Wireshark X.509sat/Roofnet/LDAP/SCCP Dissector Bugs Let Remote Users Deny Service
|
|
SecurityTracker Alert ID: 1019728
|
|
SecurityTracker URL: http://securitytracker.com/id?1019728
|
|
CVE Reference: CVE-2008-1561
, CVE-2008-1562
, CVE-2008-1563
(Links to External Site)
|
Updated: Apr 10 2008
|
Original Entry Date: Mar 28 2008
|
Impact: Denial of service via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): 0.99.2 through 0.99.8
|
Description: A vulnerability was reported in Wireshark. A remote user can cause denial of service conditions.
A remote user can send specially crafted data to cause the target service to crash.
The X.509sat dissector is affected on versions
0.99.5 through 0.99.8.
The Roofnet dissector is affected on versions 0.99.5 through 0.99.8 on Windows, Solaris, and other platforms.
The
LDAP dissector is affected on versions 0.99.2 through 0.99.8 on Windows and other platforms.
The 'decode as' feature of the SCCP
dissector is affected on versions 0.99.6 through 0.99.8.
|
Impact: A remote user can cause Wireshark to crash.
|
Solution: The vendor has issued a fixed version (1.00).
The vendor's advisory is available at:
http://www.wireshark.org/security/wnpa-sec-2008-02.html
|
Vendor URL: www.wireshark.org/security/wnpa-sec-2008-02.html (Links to External Site)
|
Cause: Not specified
|
Underlying OS: Linux (Any), UNIX (Any), Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Fri, 28 Mar 2008 10:50:47 -0500
Subject: Wireshark
|
http://www.wireshark.org/security/wnpa-sec-2008-02.html
|
|
