Gentoo Logo

Wireshark: Denial of Service

Content:

1.  Gentoo Linux Security Advisory

Version Information

Advisory Reference GLSA 200909-16 / wireshark
Release Date September 13, 2009
Latest Revision September 13, 2009: 01
Impact normal
Exploitable remote
Package Vulnerable versions Unaffected versions Architecture(s)
net-analyzer/wireshark < 1.2.1 >= 1.2.1 All supported architectures

Related bugreports: #278564

Synopsis

Multiple vulnerabilities have been discovered in Wireshark which allow for Denial of Service.

2.  Impact Information

Background

Wireshark is a versatile network protocol analyzer.

Description

Multiple vulnerabilities were discovered in Wireshark:

  • A buffer overflow in the IPMI dissector related to an array index error (CVE-2009-2559).
  • Multiple unspecified vulnerabilities in the Bluetooth L2CAP, RADIUS, and MIOP dissectors (CVE-2009-2560).
  • An unspecified vulnerability in the sFlow dissector (CVE-2009-2561).
  • An unspecified vulnerability in the AFS dissector (CVE-2009-2562).
  • An unspecified vulnerability in the Infiniband dissector when running on unspecified platforms (CVE-2009-2563).

Impact

A remote attacker could exploit these vulnerabilities by sending specially crafted packets on a network being monitored by Wireshark or by enticing a user to read a malformed packet trace file to cause a Denial of Service.

3.  Resolution Information

Workaround

There is no known workaround at this time.

Resolution

All Wireshark users should upgrade to the latest version:

Code Listing 3.1: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-1.2.1"

4.  References



Print

Page updated September 13, 2009

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.

Copyright 2001-2014 Gentoo Foundation, Inc. Questions, Comments? Contact us.