Wireshark: Multiple Denials of Service
1.
Gentoo Linux Security Advisory
Version Information
| Advisory Reference |
GLSA 200809-17 / wireshark |
| Release Date |
September 25, 2008 |
| Latest Revision |
September 25, 2008: 01 |
| Impact |
normal |
| Exploitable |
remote |
| Package |
Vulnerable versions |
Unaffected versions |
Architecture(s) |
| net-analyzer/wireshark |
<
1.0.3 |
>=
1.0.3 |
All supported architectures
|
Related bugreports:
#236515
Synopsis
Multiple Denial of Service vulnerabilities have been discovered in
Wireshark.
2.
Impact Information
Background
Wireshark is a network protocol analyzer with a graphical front-end.
Description
The following vulnerabilities were reported:
-
Multiple buffer overflows in the NCP dissector (CVE-2008-3146).
-
Infinite loop in the NCP dissector (CVE-2008-3932).
-
Invalid read in the tvb_uncompress() function when processing zlib
compressed data (CVE-2008-3933).
-
Unspecified error when processing Textronix .rf5 files
(CVE-2008-3934).
Impact
A remote attacker could exploit these vulnerabilities by sending
specially crafted packets on a network being monitored by Wireshark or
by enticing a user to read a malformed packet trace file, causing a
Denial of Service.
3.
Resolution Information
Workaround
There is no known workaround at this time.
Resolution
All Wireshark users should upgrade to the latest version:
Code Listing 3.1: Resolution |
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-1.0.3"
|
4.
References
|
