Bug#452381: multiple security issues
Nico Golde wrote: > Hi Frederic, > * Frederic Peters <[EMAIL PROTECTED]> [2007-11-22 18:06]: > > I'll package 0.99.7pre1, I'll then investigate the problems also > > present in Etch/Sarge packages. > [...] > Thanks, I saw the upload and marked those as fixed in this > version in the security tracker. Please close the bug in the > changelog next time to make tracking this bug easier. Yeah, I forgot about closing the bug report. I'll add references to CVE in the next upload. Moritz Muehlenhoff is handling the backports to etch and sarge. Regards, Frederic -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#452381: multiple security issues
Hi Frederic, * Frederic Peters <[EMAIL PROTECTED]> [2007-11-22 18:06]: > I'll package 0.99.7pre1, I'll then investigate the problems also > present in Etch/Sarge packages. [...] Thanks, I saw the upload and marked those as fixed in this version in the security tracker. Please close the bug in the changelog next time to make tracking this bug easier. The following CVE ids were assigned to these bugs: == Name: CVE-2007-6111 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6111 Reference: CONFIRM:http://www.wireshark.org/security/wnpa-sec-2007-03.html Reference: BID:26532 Reference: URL:http://www.securityfocus.com/bid/26532 Reference: FRSIRT:ADV-2007-3956 Reference: URL:http://www.frsirt.com/english/advisories/2007/3956 Reference: SECTRACK:1018988 Reference: URL:http://securitytracker.com/id?1018988 Reference: SECUNIA:2 Reference: URL:http://secunia.com/advisories/2 Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remote attackers to cause a denial of service (crash) via (1) a crafted MP3 file or (2) unspecified vectors to the NCP dissector. == Name: CVE-2007-6112 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6112 Reference: CONFIRM:http://www.wireshark.org/security/wnpa-sec-2007-03.html Reference: BID:26532 Reference: URL:http://www.securityfocus.com/bid/26532 Reference: FRSIRT:ADV-2007-3956 Reference: URL:http://www.frsirt.com/english/advisories/2007/3956 Reference: SECTRACK:1018988 Reference: URL:http://securitytracker.com/id?1018988 Reference: SECUNIA:2 Reference: URL:http://secunia.com/advisories/2 Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. == Name: CVE-2007-6113 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6113 Reference: CONFIRM:http://www.wireshark.org/security/wnpa-sec-2007-03.html Reference: BID:26532 Reference: URL:http://www.securityfocus.com/bid/26532 Reference: FRSIRT:ADV-2007-3956 Reference: URL:http://www.frsirt.com/english/advisories/2007/3956 Reference: SECTRACK:1018988 Reference: URL:http://securitytracker.com/id?1018988 Reference: SECUNIA:2 Reference: URL:http://secunia.com/advisories/2 Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP packet. == Name: CVE-2007-6114 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6114 Reference: CONFIRM:http://www.wireshark.org/security/wnpa-sec-2007-03.html Reference: BID:26532 Reference: URL:http://www.securityfocus.com/bid/26532 Reference: FRSIRT:ADV-2007-3956 Reference: URL:http://www.frsirt.com/english/advisories/2007/3956 Reference: SECTRACK:1018988 Reference: URL:http://securitytracker.com/id?1018988 Reference: SECUNIA:2 Reference: URL:http://secunia.com/advisories/2 Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser. == Name: CVE-2007-6115 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6115 Reference: CONFIRM:http://www.wireshark.org/security/wnpa-sec-2007-03.html Reference: BID:26532 Reference: URL:http://www.securityfocus.com/bid/26532 Reference: FRSIRT:ADV-2007-3956 Reference: URL:http://www.frsirt.com/english/advisories/2007/3956 Reference: SECTRACK:1018988 Reference: URL:http://securitytracker.com/id?1018988 Reference: SECUNIA:2 Reference: URL:http://secunia.com/advisories/2 Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors. == Name: CVE-2007-6116 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6116 Reference: CONFIRM:http://www.wireshark.org/security/wnpa-sec-2007-03.html Reference: BID:26532 Reference: URL:http://www.securityfocus.com/bid/26532 Reference: FRSIRT:ADV-2007-3956 Reference: URL:http://www.frsirt.com/english/advisories/2007/3956 Reference: SECTRACK:1018988 Reference: URL:http://securitytracker.com/id?1018988 Reference: SECUNIA:2 Reference: URL:http://secunia.com/advisories/2 The Firebird/Interbase dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite loop or crash) v
Bug#452381: multiple security issues
Nico Golde wrote: I'll package 0.99.7pre1, I'll then investigate the problems also present in Etch/Sarge packages. > Beyond Security discovered that Wireshark could loop excessively > while reading a malformed DNP packet. > Versions affected: 0.10.12 to 0.99.6 Etch. > Stefan Esser discovered a buffer overflow in the SSL dissector. > Versions affected: 0.99.0 to 0.99.6 Etch. > The HTTP dissector could crash on some systems while decoding chunked > messages. > Versions affected: 0.10.14 to 0.99.6 Etch. > The MEGACO dissector could enter a large loop and consume system resources. > Versions affected: 0.9.14 to 0.99.6 Etch and Sarge. > Fabiodds discovered a buffer overflow in the iSeries (OS/400) > Communication trace file parser. (Bug 1926) > Versions affected: 0.99.0 to 0.99.6 Etch. > The Bluetooth SDP dissector could go into an infinite loop. > Versions affected: 0.99.2 to 0.99.6 Etch. > A malformed RPC Portmap packet could cause a crash. (Bug 1998) > Versions affected: 0.8.16 to 0.99.6 Etch and Sarge. Regards, Frederic -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#452381: multiple security issues
Package: wireshark Severity: grave Tags: security Hi, from: http://www.wireshark.org/security/wnpa-sec-2007-03.html Wireshark 0.99.7 fixes the following vulnerabilities: Wireshark could crash when reading an MP3 file. Versions affected: 0.99.6 Beyond Security discovered that Wireshark could loop excessively while reading a malformed DNP packet. Versions affected: 0.10.12 to 0.99.6 Stefan Esser discovered a buffer overflow in the SSL dissector. Versions affected: 0.99.0 to 0.99.6 The ANSI MAP dissector could be susceptible to a buffer overflow on some platforms. (Bug 1844) Versions affected: 0.99.5 to 0.99.6 The Firebird/Interbase dissector could go into an infinite loop or crash. (Bugs 1931 and 1932) Versions affected: 0.99.6 The NCP dissector could cause a crash. Versions affected: 0.99.6 The HTTP dissector could crash on some systems while decoding chunked messages. Versions affected: 0.10.14 to 0.99.6 The MEGACO dissector could enter a large loop and consume system resources. Versions affected: 0.9.14 to 0.99.6 The DCP ETSI dissector could enter a large loop and consume system resources. Versions affected: 0.99.6 Fabiodds discovered a buffer overflow in the iSeries (OS/400) Communication trace file parser. (Bug 1926) Versions affected: 0.99.0 to 0.99.6 The PPP dissector could overflow a buffer. Versions affected: 0.99.6 The Bluetooth SDP dissector could go into an infinite loop. Versions affected: 0.99.2 to 0.99.6 A malformed RPC Portmap packet could cause a crash. (Bug 1998) Versions affected: 0.8.16 to 0.99.6 CVE ids for this are pending, I will add them to this bug report if I got them. Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpHwasLOP3HC.pgp Description: PGP signature
