Bug 2974

Summary: multiple security issues for wireshark: CVE-2011-3482, CVE-2011-3360, CVE-2011-3483, CVE-2011-3484
Product: Mageia Reporter: Florian Hubold <doktor5000>
Component: SecurityAssignee: Florian Hubold <doktor5000>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: Normal    
Version: 1   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: CVE:
Status comment:

Description Florian Hubold 2011-10-08 10:05:20 CEST 
Description of problem:

CVE-2011-3482

The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.2 does not initialize a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.

CVE-2011-3360

Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory.

CVE-2011-3483

Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (application crash) via a malformed capture file that leads to an invalid root tvbuff, related to a "buffer exception handling vulnerability."

CVE-2011-3484

The unxorFrame function in epan/dissectors/packet-opensafety.c in the OpenSafety dissector in Wireshark 1.6.x before 1.6.2 does not properly validate a certain frame size, which allows remote attackers to cause a denial of service (loop and application crash) via a malformed packet.
Florian Hubold 2011-10-08 10:05:43 CEST

Status: NEW => ASSIGNED

Comment 1 Florian Hubold 2011-10-17 15:13:33 CEST 
Cauldron wireshark package is not susceptible for these security issues, and for Mageia 1 those issues are fixed with the validated update from https://bugs.mageia.org/show_bug.cgi?id=2352

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED