Debian Bug report logs -
#630159
wireshark: multiple security issues
Reported by: Nico Golde <nion@debian.org>
Date: Sat, 11 Jun 2011 16:39:01 UTC
Severity: grave
Tags: security
Fixed in versions wireshark/1.6.0-1, wireshark/1.2.11-6+squeeze2
Done: Balint Reczey <balint@balintreczey.hu>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Balint Reczey <balint@balintreczey.hu>:
Bug#630159; Package wireshark.
(Sat, 11 Jun 2011 16:39:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Nico Golde <nion@debian.org>:
New Bug report received and forwarded. Copy sent to Balint Reczey <balint@balintreczey.hu>.
(Sat, 11 Jun 2011 16:39:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: wireshark
Severity: grave
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Exposures) ids were
published for wireshark.
CVE-2011-2175[0]:
| Integer underflow in the visual_read function in wiretap/visual.c in
| Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote
| attackers to cause a denial of service (application crash) via a
| malformed Visual Networks file that triggers a heap-based buffer
| over-read.
CVE-2011-2174[1]:
| Double free vulnerability in the tvb_uncompress function in
| epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7
| allows remote attackers to cause a denial of service (application
| crash) via a packet with malformed data that uses zlib compression.
CVE-2011-1959[2]:
| The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before
| 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain
| virtualizable buffers, which allows remote attackers to cause a denial
| of service (application crash) via a large length value in a snoop
| file that triggers a stack-based buffer over-read.
If you fix the vulnerabilities please also make sure to include the
CVE ids in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2175
http://security-tracker.debian.org/tracker/CVE-2011-2175
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2174
http://security-tracker.debian.org/tracker/CVE-2011-2174
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1959
http://security-tracker.debian.org/tracker/CVE-2011-1959
--
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.
[Message part 2 (application/pgp-signature, inline)]
Bug Marked as fixed in versions wireshark/1.6.0-1.
Request was from Bálint Réczey <balint@balintreczey.hu>
to control@bugs.debian.org.
(Tue, 14 Jun 2011 20:09:19 GMT) (full text, mbox, link).
Reply sent
to balint@balintreczey.hu:
You have taken responsibility.
(Tue, 14 Jun 2011 20:09:22 GMT) (full text, mbox, link).
Notification sent
to Nico Golde <nion@debian.org>:
Bug acknowledged by developer.
(Tue, 14 Jun 2011 20:09:22 GMT) (full text, mbox, link).
Message #12 received at 630159-done@bugs.debian.org (full text, mbox, reply):
fixed 630159 1.6.0-1
thanks
Reply sent
to Balint Reczey <balint@balintreczey.hu>:
You have taken responsibility.
(Sat, 09 Jul 2011 01:57:03 GMT) (full text, mbox, link).
Notification sent
to Nico Golde <nion@debian.org>:
Bug acknowledged by developer.
(Sat, 09 Jul 2011 01:57:03 GMT) (full text, mbox, link).
Message #17 received at 630159-close@bugs.debian.org (full text, mbox, reply):
Source: wireshark
Source-Version: 1.2.11-6+squeeze2
We believe that the bug you reported is fixed in the latest version of
wireshark, which is due to be installed in the Debian FTP archive:
tshark_1.2.11-6+squeeze2_amd64.deb
to main/w/wireshark/tshark_1.2.11-6+squeeze2_amd64.deb
wireshark-common_1.2.11-6+squeeze2_amd64.deb
to main/w/wireshark/wireshark-common_1.2.11-6+squeeze2_amd64.deb
wireshark-dbg_1.2.11-6+squeeze2_amd64.deb
to main/w/wireshark/wireshark-dbg_1.2.11-6+squeeze2_amd64.deb
wireshark-dev_1.2.11-6+squeeze2_amd64.deb
to main/w/wireshark/wireshark-dev_1.2.11-6+squeeze2_amd64.deb
wireshark_1.2.11-6+squeeze2.debian.tar.gz
to main/w/wireshark/wireshark_1.2.11-6+squeeze2.debian.tar.gz
wireshark_1.2.11-6+squeeze2.dsc
to main/w/wireshark/wireshark_1.2.11-6+squeeze2.dsc
wireshark_1.2.11-6+squeeze2_amd64.deb
to main/w/wireshark/wireshark_1.2.11-6+squeeze2_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 630159@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Balint Reczey <balint@balintreczey.hu> (supplier of updated wireshark package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 12 Jun 2011 21:23:05 +0200
Source: wireshark
Binary: wireshark-common wireshark tshark wireshark-dev wireshark-dbg
Architecture: source amd64
Version: 1.2.11-6+squeeze2
Distribution: stable-security
Urgency: high
Maintainer: Balint Reczey <balint@balintreczey.hu>
Changed-By: Balint Reczey <balint@balintreczey.hu>
Description:
tshark - network traffic analyzer - console version
wireshark - network traffic analyzer - GTK+ version
wireshark-common - network traffic analyzer - common files
wireshark-dbg - network traffic analyzer - debug symbols
wireshark-dev - network traffic analyzer - development tools
Closes: 630159
Changes:
wireshark (1.2.11-6+squeeze2) stable-security; urgency=high
.
* security fixes from Wireshark 1.2.16:
- The X.509if dissector could crash. (CVE-2011-1590)
.
* security fixes from Wireshark 1.2.17 (Closes: #630159):
- Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
that a corrupted Visual Networks file could crash Wireshark.
(CVE-2011-2175)
- David Maciejak of Fortinet's FortiGuard Labs discovered that
malformed compressed capture data could crash Wireshark.
(CVE-2011-2174)
- Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
that a corrupted snoop file could crash Wireshark.
(CVE-2011-1959)
- Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
that a corrupted Diameter dictionary file could crash Wireshark.
(CVE-2011-1958)
- Large/infinite loop in the DICOM dissector.
(CVE-2011-1957)
Checksums-Sha1:
80d392e158ebe5db876fe1e2349de2ee2a614964 1747 wireshark_1.2.11-6+squeeze2.dsc
1d69136355956f705ba63048f4c53bf527e4a672 76540 wireshark_1.2.11-6+squeeze2.debian.tar.gz
a3019453ed2d0b569fed38eec2c0516dc828de51 13777432 wireshark-common_1.2.11-6+squeeze2_amd64.deb
03beda130e905eb77ab9d44b624b4f0acdf3c869 798674 wireshark_1.2.11-6+squeeze2_amd64.deb
a606d0f51a6a6b30718a293d1b8b820614481833 133482 tshark_1.2.11-6+squeeze2_amd64.deb
5c12640e1de9481b91cc7180dd83d4a84c461eee 775200 wireshark-dev_1.2.11-6+squeeze2_amd64.deb
edc0bf59267174d2a970bf02a02d2291cb4e71cc 15779884 wireshark-dbg_1.2.11-6+squeeze2_amd64.deb
Checksums-Sha256:
9a72f1a37b045fb81f446bfedee92d7281a11df8b3051943fd504e247a68d1a6 1747 wireshark_1.2.11-6+squeeze2.dsc
f393d1a056cd6b7687e7fd663324d9a5f22892e9bd6a134de5f3780910e19c9a 76540 wireshark_1.2.11-6+squeeze2.debian.tar.gz
f17e8ad9d81019075e887bdd33a1c4135a5d38a35a16db65dc1d6dc9aec5e5d7 13777432 wireshark-common_1.2.11-6+squeeze2_amd64.deb
a75df94a82edc362f04928015d85a8dacb7cd0482bba8b26e37092b3f449ad5e 798674 wireshark_1.2.11-6+squeeze2_amd64.deb
c5a970ea9b24edbf254c85a7d063091c9120787f5cf31d4e7495e144ddf4c455 133482 tshark_1.2.11-6+squeeze2_amd64.deb
c58759aa14a2a6fbc26dd4d2402559423149ecb13d0a593f16152ca1b76bbba5 775200 wireshark-dev_1.2.11-6+squeeze2_amd64.deb
128241b74457f7adb9a6dcfc9e474d37821cfd90ca7e42a298793b3df96060b9 15779884 wireshark-dbg_1.2.11-6+squeeze2_amd64.deb
Files:
f59592f18e885c9e551c179aa0dac3fb 1747 net optional wireshark_1.2.11-6+squeeze2.dsc
bf8ea354cc5662b29ec8d7192690f118 76540 net optional wireshark_1.2.11-6+squeeze2.debian.tar.gz
8973b00728fe15902946c82ebdbeff7b 13777432 net optional wireshark-common_1.2.11-6+squeeze2_amd64.deb
6132166036d2a05a5712108a6e7ab915 798674 net optional wireshark_1.2.11-6+squeeze2_amd64.deb
b202852343686f7bde27ecffba420ed0 133482 net optional tshark_1.2.11-6+squeeze2_amd64.deb
f739d1e59a5cd2a2278eae1e06244be7 775200 devel optional wireshark-dev_1.2.11-6+squeeze2_amd64.deb
eecd9dd83133e6bd7fd8f9c177a850ec 15779884 debug extra wireshark-dbg_1.2.11-6+squeeze2_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk39kz4ACgkQ0/r2+3z8lN3AoQCgiBd4kseszJNfXA9UOj/ZixyN
PvQAnRf5Mz5HuTQrA6qWNm9KfEjW18yq
=7irw
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 09 Oct 2011 07:35:20 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 18:57:00 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon