User: Password:
|
|
Subscribe / Log in / New account

wireshark: multiple vulnerabilities

Package(s):wireshark CVE #(s):CVE-2012-0041 CVE-2012-0042 CVE-2012-0043
Created:January 23, 2012 Updated:January 27, 2012
Description: From the Red Hat bugzilla [1], [2], [3]:

Laurent Butti discovered that Wireshark failed to properly check record sizes for many packet capture file formats. It may be possible to make Wireshark crash by convincing someone to read a malformed packet trace file. This is corrected in upstream 1.4.11 and 1.6.5.

Wireshark was improperly handling NULL pointers when displaying packet information which could lead to a crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. This is corrected in upstream 1.4.11 and 1.6.5.

The RLC dissector could overflow a buffer. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. This is corrected in upstream 1.4.11 and 1.6.5.

Alerts:
Oracle ELSA-2013-1569 wireshark 2013-11-26
Gentoo GLSA 201308-05:02 wireshark 2013-08-30
Gentoo 201308-05 wireshark 2013-08-28
Oracle ELSA-2013-0125 wireshark 2013-01-12
Scientific Linux SL-wire-20130116 wireshark 2013-01-16
CentOS CESA-2012:0509 wireshark 2012-04-24
Oracle ELSA-2012-0509 wireshark 2012-04-23
Scientific Linux SL-wire-20120423 wireshark 2012-04-23
Red Hat RHSA-2012:0509-01 wireshark 2012-04-23
openSUSE openSUSE-SU-2012:0295-1 wireshark 2012-02-23
Debian DSA-2395-1 wireshark 2012-01-27
Fedora FEDORA-2012-0440 wireshark 2012-01-24
Fedora FEDORA-2012-0435 wireshark 2012-01-22

(Log in to post comments)


Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds