oss-sec mailing list archives
Re: CVE request: Wireshark <1.2.1 Multiple DoS
From: Jan Lieskovsky <jlieskov () redhat com>
Date: Wed, 22 Jul 2009 14:18:47 +0200
Hello Steve, vendors,
1, thank you for the prompt assignment.
2, what's related to:
Name: CVE-2009-2560
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2560
Final-Decision:
Interim-Decision:
Modified:
Proposed:
Assigned: 20090721
Category:
Reference: CONFIRM:http://www.wireshark.org/security/wnpa-sec-2009-04.html
Reference: BID:35748
Reference: URL:http://www.securityfocus.com/bid/35748
Reference: SECUNIA:35884
Reference: URL:http://secunia.com/advisories/35884
Reference: VUPEN:ADV-2009-1970
Reference: URL:http://www.vupen.com/english/advisories/2009/1970
Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote
attackers to cause a denial of service (crash) via unspecified vectors
in the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissectors.
This one will need to be split into two different ones, because:
a, the Bluetooth L2CAP and MIOP dissectors flaws are affecting only
version Wireshark 1.2.0 (as mentioned in upstream's
wnpa-sec-2009-04.html)
b, but the RADIUS dissector issue affects also prior versions of
Wireshark -- issue / crash confirmed also in upstreams
Wireshark-1.0.8.
Could you please split the CVE-2009-2560 into two CVE ids?
(one for the L2CAP, MIOP dissectors, other one for
the RADIUS).
Thanks && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team
P.S.: Affected Wireshark versions in other CVE identifiers
assigned within this update are sane.
On Tue, 2009-07-21 at 12:56 +0200, Alex Legler wrote:
Hi,
in case the vendor has not already requested CVEs for this:
"Wireshark 1.2.1 fixes the following vulnerabilities:
* The IPMI dissector could overrun a buffer. (Bug 3559) Versions
affected: 1.2.0
* The AFS dissector could crash. (Bug 3564) Versions affected:
0.9.2 to 1.2.0
* The Infiniband dissector could crash on some platforms. Versions
affected: 1.0.6 to 1.2.0
* The Bluetooth L2CAP dissector could crash. (Bug 3572) Versions
affected: 1.2.0
* The RADIUS dissector could crash. (Bug 3578) Versions affected:
1.2.0
* The MIOP dissector could crash. (Bug 3652) Versions affected:
1.2.0
* The sFlow dissector could use excessive CPU and memory. (Bug
3570) Versions affected: 1.2.0"
http://www.wireshark.org/security/wnpa-sec-2009-04.html
Thanks,
Alex
Current thread:
- CVE request: Wireshark <1.2.1 Multiple DoS Alex Legler (Jul 21)
- Re: CVE request: Wireshark <1.2.1 Multiple DoS Jan Lieskovsky (Jul 22)
- Re: CVE request: Wireshark <1.2.1 Multiple DoS Jan Lieskovsky (Jul 27)
- Re: CVE request: Wireshark <1.2.1 Multiple DoS Steven M. Christey (Aug 03)
- Re: CVE request: Wireshark <1.2.1 Multiple DoS Jan Lieskovsky (Jul 27)
- Re: CVE request: Wireshark <1.2.1 Multiple DoS Jan Lieskovsky (Jul 22)
