Bug 227140 - (CVE-2007-0459) CVE-2007-0456 Multiple Wireshark issues (CVE-2007-0457, CVE-2007-0458, CVE-2007-0459)
CVE-2007-0456 Multiple Wireshark issues (CVE-2007-0457, CVE-2007-0458, CVE-20...
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: wireshark (Show other bugs)
6
All Linux
medium Severity low
: ---
: ---
Assigned To: Radek Vokal
impact=low,source=vendorsec,reported=...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-02-02 14:29 EST by Josh Bressers
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version: 0.99.5-1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-02-06 12:49:36 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Josh Bressers 2007-02-02 14:29:48 EST
+++ This bug was initially created as a clone of Bug #225689 +++

Wireshark 0.99.5 is set to be released in a few days, it fixes four flaws, all
of which will only result in a crash:

CVE-2007-0459
  The TCP dissector could hang or crash while reassembling HTTP packets.
  Fixed in: r19859
  Bug IDs: 1200
  Versions affected: 0.99.2 to 0.99.4

CVE-2007-0459
  The HTTP dissector could crash.
  Fixed in: r19899
  Bug IDs: None
  Versions affected: 0.99.3 to 0.99.4

CVE-2007-0457
  On some systems, the IEEE 802.11 dissector could crash.
  Fixed in: r20126
  Bug IDs: None
  Versions affected: 0.10.14 to 0.99.4

CVE-2007-0456
  On some systems, the LLT dissector could crash.
  Fixed in: r20007
  Bug IDs: None
  Versions affected: 0.99.3 to 0.99.4


These flaws also affect FC5
Comment 1 Fedora Update System 2007-02-06 12:13:43 EST
wireshark-0.99.5-1.fc5 has been pushed for fc5, which should resolve this issue.  If these problems are still present in this version, then please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.