Author: jmm-guest Date: 2007-01-24 23:51:09 +0100 (Wed, 24 Jan 2007) New Revision: 5349 Modified: data/CVE/list Log: wireshark CVEfied Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-01-24 22:43:15 UTC (rev 5348) +++ data/CVE/list 2007-01-24 22:51:09 UTC (rev 5349) @@ -26,6 +26,18 @@ - dazuko-source <unfixed> (bug #408300) CVE-2007-0460 (Buffer overflow in ulogd for SUSE Linux 9.3 up to 10.1, and possibly ...) TODO: check if ulogd is vulnerable in Debian. +CVE-2007-0459 [wireshark TCP dissector infinite loop DoS] + - wireshark 0.99.4-4 (low) + [sarge] - ethereal <not-affected> (Vulnerable code not present) +CVE-2007-0458 [wireshark HTTP dissector infinite loop DoS] + - wireshark 0.99.4-4 (low) + [sarge] - ethereal <not-affected> (Vulnerable code not present) +CVE-2007-0457 [wireshark IEEE802.11 int overflow DoS] + - wireshark 0.99.4-4 (low) + [sarge] - ethereal <not-affected> (Vulnerable code not present) +CVE-2007-0456 [wireshark LLT dissector NULL deref] + - wireshark 0.99.4-4 (low) + [sarge] - ethereal <not-affected> (Vulnerable code not present) CVE-2007-0459 RESERVED CVE-2007-0458 @@ -251,10 +263,6 @@ - gstreamer0.10-ffmpeg 0.10.1-5 - gst-ffmpeg 0.8.7-9 TODO: check other ffmpeg related packages -CVE-2007-XXXX [wireshark multiple issues fixed in 0.99.5pre1] - - wireshark 0.99.4-4 (low) - [sarge] - ethereal <not-affected> (Vulnerable code not present) - NOTE: Oldest affected Ethereal version is 0.10.14 CVE-2007-XXXX [netpbm heap corruption] - netpbm-free 2:10.0-11 (bug #407605) CVE-2007-0363 (Cross-site scripting (XSS) vulnerability in admin-search.php in (1) ...)