<wireshark-{1.6.10,1.8.2} - multiple vulnerabilities
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Gentoo Linux |
Fix Released
|
Medium
|
|||
wireshark (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Precise |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
The following vulnerabilities have been fixed.
wnpa-sec-2012-13
The DCP ETSI dissector could trigger a zero division. Reported by Laurent Butti. (Bug 7566)
Versions affected: 1.4.0 to 1.4.14, 1.6.0 to 1.6.9, 1.8.0 to 1.8.1.
CVE-2012-4285
wnpa-sec-2012-14
The MongoDB dissector could go into a large loop. Reported by Ben Schmidt. (Bug 7572)
Versions affected: 1.8.0 to 1.8.1.
CVE-2012-4287
wnpa-sec-2012-15
The XTP dissector could go into an infinite loop. Reported by Ben Schmidt. (Bug 7571)
Versions affected: 1.4.0 to 1.4.14, 1.6.0 to 1.6.9, 1.8.0 to 1.8.1.
CVE-2012-4288
wnpa-sec-2012-16
The ERF dissector could overflow a buffer. Reported by Laurent Butti. (Bug 7563)
Versions affected: 1.8.0 to 1.8.1.
CVE-2012-4294 CVE-2012-4295
wnpa-sec-2012-17
The AFP dissector could go into a large loop. Reported by Stefan Cornelius. (Bug 7603)
Versions affected: 1.4.0 to 1.4.14, 1.6.0 to 1.6.9, 1.8.0 to 1.8.1.
CVE-2012-4289
wnpa-sec-2012-18
The RTPS2 dissector could overflow a buffer. Reported by Laurent Butti. (Bug 7568)
Versions affected: 1.4.0 to 1.4.14, 1.6.0 to 1.6.9, 1.8.0 to 1.8.1.
CVE-2012-4296
wnpa-sec-2012-19
The GSM RLC MAC dissector could overflow a buffer. Reported by Laurent Butti. (Bug 7561)
Versions affected: 1.6.0 to 1.6.9, 1.8.0 to 1.8.1.
CVE-2012-4297
wnpa-sec-2012-20
The CIP dissector could exhaust system memory. Reported by Ben Schmidt. (Bug 7570)
Versions affected: 1.4.0 to 1.4.14, 1.6.0 to 1.6.9, 1.8.0 to 1.8.1.
CVE-2012-4291
wnpa-sec-2012-21
The STUN dissector could crash. Reported by Laurent Butti. (Bug 7569)
Versions affected: 1.4.0 to 1.4.14, 1.6.0 to 1.6.9, 1.8.0 to 1.8.1.
CVE-2012-4292
wnpa-sec-2012-22
The EtherCAT Mailbox dissector could abort. Reported by Laurent Butti. (Bug 7562)
Versions affected: 1.4.0 to 1.4.14, 1.6.0 to 1.6.9, 1.8.0 to 1.8.1.
CVE-2012-4293
wnpa-sec-2012-23
The CTDB dissector could go into a large loop. Reported by Ben Schmidt. (Bug 7573)
Versions affected: 1.4.0 to 1.4.14, 1.6.0 to 1.6.9, 1.8.0 to 1.8.1.
CVE-2012-4290
wnpa-sec-2012-24
The pcap-ng file parser could trigger a zero division. (Bug 7533)
Versions affected: 1.8.0 to 1.8.1.
CVE-2012-4286
wnpa-sec-2012-25
The Ixia IxVeriWave file parser could overflow a buffer. (Bug 7533)
Versions affected: 1.8.0 to 1.8.1.
CVE-2012-4298
tags: | added: upgrade-software-version |
Changed in wireshark (Ubuntu): | |
status: | New → Confirmed |
Changed in gentoo: | |
importance: | Unknown → Medium |
visibility: | private → public |
Changed in gentoo: | |
status: | Unknown → Fix Released |
CVE-2012-4285 CVE-2012-4287 CVE-2012-4288 CVE-2012-4294 CVE-2012-4295 CVE-2012-4289 CVE-2012-4296 CVE-2012-4297 CVE-2012-4291 CVE-2012-4292 CVE-2012-4293 CVE-2012-4290 CVE-2012-4286 CVE-2012-4298