oss-security - Re: CVE Request -- wireshark: Wireshark 1.6.12 and Wireshark 1.8.4 fixes

Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 29 Nov 2012 11:21:38 -0700
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Jan Lieskovsky <jlieskov@...hat.com>,
        "Steven M. Christey" <coley@...us.mitre.org>,
        Gerald Combs <gerald@...eshark.org>, Peter Hatina <phatina@...hat.com>
Subject: Re: CVE Request -- wireshark: Wireshark 1.6.12 and
 Wireshark 1.8.4 fixes

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/29/2012 11:07 AM, Jan Lieskovsky wrote:
> Hello Kurt, Steve, vendors,
> 
> Wireshark upstream has recently released v1.6.12 and v1.8.4
> versions, correcting the following security issues:

Posted CVEs at bottom

> * #1 pcap-ng hostname disclosure (wnpa-sec-2012-30) 
> http://www.wireshark.org/security/wnpa-sec-2012-30.html 
> https://bugzilla.redhat.com/show_bug.cgi?id=881855
> 
> * #2 DoS (infinite loop) in the USB dissector (wnpa-sec-2012-31) 
> http://www.wireshark.org/security/wnpa-sec-2012-31.html 
> https://bugzilla.redhat.com/show_bug.cgi?id=881822
> 
> * #3 DoS (infinite loop) in the sFlow dissector (wnpa-sec-2012-32) 
> http://www.wireshark.org/security/wnpa-sec-2012-32.html 
> https://bugzilla.redhat.com/show_bug.cgi?id=881816
> 
> * #4 DoS (infinite loop) in the SCTP dissector (wnpa-sec-2012-33) 
> http://www.wireshark.org/security/wnpa-sec-2012-33.html 
> https://bugzilla.redhat.com/show_bug.cgi?id=881809
> 
> * #5 DoS (infinite loop) in the EIGRP dissector (wnpa-sec-2012-34) 
> http://www.wireshark.org/security/wnpa-sec-2012-34.html 
> https://bugzilla.redhat.com/show_bug.cgi?id=881805
> 
> * #6 DoS (crash) in the ISAKMP dissector (wnpa-sec-2012-35) 
> http://www.wireshark.org/security/wnpa-sec-2012-35.html 
> https://bugzilla.redhat.com/show_bug.cgi?id=881790
> 
> * #7 DoS (infinite loop) in the iSCSI dissector (wnpa-sec-2012-36) 
> http://www.wireshark.org/security/wnpa-sec-2012-36.html 
> https://bugzilla.redhat.com/show_bug.cgi?id=881771
> 
> * #8 DoS (infinite loop) in the WTP dissector (wnpa-sec-2012-37) 
> http://www.wireshark.org/security/wnpa-sec-2012-37.html 
> https://bugzilla.redhat.com/show_bug.cgi?id=881748
> 
> * #9 DoS (infinite loop) in the RTCP dissector (wnpa-sec-2012-38) 
> http://www.wireshark.org/security/wnpa-sec-2012-38.html 
> https://bugzilla.redhat.com/show_bug.cgi?id=881742
> 
> * #10 DoS (infinite loop) in the 3GPP2 A11 dissector
> (wnpa-sec-2012-39) 
> http://www.wireshark.org/security/wnpa-sec-2012-39.html 
> https://bugzilla.redhat.com/show_bug.cgi?id=881706
> 
> * #11 DoS (infinite loop) in the ICMPv6 dissector
> (wnpa-sec-2012-40) 
> http://www.wireshark.org/security/wnpa-sec-2012-40.html 
> https://bugzilla.redhat.com/show_bug.cgi?id=881701

CVE-2012-5592 Wireshark #1 pcap-ng hostname disclosure (wnpa-sec-2012-30)

CVE-2012-5593 Wireshark #2 DoS (infinite loop) in the USB dissector
(wnpa-sec-2012-31)

CVE-2012-5594 Wireshark #3 DoS (infinite loop) in the sFlow dissector
(wnpa-sec-2012-32)

CVE-2012-5595 Wireshark #4 DoS (infinite loop) in the SCTP dissector
(wnpa-sec-2012-33)

CVE-2012-5596 Wireshark #5 DoS (infinite loop) in the EIGRP dissector
(wnpa-sec-2012-34)

CVE-2012-5597 Wireshark #6 DoS (crash) in the ISAKMP dissector
(wnpa-sec-2012-35)

CVE-2012-5598 Wireshark #7 DoS (infinite loop) in the iSCSI dissector
(wnpa-sec-2012-36)

CVE-2012-5599 Wireshark #8 DoS (infinite loop) in the WTP dissector
(wnpa-sec-2012-37)

CVE-2012-5600 Wireshark #9 DoS (infinite loop) in the RTCP dissector
(wnpa-sec-2012-38)

CVE-2012-5601 Wireshark #10 DoS (infinite loop) in the 3GPP2 A11
dissector (wnpa-sec-2012-39)

CVE-2012-5602 Wireshark #11 DoS (infinite loop) in the ICMPv6
dissector (wnpa-sec-2012-40)


> 
> Other references: 
> http://www.wireshark.org/docs/relnotes/wireshark-1.6.12.html 
> http://www.wireshark.org/docs/relnotes/wireshark-1.8.4.html 
> http://www.wireshark.org/security/ 
> https://bugs.gentoo.org/show_bug.cgi?id=445138 
> https://bugs.mageia.org/show_bug.cgi?id=8239
> 
> Could you allocate CVE ids for these?
> 
> Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat
> Security Response Team
> 
> P.S.: Particular Red Hat bugzilla entries contain further
> information (upstream bug, reproducer && patches where available).
> 


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJQt6eyAAoJEBYNRVNeJnmTvFgP/37Utl+929te2/hxLu0Lm4O3
d3RD6S/odxhTxVeLR4SP2q32mgsxEZhPS5VAD45oUez7WmihHsjuhr5qlz3unqGY
k90aHnhjTRS8h4wRHcw4VByy/X//wEu8dZ0j+5IGhTRcy9t/1rFNUSsMDV35ixp/
wMd3b2bV7jKIvXUAmjtyt+dj8gPmKavmrJW0Tx0g1nxZxwE7OStTLnRZHNyEHn38
6tLFvp055SoKim8MODsfoLbeyk/1+IKdgxaY3Xq9lCvsNsK0Pk33YYraEqQC3dp3
7zTPKrdk606SD2uThpN9bCE/4XEZ3X+aZ7EMNK/liOvdovSBPEHKpXN71/jI7znI
ABr311hlxqNzkOixAPW3gIDfQnW+0j/PV5h+wDsnFccge+SGVlaqTuZl6oh+zpBy
TDMtyQN42xQSyUmuSXAn1BGiG21yH5kSy453Kwwfece4jR8sRMqY+v9OQhdDe17b
EwatMs2EzqAjyc3X57hqfTKZck2Xr52aSAzVa7aYQcMhrw79QkzN0rvW/khE4YWk
fVwlZ3tW2SANYg7JT5lnC5HNSWUgyZD3x+6HoLCm2vmdui+6oA9BcHcNlQiuSrNV
esNWC7GmRPsx5ga7Vwwt9pr5rLPRkyJc+leul5JOiANRlTlYyCmGwBD6pFcHANIR
j65xhhoqWHTYSwIJpCSS
=n6TZ
-----END PGP SIGNATURE-----
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.