Wireshark mailing list archives
1.8.9 and 1.8.10: some CVE(s) stated as fixed still has problems
From: "Chun Yan Liu" <cyliu () suse com>
Date: Mon, 16 Sep 2013 02:20:11 -0600
Hi, List, While update 1.8.8 to 1.8.9 on SUSE, we found some CVE(s) specified 'fixed' in release note, still has problems in new version. Now update to 1.8.10, those problems still exist. Could anyone familiar with this bugs check it? wireshark is crashing for HTTP dissector when 'Decode As...' HTTP is use CVE-2013-4081 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8733 1. # wireshark ocsp.cap 2. select packet no 7 and right click -> 'Decode As...' in Transport list choose 'HTTP' and 'Apply' --> wireshark crashes 3. Segmentation fault wireshark - GSM_CBCH dissector - gtk_text_buffer_insert_with_tags CVE-2013-4079 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8730 1 open wireshark and load the file 2 right click on any packet and choose 'Follow UDP stream' 3 observe the message: Gtk-CRITICAL **: gtk_text_buffer_insert_with_tags: assertion `text != NULL' failed The Netmon file parser could crash CVE-2013-4933 CVE-2013-4934 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8742 1. start wireshark and open netmon.pcap file (can directly run #wireshark netmon.pcap) On s390 architecture it is reproducible 100% However it can crash on the other architectures as well, but it is reproducible 30% or less - just warning is displayed all the time (usually it has crashed when I had another file already opened within wireshark and after time I have tried to open netmon). GLib-ERROR **: gmem.c:136: failed to allocate 1392509008 bytes aborting... Aborted GSM RR - crashing while using 'SCTP' - 'Analyse this association' functionality CVE-2013-4931: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8923 1. open the file 2. it is crashing when this action is performed: - right click on any packet and use SCTP -> Analyze this association Regards, Chunyan ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- 1.8.9 and 1.8.10: some CVE(s) stated as fixed still has problems Chun Yan Liu (Sep 16)