Re: CVE request for new wireshark vulnerabilities

[Josh Bressers <bressers () redhat com>]

Steve,

It's been a few days. I presume you're not taking this one (MITRE is
mentioned at the end)? If not I'll do it.

Thanks.

-- 
    JB

----- "Vincent Danen" <vdanen () redhat com> wrote:

> We've received notification of new wireshark releases (1.2.9 and
> 1.0.14)
> and require CVE names assigned (the updates were made available
> upstream
> on June 9th).
>
> The following are the particulars, which have more details than the
> upstream advisory
> (http://www.wireshark.org/security/wnpa-sec-2010-06.html):
>
> >  The SMB dissector could dereference a NULL pointer.
> >  Fixed in trunk: r32650
> >  Fixed in trunk-1.2: r33142
> >  Fixed in trunk-1.0: r33145
> >  Bug 4734
> >  Versions affected: 0.99.6 to 1.0.13, 1.2.0 to 1.2.8
> >
> >  J. Oquendo discovered that the ASN.1 BER dissector could overrun
> >  the stack.
> >  Fixed in trunk: r32922, r33046
> >  Fixed in trunk-1.2: r33122
> >  Fixed in trunk-1.0: r33146
> >  Versions affected: 0.10.13 to 1.0.13, 1.2.0 to 1.2.8
> >
> >  The SMB PIPE dissector could dereference a NULL pointer on some
> >  platforms.
> >  Fixed in trunk: r32848
> >  Fixed in trunk-1.2: r33120
> >  Fixed in trunk-1.0: r33143
> >  Versions affected: 0.8.20 to 1.0.13, 1.2.0 to 1.2.8
> >
> >  The SigComp Universal Decompressor Virtual Machine could go into
> >  an infinite loop.
> >  Fixed in trunk: r33061, r33065
> >  Fixed in trunk-1.2: r33131
> >  Fixed in trunk-1.0: r33147
> >  Bug 4826
> >  Versions affected: 0.10.7 to 1.0.13, 1.2.0 to 1.2.8
> >
> >  The SigComp Universal Decompressor Virtual Machine could overrun
> >  a buffer.
> >  Fixed in trunk: r33087, r33090
> >  Fixed in trunk-1.2: r33134
> >  Fixed in trunk-1.0: r33149
> >  Bug 4837
> >  Versions affected: 0.10.8 to 1.0.13, 1.2.0 to 1.2.8
>
> I'm not sure if MITRE has noticed these already or not, so I've not
> assigned CVE names to these issues.
>
> -- 
> Vincent Danen / Red Hat Security Response Team