Bug 783363 (CVE-2012-0067)

Summary: CVE-2012-0067 Wireshark: Dos due to integer overflow in IPTrace capture format parser
Product: [Other] Security Response Reporter: Huzaifa S. Sidhpurwala <huzaifas>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: alekcejk, huzaifas, jsafrane, rvokal
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-01-08 09:13:04 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 781268, 809045, 809046, 834180    
Bug Blocks: 773730, 807617, 816611    

Description Huzaifa S. Sidhpurwala 2012-01-20 06:22:01 UTC
An integer overflow flaw leading to denial of service (application crash) was found in the way wireshark parsed files in the IPTrace capture format. It may be possible to make Wireshark crash by convincing someone to read a malformed IPTrace packet capture file.  This is corrected in upstream 1.4.11 and 1.6.5.

Reference:
http://www.wireshark.org/security/wnpa-sec-2012-01.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6668

Patch:
http://anonsvn.wireshark.org/viewvc?view=revision&amp;revision=40167

Comment 2 Huzaifa S. Sidhpurwala 2012-01-20 06:52:15 UTC
This issue affects the version of wireshark shipped with Fedora 15 and Fedora
16 and has been addressed in the following security advisories:

https://admin.fedoraproject.org/updates/wireshark-1.4.11-1.fc15
https://admin.fedoraproject.org/updates/wireshark-1.6.5-1.fc16

Comment 4 errata-xmlrpc 2012-04-23 16:52:56 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2012:0509 https://rhn.redhat.com/errata/RHSA-2012-0509.html

Comment 6 errata-xmlrpc 2013-01-08 05:00:53 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2013:0125 https://rhn.redhat.com/errata/RHSA-2013-0125.html

Comment 8 Huzaifa S. Sidhpurwala 2013-01-08 09:13:04 UTC
Statement:

(none)