| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 05 Apr 2013 19:15:00 +0200 From: security@...driva.com To: full-disclosure@...ts.grok.org.uk Subject: [ MDVSA-2013:055 ] wireshark -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2013:055 http://www.mandriva.com/en/support/security/ _______________________________________________________________________ Package : wireshark Date : April 5, 2013 Affected: Business Server 1.0 _______________________________________________________________________ Problem Description: Multiple vulnerabilities has been found and corrected in wireshark: Infinite and large loops in ANSI MAP, BACapp, Bluetooth HCI, IEEE 802.3, LTP, and R3 dissectors have been fixed. Discovered by Laurent Butti (http://www.wireshark.org/security/wnpa-sec-2012-08.html [CVE-2012-2392]) The DIAMETER dissector could try to allocate memory improperly and crash (http://www.wireshark.org/security/wnpa-sec-2012-09.html [CVE-2012-2393]) Wireshark could crash on SPARC processors due to misaligned memory. Discovered by Klaus Heckelmann (http://www.wireshark.org/security/wnpa-sec-2012-10.html [CVE-2012-2394]) The PPP dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via a crafted packet, as demonstrated by a usbmon dump (CVE-2012-4048). epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet (CVE-2012-4049). The DCP ETSI dissector could trigger a zero division (CVE-2012-4285). The XTP dissector could go into an infinite loop (CVE-2012-4288). The AFP dissector could go into a large loop (CVE-2012-4289). The RTPS2 dissector could overflow a buffer (CVE-2012-4296). The GSM RLC MAC dissector could overflow a buffer (CVE-2012-4297). The CIP dissector could exhaust system memory (CVE-2012-4291). The STUN dissector could crash (CVE-2012-4292). The EtherCAT Mailbox dissector could abort (CVE-2012-4293). The CTDB dissector could go into a large loop (CVE-2012-4290). Martin Wilck discovered an infinite loop in the DRDA dissector (CVE-2012-5239). The USB dissector could go into an infinite loop. (wnpa-sec-2012-31) The ISAKMP dissector could crash. (wnpa-sec-2012-35) The iSCSI dissector could go into an infinite loop. (wnpa-sec-2012-36) The WTP dissector could go into an infinite loop. (wnpa-sec-2012-37) The RTCP dissector could go into an infinite loop. (wnpa-sec-2012-38) The ICMPv6 dissector could go into an infinite loop. (wnpa-sec-2012-40) Infinite and large loops in the Bluetooth HCI, CSN.1, DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols, MPLS, R3, RTPS, SDP, and SIP dissectors (wnpa-sec-2013-01). The CLNP dissector could crash (wnpa-sec-2013-02). The DTN dissector could crash (wnpa-sec-2013-03). The MS-MMC dissector (and possibly others) could crash (wnpa-sec-2013-04). The DTLS dissector could crash (wnpa-sec-2013-05). The DCP-ETSI dissector could corrupt memory (wnpa-sec-2013-07). The Wireshark dissection engine could crash (wnpa-sec-2013-08). The NTLMSSP dissector could overflow a buffer (wnpa-sec-2013-09). The sFlow dissector could go into an infinite loop (CVE-2012-6054). The SCTP dissector could go into an infinite loop (CVE-2012-6056). The MS-MMS dissector could crash (CVE-2013-2478). The RTPS and RTPS2 dissectors could crash (CVE-2013-2480). The Mount dissector could crash (CVE-2013-2481). The AMPQ dissector could go into an infinite loop (CVE-2013-2482). The ACN dissector could attempt to divide by zero (CVE-2013-2483). The CIMD dissector could crash (CVE-2013-2484). The FCSP dissector could go into an infinite loop (CVE-2013-2485). The DTLS dissector could crash (CVE-2013-2488). This advisory provides the latest version of Wireshark (1.6.14) which is not vulnerable to these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2393 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2394 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4048 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4049 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4288 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4289 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4290 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4291 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4292 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4293 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4296 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5239 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6054 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6056 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2478 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2480 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2481 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2482 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2483 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2484 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2485 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2488 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0134 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0210 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0226 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0284 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0348 https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0034 https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0090 _______________________________________________________________________ Updated Packages: Mandriva Business Server 1/X86_64: 1817d98ba604d0b8347bf9ef5d7ddf00 mbs1/x86_64/dumpcap-1.6.14-1.mbs1.x86_64.rpm a5319dbd9c47629f4fb6797f313dfcf5 mbs1/x86_64/lib64wireshark1-1.6.14-1.mbs1.x86_64.rpm c0bb6476540803d16355bb9006179b1d mbs1/x86_64/lib64wireshark-devel-1.6.14-1.mbs1.x86_64.rpm e0b9fede48c4c4db36b22814477cfaa4 mbs1/x86_64/rawshark-1.6.14-1.mbs1.x86_64.rpm 4de1571d4b7a2cf3daea452a2d46ed78 mbs1/x86_64/tshark-1.6.14-1.mbs1.x86_64.rpm 1c3a0948612798f471d1bb6a5a9e3620 mbs1/x86_64/wireshark-1.6.14-1.mbs1.x86_64.rpm 88fea6e5203d3d0c8f38ebf9a82ae5d4 mbs1/x86_64/wireshark-tools-1.6.14-1.mbs1.x86_64.rpm e915fb3656c689705b86ab93896a5da9 mbs1/SRPMS/wireshark-1.6.14-1.mbs1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/en/support/security/advisories/ If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFRXtyXmqjQ0CJFipgRAgMzAKDwwytA+3WgVuter5KJQGZRRrYcTgCgtfRQ XHymwS7GufNjxMJpVxFzcvM= =46Zu -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists