Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues

[Huzaifa Sidhpurwala <huzaifas () redhat com>]

On 06/01/2011 05:24 AM, Kurt Seifried wrote:
> I didn't see any CVE's in the Wireshark Bug tracking/advisory nor
> could I find these in the Red Hat Bugzilla (but I'm guessing as a CNA
> they have CVE #'s assigned?)
Red Hat did not assign any CVE ids yet, since most of the work mentioned
below was done by me on my personal time :)


> Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
> that a corrupted Diameter dictionary file could crash Wireshark.
> Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
This is a memory corruption flaw caused by using a custom config files.
You will normally have to social engineer the victim to use a malicious
config file and then run wireshark
> Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
> that a corrupted snoop file could crash Wireshark. (Bug 5912)
> Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
>
>
> Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
> that a corrupted Visual Networks file could crash Wireshark. (Bug
> 5934)
> Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
Both of the above are integer overflow issues, which cause subsequent
memory corruption.
> http://www.wireshark.org/security/wnpa-sec-2011-07.html
> http://www.wireshark.org/security/wnpa-sec-2011-08.html
Steve, could you please assign CVE ids to the issues mentioned in the
above URLs? thanks.

-- 
Huzaifa Sidhpurwala / Red Hat Security Response Team