Debian Bug report logs -
#384528
wnpa-sec-2006-02: Multiple problems in Wireshark/Ethereal
Reported by: Sam Morris <sam@robots.org.uk>
Date: Thu, 24 Aug 2006 22:18:25 UTC
Severity: grave
Tags: security
Found in version ethereal/0.10.10-2sarge4
Fixed in version 0.99.2-5.1
Done: Andreas Barth <aba@not.so.argh.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org, Debian Security Team <team@security.debian.org>, Frederic Peters <fpeters@debian.org>:
Bug#384528; Package ethereal.
(full text, mbox, link).
Acknowledgement sent to Sam Morris <sam@robots.org.uk>:
New Bug report received and forwarded. Copy sent to Debian Security Team <team@security.debian.org>, Frederic Peters <fpeters@debian.org>.
(full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: ethereal
Version: 0.10.10-2sarge4
Severity: grave
Tags: security
Justification: dos attack
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- From <http://www.wireshark.org/security/wnpa-sec-2006-02.html>:
If the SSCOP dissector has a port range configured and the SSCOP payload
protocol is Q.2931, a malformed packet could make the Q.2931 dissector use
up available memory. No port range is configured by default.
Versions affected: 0.7.9 - 0.99.2. CVE: CVE-2006-4333
The other vulnerabilities listen on that page do not apply to the
version of Ethereal in Sarge.
- -- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (530, 'testing'), (520, 'unstable'), (510, 'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-2-k7
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFE7hmhshl/216gEHgRAsZpAJ0aznD9P/pC9dQvQUm91tfJzgiEEgCgkDeh
pM3EifITi+hr/85YhkM0mZU=
=PpHk
-----END PGP SIGNATURE-----
Reply sent to Andreas Barth <aba@not.so.argh.org>:
You have taken responsibility.
(full text, mbox, link).
Notification sent to Sam Morris <sam@robots.org.uk>:
Bug acknowledged by developer.
(full text, mbox, link).
Message #10 received at 384528-done@bugs.debian.org (full text, mbox, reply):
Version: 0.99.2-5.1
This was fixed in the wireshark-package now, and ethereal is provided by
wireshark, so closing this bug report.
--
http://home.arcor.de/andreas-barth/
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Mon, 25 Jun 2007 01:07:46 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 16:14:44 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon