oss-sec mailing list archives
Re: CVE request: Wireshark multiple vulnerabilities
From: Kurt Seifried <kseifried () redhat com>
Date: Wed, 11 Jan 2012 16:42:23 -0700
On 01/11/2012 09:19 AM, Agostino Sarubbo wrote:
According to secunia advisory: https://secunia.com/advisories/47494/ : Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user's system. 1) NULL pointer dereference errors when reading certain packet information can be exploited to cause a crash. 2) An error within the RLC dissector can be exploited to cause a buffer overflow via a specially crafted RLC packet capture file. and according with upstream advisory: 1)http://www.wireshark.org/security/wnpa-sec-2012-01.html Name: Multiple Wireshark file parser vulnerabilities Description: Laurent Butti discovered that Wireshark failed to properly check record sizes for many packet capture file formats. Impact: It may be possible to make Wireshark crash by convincing someone to read a malformed packet trace file.
Please use CVE-2012-0041 for this issue
2)http://www.wireshark.org/security/wnpa-sec-2012-02.html Name: Wireshark NULL pointer vulnerabilities Description: Wireshark was improperly handling NULL pointers when displaying packet information which could lead to a crash. Impact: It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
Please use CVE-2012-0042 for this issue
3)http://www.wireshark.org/security/wnpa-sec-2012-03.html Name: Wireshark RLC dissector buffer overflow Description: The RLC dissector could overflow a buffer. Impact: It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
Please use CVE-2012-0043 for this issue -- -- Kurt Seifried / Red Hat Security Response Team
Current thread:
- CVE request: Wireshark multiple vulnerabilities Agostino Sarubbo (Jan 11)
- Re: CVE request: Wireshark multiple vulnerabilities Kurt Seifried (Jan 11)
- Re: CVE request: Wireshark multiple vulnerabilities Steven M. Christey (Jan 11)
- Re: CVE request: Wireshark multiple vulnerabilities Kurt Seifried (Jan 11)
- Re: CVE request: Wireshark multiple vulnerabilities Steven M. Christey (Jan 12)
- Re: CVE request: Wireshark multiple vulnerabilities Steven M. Christey (Jan 11)
- Re: CVE request: Wireshark multiple vulnerabilities Huzaifa Sidhpurwala (Jan 12)
- Re: CVE request: Wireshark multiple vulnerabilities Kurt Seifried (Jan 15)
- Re: CVE request: Wireshark multiple vulnerabilities Huzaifa Sidhpurwala (Jan 16)
- Re: CVE request: Wireshark multiple vulnerabilities Kurt Seifried (Jan 17)
- Re: CVE request: Wireshark multiple vulnerabilities Huzaifa Sidhpurwala (Jan 19)
- Re: CVE request: Wireshark multiple vulnerabilities Kurt Seifried (Jan 19)
- Re: CVE request: Wireshark multiple vulnerabilities Kurt Seifried (Jan 11)