Wireshark Buffer Overflow in Daintree SNA Parser and Bugs in SMB, SMB2, and IPMI Dissectors Let Remote Users Execute Arbitrary Code and Deny Service
|
|
SecurityTracker Alert ID: 1023374 |
|
SecurityTracker URL: http://securitytracker.com/id/1023374
|
|
CVE Reference:
CVE-2009-4376, CVE-2009-4377, CVE-2009-4378
(Links to External Site)
|
Updated: Dec 22 2009
|
Original Entry Date: Dec 18 2009
|
Impact:
Denial of service via network, Execution of arbitrary code via network, User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 0.9.0 - 1.2.4
|
Description:
Several vulnerabilities were reported in Wireshark. A remote user can execute arbitrary code on the target system. A remote user can cause denial of service conditions.
A remote user can send specially crafted data to trigger a buffer overflow in the Daintree SNA file parser and execute arbitrary code on the target system. The code will run with the privileges of the target service. Versions 1.2.0 to 1.2.4 are affected.
A remote user can send specially crafted SMB and SMB2 data to cause the target service to crash.
A remote user can send specially crafted IPMI data to cause the target service to crash. Only versions 1.2.0 to 1.2.4 on Windows-based systems are affected.
|
Impact:
A remote user can execute arbitrary code on the target system.
A remote user can cause denial of service conditions.
|
Solution:
The vendor has issued a fix (1.2.5).
The vendor's advisory is available at:
http://www.wireshark.org/security/wnpa-sec-2009-09.html
|
Vendor URL: www.wireshark.org/security/wnpa-sec-2009-09.html (Links to External Site)
|
Cause:
Boundary error, Not specified
|
Underlying OS:
Linux (Any), UNIX (Any), Windows (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Fri, 18 Dec 2009 18:26:01 +0000
Subject: Wireshark
|
http://www.wireshark.org/security/wnpa-sec-2009-09.html
|
|
