Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 417203 (CVE-2012-2392) - <net-analyzer/wireshark-1.6.8: Multiple DoS Vulnerabilities (CVE-2012-{2392,2393,2394,3825,3826})
Summary: <net-analyzer/wireshark-1.6.8: Multiple DoS Vulnerabilities (CVE-2012-{2392,2...
Status: RESOLVED FIXED
Alias: CVE-2012-2392
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://www.wireshark.org/docs/relnot...
Whiteboard: B3 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2012-05-23 05:36 UTC by Tim Sammut (RETIRED)
Modified: 2012-07-12 01:04 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Tim Sammut (RETIRED) gentoo-dev 2012-05-23 05:36:02 UTC
From the upstream release notes at $URL:

wnpa-sec-2012-08

    Infinite and large loops in the ANSI MAP, ASF, BACapp, Bluetooth HCI, IEEE 802.11, IEEE 802.3, LTP, and R3 dissectors have been fixed. Discovered by Laurent Butti. (Bugs 6805, 7118, 7119, 7120, 7121, 7122, 7124, 7125)

    Versions affected: 1.4.0 to 1.4.12, 1.6.0 to 1.6.7.


wnpa-sec-2012-09

    The DIAMETER dissector could try to allocate memory improperly and crash. (Bug 7138)

    Versions affected: 1.4.0 to 1.4.12, 1.6.0 to 1.6.7.


wnpa-sec-2012-10

    Wireshark could crash on SPARC processors due to misaligned memory. Discovered by Klaus Heckelmann. (Bug 7221)

    Versions affected: 1.4.0 to 1.4.12, 1.6.0 to 1.6.7.


These have reportedly been fixed in 1.6.8.
Comment 1 Jeroen Roovers gentoo-dev 2012-05-23 15:35:53 UTC
Arch teams, please test and mark stable:
=net-analyzer/wireshark-1.6.8
Target KEYWORDS="alpha amd64 hppa ia64 ppc ppc64 sparc x86"
Comment 2 Mikle Kolyada archtester Gentoo Infrastructure gentoo-dev Security 2012-05-23 19:41:46 UTC
x86:

I getting error, i'm created Bug 417301
Comment 3 Jeff (JD) Horelick (RETIRED) gentoo-dev 2012-05-23 19:53:32 UTC
x86 stable. USE="doc" works for me....
Comment 4 Agostino Sarubbo gentoo-dev 2012-05-23 21:35:08 UTC
amd64 stable
Comment 5 Jeroen Roovers gentoo-dev 2012-05-24 02:23:00 UTC
Stable for HPPA.
Comment 6 Raúl Porcel (RETIRED) gentoo-dev 2012-05-26 17:10:51 UTC
alpha/ia64/sparc stable
Comment 7 Brent Baude (RETIRED) gentoo-dev 2012-05-29 15:34:03 UTC
ppc64 done
Comment 8 Brent Baude (RETIRED) gentoo-dev 2012-06-08 18:11:04 UTC
ppc done
Comment 9 Tim Sammut (RETIRED) gentoo-dev 2012-06-10 15:32:54 UTC
Thanks, folks. GLSA Vote: no.
Comment 10 Sean Amoss gentoo-dev Security 2012-06-11 20:04:46 UTC
GLSA vote: no.

Closing noglsa.
Comment 11 GLSAMaker/CVETool Bot gentoo-dev 2012-07-12 01:04:01 UTC
CVE-2012-3826 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3826):
  Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x
  before 1.6.8 allow remote attackers to cause a denial of service (loop) via
  vectors related to the R3 dissector, a different vulnerability than
  CVE-2012-2392.

CVE-2012-3825 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3825):
  Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before
  1.6.8 allow remote attackers to cause a denial of service (infinite loop)
  via vectors related to the (1) BACapp and (2) Bluetooth HCI dissectors, a
  different vulnerability than CVE-2012-2392.

CVE-2012-2394 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2394):
  Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and
  Itanium platforms does not properly perform data alignment for a certain
  structure member, which allows remote attackers to cause a denial of service
  (application crash) via a (1) ICMP or (2) ICMPv6 Echo Request packet.

CVE-2012-2393 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2393):
  epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark
  1.4.x before 1.4.13 and 1.6.x before 1.6.8 does not properly construct
  certain array data structures, which allows remote attackers to cause a
  denial of service (application crash) via a crafted packet that triggers
  incorrect memory allocation.

CVE-2012-2392 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2392):
  Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote attackers
  to cause a denial of service (infinite loop) via vectors related to the (1)
  ANSI MAP, (2) ASF, (3) IEEE 802.11, (4) IEEE 802.3, and (5) LTP dissectors.