Launchpad.net

CVE 2008-1072

The TFTP dissector in Wireshark (formerly Ethereal) 0.6.0 through 0.99.7, when running on Ubuntu 7.10, allows remote attackers to cause a denial of service (crash or memory consumption) via a malformed packet, possibly related to a Cairo library bug.

Related bugs and status

CVE-2008-1072 (Candidate) is related to these bugs:

Bug #172283: [wireshark] multiple vulnerabilities

		In	Importance	Status
172283	[wireshark] multiple vulnerabilities	wireshark (Ubuntu)	Medium	Fix Released
172283	[wireshark] multiple vulnerabilities	Wireshark	Medium	Fix Released
172283	[wireshark] multiple vulnerabilities	wireshark (Ubuntu Gutsy)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.wireshark.o...
BID: 28025
SECTRACK: 1019515
SECUNIA: 29156
CONFIRM: http://wiki.rpath.com/...
CONFIRM: https://issues.rpath.c...
MANDRIVA: MDVSA-2008:057
SUSE: SUSE-SR:2008:005
SECUNIA: 29188
SECUNIA: 29223
SECUNIA: 29242
GENTOO: GLSA-200803-32
SECUNIA: 29511
FEDORA: FEDORA-2008-2941
FEDORA: FEDORA-2008-3040
SECUNIA: 29736
REDHAT: RHSA-2008:0890
SECUNIA: 32091
CONFIRM: http://support.avaya.c...
VUPEN: ADV-2008-0704
VUPEN: ADV-2008-2773
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20080229 rPSA-2008-009...