Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[ GLSA 200911-05 ] Wireshark: Multiple vulnerabilities
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index News & Announcements
View previous topic :: View next topic  
Author Message
GLSA
Veteran
Veteran


Joined: 12 May 2004
Posts: 1547

PostPosted: Wed Nov 25, 2009 4:26 pm    Post subject: [ GLSA 200911-05 ] Wireshark: Multiple vulnerabilities Reply with quote

Gentoo Linux Security Advisory

Title: Wireshark: Multiple vulnerabilities (GLSA 200911-05)
Severity: normal
Exploitable: remote
Date: November 25, 2009
Bug(s): #285280, #290710
ID: 200911-05

Synopsis


Multiple vulnerabilities have been discovered in Wireshark, allowing for
the remote execution of arbitrary code, or Denial of Service.


Background


Wireshark is a versatile network protocol analyzer.


Affected Packages

Package: net-analyzer/wireshark
Vulnerable: < 1.2.3
Unaffected: >= 1.2.3
Architectures: All supported architectures


Description


Multiple vulnerabilities have been discovered in Wireshark:
  • Ryan Giobbi reported an integer overflow in wiretap/erf.c
    (CVE-2009-3829).
  • The vendor reported multiple unspecified
    vulnerabilities in the Bluetooth L2CAP, RADIUS, and MIOP dissectors
    (CVE-2009-2560), in the OpcUa dissector (CVE-2009-3241), in packet.c in
    the GSM A RR dissector (CVE-2009-3242), in the TLS dissector
    (CVE-2009-3243), in the Paltalk dissector (CVE-2009-3549), in the
    DCERPC/NT dissector (CVE-2009-3550), and in the
    dissect_negprot_response() function in packet-smb.c in the SMB
    dissector (CVE-2009-3551).


Impact


A remote attacker could entice a user to open a specially crafted "erf"
file using Wireshark, possibly resulting in the execution of arbitrary
code with the privileges of the user running the application. A remote
attacker could furthermore send specially crafted packets on a network
being monitored by Wireshark or entice a user to open a malformed
packet trace file using Wireshark, possibly resulting in a Denial of
Service.


Workaround


There is no known workaround at this time.


Resolution


All Wireshark users should upgrade to the latest version:
Code:
# emerge --sync
    # emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-1.2.3"


References

CVE-2009-2560
CVE-2009-3241
CVE-2009-3242
CVE-2009-3243
CVE-2009-3549
CVE-2009-3550
CVE-2009-3551
CVE-2009-3829
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index News & Announcements All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum