Ubuntu
wireshark package

[wireshark] multiple vulnerabilities

Bug #172283 reported by disabled.user on 2007-11-27

260

	Status	Importance	Assigned to
Wireshark	Fix Released	Medium	gentoo-bugs #212149
wireshark (Ubuntu)	Fix Released	Medium	Unassigned
Gutsy	Fix Released	Medium	Emanuele Gentili

Bug Description

Binary package hint: wireshark

References:
DSA-1414-1 (http://www.debian.org/security/2007/dsa-1414)

Quoting:
"Several remote vulnerabilities have been discovered in the Wireshark
network traffic analyzer, which may lead to denial of service or the
execution of arbitrary code."

Related branches

lp:ubuntu/gutsy-security/wireshark

CVE References

Revision history for this message

Ryan Andorfer (randorfer-gmail) wrote on 2007-12-20:

Further exploits for wireshark .99.6 (gutsy)

Note, these are fixed in .99.7 which is currently in hardy (security backport?)

Revision history for this message

disabled.user (disabled.user-deactivatedaccount) wrote on 2008-01-04:

See also DSA-1446-1 (http://www.debian.org/security/2007/dsa-1446).

Revision history for this message

disabled.user (disabled.user-deactivatedaccount) wrote on 2008-01-07:

Sorry, I posted a slightly wrong URL to DSA-1446-1.

http://www.debian.org/security/2008/dsa-1446

Revision history for this message

disabled.user (disabled.user-deactivatedaccount) wrote on 2008-02-26:

Also added missing CVE references mentioned in SUSE Security Summary Report SUSE-SR:2008:004.

Revision history for this message

Stephan Rügamer (sruegamer) wrote on 2008-02-28:

These CVEs are already fixed in Ubuntu...

See https://bugs.launchpad.net/ubuntu/+source/wireshark/+bug/164501

    * 2007-6111
    * 2007-6112
    * 2007-6113
    * 2007-6114
    * 2007-6115
    * 2007-6116
    * 2007-6117
    * 2007-6118
    * 2007-6119
    * 2007-6120
    * 2007-6121

Revision history for this message

Stephan Rügamer (sruegamer) wrote on 2008-02-28:

I'll deal with it during the next weekend...
Or as Dr. VanDoom said in "The Fantastic Four"
"This will be fun..."

Changed in wireshark:
assignee:	nobody → shermann
importance:	Undecided → Medium
status:	New → Confirmed

Revision history for this message

Stephan Rügamer (sruegamer) wrote on 2008-02-28:

There are also new issues in 0.99.7:
From upstream:

Summary

Name: Multiple problems in Wireshark® (formerly Ethereal®) versions 0.6.0 to 0.99.7

Docid: wnpa-sec-2008-01

Date: February 27, 2008

Versions affected: 0.6.0 up to and including 0.99.7
Details
Description

Wireshark 0.99.8 fixes the following vulnerabilities:

    * The SCTP dissector could crash.
      Versions affected: 0.99.5 to 0.99.7
    * The SNMP dissector could crash. (Bugs 2144 and 2277)
      Versions affected: 0.99.6 to 0.99.7
    * The TFTP dissector could crash Wireshark on Ubuntu 7.10. (This appears to be a bug in the Cairo library on that platform.) Reported by Noam Rathaus.
      Versions affected: 0.6.0 to 0.99.7

Impact

It may be possible to make Wireshark or Ethereal crash or use up available memory by injecting a purposefully malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
Resolution

Upgrade to Wireshark 0.99.8.

If are running Wireshark 0.99.7 or Ethereal 0.99.0 or earlier and cannot upgrade, you can work around each of the problems listed above by doing the following:

    * Disable the SCTP, SNMP and TFTP dissectors.
          o Select Analyze→Enabled Protocols... from the menu.
          o Make sure "SCTP," "SNMP," and "TFTP" are un-checked.
          o Click "Save", then click "OK".

Revision history for this message

disabled.user (disabled.user-deactivatedaccount) wrote on 2008-03-05:

Also adding CVE references mentioned in MDVSA-2008:057 (http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:057).

Revision history for this message

disabled.user (disabled.user-deactivatedaccount) wrote on 2008-03-05:

Um, I guess the CVE references list got a little too long, because the added references won't show up any more...

Adding them here:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1070
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1071
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1072

Should newly discovered vulnerabilities regarding wireshark be reported in a new bug report? I'd guess I'm not the only one who's currently a bit in the dark regarding which CVEs are still affecting Ubuntu's wireshark...

Revision history for this message

disabled.user (disabled.user-deactivatedaccount) wrote on 2008-03-05:

#10

Okay, after mentioning the new CVEs in my previous comment, they suddenly showed up in the CVE references list. Weird.

Revision history for this message

Stephan Rügamer (sruegamer) wrote on 2008-03-05:

#11

Please push new CVEs into a new bugreport....
It's difficult (especially for wireshark) to fix all bugs in one go...so I would like to see separated bug reports...

thx for you work,

\sh

Revision history for this message

Emanuele Gentili (emgent) wrote on 2008-03-23:

#12

removed duplicated CVS

Revision history for this message

Emanuele Gentili (emgent) wrote on 2008-03-24:

#13

CVE-2008-1071 does not seem to be reproducible in gutsy.

http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2144

Revision history for this message

Stephan Rügamer (sruegamer) wrote on 2008-03-24:

#14

@Emanuele:

Did you test it with our version in gutsy?

Revision history for this message

Emanuele Gentili (emgent) wrote on 2008-03-24:

#15

yes

Revision history for this message

Emanuele Gentili (emgent) wrote on 2008-03-25:

#16

gutsy_wireshark_0.99.6rel-3ubuntu0.2.debdiff Edit (21.6 KiB, text/plain)

Bug Watch Updater (bug-watch-updater) on 2008-03-26

Changed in wireshark:
status:	Unknown → In Progress

Bug Watch Updater (bug-watch-updater) on 2008-04-02

Changed in wireshark:
status:	In Progress → Fix Released

Revision history for this message

Stephan Rügamer (sruegamer) wrote on 2008-04-03:

#17

@Emgent: debdiff looks good

@Kees/JdStrand: can you put it on your radar pls for gutsy...

Thx.

\sh

Emanuele Gentili (emgent) on 2008-04-03

Changed in wireshark:
assignee:	shermann → emgent

Emanuele Gentili (emgent) on 2008-06-26

Changed in wireshark:
status:	Confirmed → In Progress

Kees Cook (kees) on 2008-06-30

Changed in wireshark:
assignee:	nobody → emgent
status:	New → In Progress
assignee:	emgent → nobody
status:	In Progress → Fix Released
importance:	Undecided → Medium

Revision history for this message

Kees Cook (kees) wrote on 2008-06-30:

#18

This is building now, and will be published shortly in Gutsy. Thanks!

Changed in wireshark:
status:	In Progress → Fix Committed

Revision history for this message

Kees Cook (kees) wrote on 2008-07-02:

#19

(Manually flipping to "Fix Released") This has published as part of the first-ever end-to-end test run of the shiny new security-in-soyuz queues. :)

Changed in wireshark:
status:	Fix Committed → Fix Released

Bug Watch Updater (bug-watch-updater) on 2011-02-04

Changed in wireshark:
importance:	Unknown → Medium

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Patches

gutsy_wireshark_0.99.6rel-3ubuntu0.2.debdiff Edit

Add patch

Remote bug watches

gentoo-bugs #212149
[RESOLVED FIXED] Edit
wireshark-bugs #2144
[RESOLVED FIXED] Edit

Bug watches keep track of this bug in other bug trackers.

Ubuntuwireshark package

[wireshark] multiple vulnerabilities

Bug Description

Related branches

CVE References

Other bug subscribers

Patches

Remote bug watches

Ubuntu
wireshark package