Ubuntu
wireshark package

[wireshark] [CVE-2008-1561, CVE-2008-1562, CVE-2008-1563] DoS vulnerabilities

Bug #214990 reported by disabled.user on 2008-04-10

This bug report is a duplicate of: Bug #212065: More vulnerabilities in wireshark 0.99.2 through 0.99.8 (CVE-2008-156[1-3]). Edit Remove

256

Affects		Status	Importance	Assigned to	Milestone
	wireshark (Ubuntu)	New	Undecided	Unassigned

Bug Description

Binary package hint: wireshark

Quoting:

CVE-2008-1561
"Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) 0.99.5 through 0.99.8 allow remote attackers to cause a denial of service (application crash) via a malformed packet to the (1) X.509sat or (2) Roofnet dissectors. NOTE: Vector 2 might also lead to a hang."

CVE-2008-1562
"The LDAP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet, a different vulnerability than CVE-2006-5740."

CVE-2008-1563
"The 'decode as' feature in packet-bssap.c in the SCCP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet."

CVE References

Report a bug

This report contains Public Security information

Everyone can see this security related information.

Duplicate of bug #212065 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntuwireshark package