The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Wireshark: denials of service

Synthesis of the vulnerability 

Several vulnerabilities of Wireshark can be used by a remote attacker to create a denial of service.
Vulnerable products: Debian, Ethereal, Fedora, Mandriva Linux, NLD, OES, openSUSE, RHEL, SLES, Wireshark.
Severity of this weakness: 1/4.
Number of vulnerabilities in this bulletin: 3.
Creation date: 09/04/2009.
Références of this bulletin: BID-34457, CVE-2009-1267, CVE-2009-1268, CVE-2009-1269, DSA-1785-1, DSA-1942-1, FEDORA-2009-3599, MDVSA-2009:088, RHSA-2009:1100-01, SUSE-SR:2009:011, VIGILANCE-VUL-8616, wnpa-sec-2009-02.

Description of the vulnerability 

The Wireshark program captures and displays network packets. Protocols are decoded by dissectors. They have several vulnerabilities.

An attacker can use a LDAP packet in order to stop Wireshark under Windows. [severity:1/4; CVE-2009-1267]

An attacker can use a CPHAP (Check Point High-Availability Protocol) packet in order to stop Wireshark. [severity:1/4; CVE-2009-1268]

An attacker can create a malicious Tektronix .rf5 file in order to stop Wireshark. [severity:1/4; CVE-2009-1269]
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This security bulletin impacts software or systems such as Debian, Ethereal, Fedora, Mandriva Linux, NLD, OES, openSUSE, RHEL, SLES, Wireshark.

Our Vigil@nce team determined that the severity of this cybersecurity announce is low.

The trust level is of type confirmed by the editor, with an origin of internet client.

This bulletin is about 3 vulnerabilities.

An attacker with a expert ability can exploit this vulnerability alert.

Solutions for this threat 

Wireshark: version 1.0.7.
Version 1.0.7 is corrected:
  http://www.wireshark.org/

Debian: new wireshark packages (04/05/2009).
New packages are available:
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny5_*.deb

Debian: new wireshark packages (30/11/2009).
New packages are available:
Debian GNU/Linux 4.0 alias etch:
  wireshark_0.99.4-5.etch.4
Debian GNU/Linux 5.0 alias lenny:
  wireshark_1.0.2-3+lenny7

Fedora 10: new wireshark packages.
New packages are available:
  wireshark-1.0.7-1.fc10

Mandriva: new wireshark packages.
New packages are available:
  Mandriva Linux 2008.1: wireshark-1.0.7-0.1mdv2008.1
  Mandriva Linux 2009.0: wireshark-1.0.7-0.1mdv2009.0
  Corporate 4.0: wireshark-1.0.7-0.1.20060mlcs4

RHEL: new wireshark packages.
New packages are available:
Red Hat Enterprise Linux version 3: wireshark-1.0.8-EL3.1
Red Hat Enterprise Linux version 4: wireshark-1.0.8-1.el4_8.1
Red Hat Enterprise Linux version 5: wireshark-1.0.8-1.el5_3.1

SUSE: new packages (09/06/2009).
New packages are available.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides an application vulnerability watch. The technology watch team tracks security threats targeting the computer system.