oss-sec mailing list archives
Re: CVE request for new wireshark vulnerabilities
From: "Steven M. Christey" <coley () linus mitre org>
Date: Mon, 14 Jun 2010 16:30:36 -0400 (EDT)
On Thu, 10 Jun 2010, Vincent Danen wrote:
The SMB dissector could dereference a NULL pointer. Fixed in trunk: r32650 Fixed in trunk-1.2: r33142 Fixed in trunk-1.0: r33145 Bug 4734 Versions affected: 0.99.6 to 1.0.13, 1.2.0 to 1.2.8
Use CVE-2010-2283
J. Oquendo discovered that the ASN.1 BER dissector could overrun the stack. Fixed in trunk: r32922, r33046 Fixed in trunk-1.2: r33122 Fixed in trunk-1.0: r33146 Versions affected: 0.10.13 to 1.0.13, 1.2.0 to 1.2.8
Use CVE-2010-2284
The SMB PIPE dissector could dereference a NULL pointer on some platforms. Fixed in trunk: r32848 Fixed in trunk-1.2: r33120 Fixed in trunk-1.0: r33143 Versions affected: 0.8.20 to 1.0.13, 1.2.0 to 1.2.8
Use CVE-2010-2285
The SigComp Universal Decompressor Virtual Machine could go into an infinite loop. Fixed in trunk: r33061, r33065 Fixed in trunk-1.2: r33131 Fixed in trunk-1.0: r33147 Bug 4826 Versions affected: 0.10.7 to 1.0.13, 1.2.0 to 1.2.8
Use CVE-2010-2286
The SigComp Universal Decompressor Virtual Machine could overrun a buffer. Fixed in trunk: r33087, r33090 Fixed in trunk-1.2: r33134 Fixed in trunk-1.0: r33149 Bug 4837 Versions affected: 0.10.8 to 1.0.13, 1.2.0 to 1.2.8
Use CVE-2010-2287 - Steve
Current thread:
- CVE request for new wireshark vulnerabilities Vincent Danen (Jun 10)
- Re: CVE request for new wireshark vulnerabilities Josh Bressers (Jun 14)
- Re: CVE request for new wireshark vulnerabilities Steven M. Christey (Jun 14)