The WCCP dissector could crash. (Bug 10720, Bug 10806) CVE-2015-0559, CVE-2015-0560

wnpa-sec-2015-02

The LPP dissector could crash. (Bug 10773) CVE-2015-0561

wnpa-sec-2015-03

The DEC DNA Routing Protocol dissector could crash. (Bug 10724) CVE-2015-0562

wnpa-sec-2015-04

The SMTP dissector could crash. (Bug 10823) CVE-2015-0563

wnpa-sec-2015-05

Wireshark could crash while decypting TLS/SSL sessions. Discovered by Noam Rathaus. CVE-2015-0564




@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Jeroen Roovers gentoo-dev 2015-01-08 23:22:15 UTC
Arch teams, please test and mark stable:
=net-analyzer/wireshark-1.12.3
Targeted stable KEYWORDS : alpha amd64 hppa ia64 ppc ppc64 sparc x86
Comment 2 Agostino Sarubbo gentoo-dev 2015-01-09 08:33:49 UTC
amd64 stable
Comment 3 Agostino Sarubbo gentoo-dev 2015-01-09 08:34:13 UTC
x86 stable
Comment 4 Jeroen Roovers gentoo-dev 2015-01-09 11:06:26 UTC
Stable for HPPA.
Comment 5 Tobias Klausmann gentoo-dev 2015-01-09 13:55:49 UTC
Stable on alpha (including sbc)
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2015-01-10 14:14:06 UTC
CVE-2015-0564 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0564):
  Buffer underflow in the ssl_decrypt_record function in
  epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and
  1.12.x before 1.12.3 allows remote attackers to cause a denial of service
  (application crash) via a crafted packet that is improperly handled during
  decryption of an SSL session.

CVE-2015-0563 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0563):
  epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10.x
  before 1.10.12 and 1.12.x before 1.12.3 uses an incorrect length value for
  certain string-append operations, which allows remote attackers to cause a
  denial of service (application crash) via a crafted packet.

CVE-2015-0562 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0562):
  Multiple use-after-free vulnerabilities in
  epan/dissectors/packet-dec-dnart.c in the DEC DNA Routing Protocol dissector
  in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote
  attackers to cause a denial of service (application crash) via a crafted
  packet, related to the use of packet-scope memory instead of pinfo-scope
  memory.

CVE-2015-0561 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0561):
  asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and
  1.12.x before 1.12.3 does not validate a certain index value, which allows
  remote attackers to cause a denial of service (out-of-bounds memory access
  and application crash) via a crafted packet.

CVE-2015-0560 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0560):
  The dissect_wccp2r1_address_table_info function in
  epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x
  before 1.10.12 and 1.12.x before 1.12.3 does not initialize certain data
  structures, which allows remote attackers to cause a denial of service
  (application crash) via a crafted packet.

CVE-2015-0559 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0559):
  Multiple use-after-free vulnerabilities in epan/dissectors/packet-wccp.c in
  the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before
  1.12.3 allow remote attackers to cause a denial of service (application
  crash) via a crafted packet, related to the use of packet-scope memory
  instead of pinfo-scope memory.
Comment 7 Agostino Sarubbo gentoo-dev 2015-01-13 10:22:06 UTC
sparc stable
Comment 8 Agostino Sarubbo gentoo-dev 2015-01-14 13:52:39 UTC
ppc64 stable
Comment 9 Agostino Sarubbo gentoo-dev 2015-01-15 08:41:08 UTC
ppc stable
Comment 10 Agostino Sarubbo gentoo-dev 2015-01-16 08:10:08 UTC
ia64 stable.

Maintainer(s), please cleanup.
Security, please vote.
Comment 11 Yury German Gentoo Infrastructure gentoo-dev Security 2015-04-22 20:49:22 UTC
Maintainer(s), Thank you for you for cleanup.

GLSA Vote: No

Maintainer(s), please drop the vulnerable version(s).
Comment 12 Yury German Gentoo Infrastructure gentoo-dev Security 2015-05-13 22:30:43 UTC
Added to an existing GLSA Request.
Comment 13 GLSAMaker/CVETool Bot gentoo-dev 2015-10-31 15:10:37 UTC
This issue was resolved and addressed in
 GLSA 201510-03 at https://security.gentoo.org/glsa/201510-03
by GLSA coordinator Kristian Fiskerstrand (K_F).