Wireshark 1.0 is available- Fixes Multiple Vulnerabilities
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| wireshark (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
Bug Description
Binary package hint: wireshark
Wireshark 1.0 has been released on March 31, 2008.
Changelog: http://
wireshark (1.0.0-1) unstable; urgency=low
* Several security issues were solved in 0.99.7 already:
(closes: #452381)
* allow remote attackers to cause a denial of service (crash) via (1) a
crafted MP3 file or (2) unspecified vectors to the NCP dissector
* Buffer overflow in the PPP dissector Wireshark (formerly Ethereal)
0.99.6 allows remote attackers to cause a denial of service (crash)
and possibly execute arbitrary code via unknown vectors.
* Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote
attackers to cause a denial of service (long loop) via a malformed DNP
packet (CVE-2007-6113)
* Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0
through 0.99.6 allow remote attackers to cause a denial of service
(crash) and possibly execute arbitrary code via (1) the SSL dissector
or (2) the iSeries (OS/400) Communication trace file parser
* Buffer overflow in the ANSI MAP dissector for Wireshark (formerly
Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms,
allows remote attackers to cause a denial of service and possibly
execute arbitrary code via unknown vectors. (CVE-2007-6115)
* The Firebird/Interbase dissector in Wireshark (formerly Ethereal)
0.99.6 allows remote attackers to cause a denial of service (infinite
loop or crash) via unknown vectors. (CVE-2007-6116)
* Unspecified vulnerability in the HTTP dissector for Wireshark
(formerly Ethereal) 0.10.14 to 0.99.6 has unknown impact and remote
attack vectors related to chunked messages. (CVE-2007-6117)
* The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6
allows remote attackers to cause a denial of service (long loop and
resource consumption) via unknown vectors. (CVE-2007-6118)
* The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows
remote attackers to cause a denial of service (long loop and resource
consumption) via unknown vectors. (CVE-2007-6119)
* The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to
0.99.6 allows remote attackers to cause a denial of service (infinite
loop) via unknown vectors. (CVE-2007-6120)
* Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers
to cause a denial of service (crash) via a malformed RPC Portmap
packet. (CVE-2007-6121)
* current wireshark has SSL support (closes: #172939)
* and H323 support (closes: #117201)
* resizing columns bugfix was applied last year (closes: #369044)
* new upstream release 1.0.0
http://
* remove debian/ directory from upstream
* update 14_disable-
* if wireshark has no priv, it now prints:
dumpcap: There are no interfaces on which a capture can be done
(closes: #468400)
* wireshark uses su-to-root now (closes: #472478)
* vulnerabilities fixed:
* The X.509sat and other dissector could crash (CVE-2008-1561)
* The LDAP dissector could crash on Windows and other platforms.
* The SCCP dissector could crash while using the "decode as"
feature (CVE-2008-1563)
-- Joost Yervante Damad <email address hidden> Tue, 01 Apr 2008 19:48:19 +0200
Packages are available from Debian sid (http://
Is there a chance of getting this release (which includes several important security fixes [but also new features!]) into Hardy?
I'd file a FFe if someone tells me if it's got a chance.
| spinkham (steve-pinkham) wrote Wireshark multiple vulnerabilities | #1 |
| description: | updated |
| Stefan Ebner (sebner) wrote | #2 |
| SK (stephantom) wrote | #3 |
Note that this bug might be badly named, as there are multiple exploitable vulnerabilities in the current version, and the previous releases should also be patched ASAP.
http://
http://
http://
http://