thr3ads.net - Secure testing team - [Secure-testing-team] Bug#553583: CVE-2009-3829 CVE-2009-3551 CVE-2009-3550 CVE-2009-3549 [Nov 2009]

If this information is useful, please help other people find it:
Share via:

Giuseppe Iuculano

2009-Nov-01 09:37 UTC

[Secure-testing-team] Bug#553583: CVE-2009-3829 CVE-2009-3551 CVE-2009-3550 CVE-2009-3549

Package: wireshark
Severity: grave
Tags: security

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hi,
the following CVE (Common Vulnerabilities & Exposures) ids were
published for wireshark.

CVE-2009-3829[0]:
| Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows
| remote attackers to execute arbitrary code or cause a denial of
| service (application crash) via a crafted erf file, related to an
| "unsigned integer wrap vulnerability."

CVE-2009-3551[1]:
| Off-by-one error in the dissect_negprot_response function in
| packet-smb.c in the SMB dissector in Wireshark 1.2.0 through 1.2.2
| allows remote attackers to cause a denial of service (application
| crash) via a file that records a malformed packet trace.  NOTE: some of
| these details are obtained from third party information.

CVE-2009-3550[2]:
| The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0
| through 1.2.2 allows remote attackers to cause a denial of service
| (NULL pointer dereference and application crash) via a file that
| records a malformed packet trace.  NOTE: some of these details are
| obtained from third party information.

CVE-2009-3549[3]:
| packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through
| 1.2.2, on SPARC and certain other platforms, allows remote attackers
| to cause a denial of service (application crash) via a file that
| records a malformed packet trace.

If you fix the vulnerabilities please also make sure to include the
CVE ids in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3829
    http://security-tracker.debian.org/tracker/CVE-2009-3829
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3551
    http://security-tracker.debian.org/tracker/CVE-2009-3551
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3550
    http://security-tracker.debian.org/tracker/CVE-2009-3550
[3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3549
    http://security-tracker.debian.org/tracker/CVE-2009-3549


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkrtVvEACgkQNxpp46476aoiqwCdGWJG9CgxX9BIUSznE/lrJrnV
4vgAnjnZneMmcrMm15whTlW4aeHfaU8S
=eSSm
-----END PGP SIGNATURE-----

Secure testing team - Nov 2009 - Bug#553583: CVE-2009-3829 CVE-2009-3551 CVE-2009-3550 CVE-2009-3549

[Secure-testing-team] Bug#553583: CVE-2009-3829 CVE-2009-3551 CVE-2009-3550 CVE-2009-3549