oss-sec mailing list archives
Re: CVE assignments for Wireshark
From: Huzaifa Sidhpurwala <huzaifas () redhat com>
Date: Thu, 20 Jan 2011 10:01:08 +0530
Hi Steven, On 01/13/2011 04:21 AM, Steven M. Christey wrote:
CVE-2011-0444 - MAC-LTE CVE-2011-0445 - ASN.1 BER
Looking at the following wireshark bug and the relevant commits: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5530 http://anonsvn.wireshark.org/viewvc?view=rev&revision=35292 http://anonsvn.wireshark.org/viewvc?view=rev&revision=35298 It seems that there are two issues here, buffer overflow in MAC-LTE dissector as well as buffer overflow in SNMP engineID preferences. This issue was however assigned only one CVE i.e. CVE-2011-0444. Do you think two CVEs (for each individual issues), should be assigned in this case?
====================================================== Name: CVE-2011-0444 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0444 Reference: MISC:https://bugs.wireshark.org/bugzilla/attachment.cgi?id=5676 Reference: CONFIRM:http://www.wireshark.org/security/wnpa-sec-2011-01.html Reference: CONFIRM:http://www.wireshark.org/security/wnpa-sec-2011-02.html Reference: CONFIRM:https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5530 Reference: VUPEN:ADV-2011-0079 Reference: URL:http://www.vupen.com/english/advisories/2011/0079 Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c) in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of RARs. ====================================================== Name: CVE-2011-0445 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0445 Reference: CONFIRM:http://www.wireshark.org/security/wnpa-sec-2011-02.html Reference: CONFIRM:https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5537 Reference: VUPEN:ADV-2011-0079 Reference: URL:http://www.vupen.com/english/advisories/2011/0079 The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (assertion failure) via crafted packets, as demonstrated by fuzz-2010-12-30-28473.pcap.
-- Huzaifa Sidhpurwala / Red Hat Security Response Team
Current thread:
- CVE assignments for Wireshark Steven M. Christey (Jan 12)
- Re: CVE assignments for Wireshark Huzaifa Sidhpurwala (Jan 19)
- Re: CVE assignments for Wireshark Josh Bressers (Jan 31)
- Re: CVE assignments for Wireshark Josh Bressers (Feb 09)
- Re: CVE assignments for Wireshark Josh Bressers (Jan 31)
- Re: CVE assignments for Wireshark Huzaifa Sidhpurwala (Jan 19)