245796 – (CVE-2007-3389) CVE-2007-3389 Wireshark crashes when inspecting HTTP traffic

Bug 245796 (CVE-2007-3389) - CVE-2007-3389 Wireshark crashes when inspecting HTTP traffic

Summary: CVE-2007-3389 Wireshark crashes when inspecting HTTP traffic

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2007-3389
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:	http://bugs.wireshark.org/bugzilla/sh...
Whiteboard:
Depends On:	247617 247618 247619 247621 247622 247623
Blocks:
TreeView+	depends on / blocked

Reported:	2007-06-26 18:49 UTC by Red Hat Product Security
Modified:	2019-09-29 12:20 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2008-07-25 08:47:34 UTC
Embargoed:

Attachments	(Terms of Use)
Capture file of HTTP traffic that crashes Wireshark (1.54 KB, application/octet-stream) 2007-06-26 18:49 UTC, Lubomir Kundrak	no flags	Details
View All

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2007:0709	normal	SHIPPED_LIVE	Low: wireshark security and bug fix update	2007-11-15 15:00:47 UTC
Red Hat Product Errata	RHSA-2007:0710	normal	SHIPPED_LIVE	Low: wireshark security update	2007-11-07 16:26:59 UTC
Red Hat Product Errata	RHSA-2008:0059	normal	SHIPPED_LIVE	Moderate: wireshark security update	2008-01-21 09:34:35 UTC

Description Lubomir Kundrak 2007-06-26 18:49:08 UTC

Description of problem:

Wireshark crashes due to assertion fail when dissecting certain
HTTP traffic.

Version-Release number of selected component (if applicable):

Wireshark 0.99.5

Steps to Reproduce:
1. Open the attached capture with the Wireshark GUI
2. Click on the last HTTP packet

Additional info:

This is fixed in upstream revision 21034.

Comment 1 Lubomir Kundrak 2007-06-26 18:49:08 UTC

Created attachment 157935 [details]
Capture file of HTTP traffic that crashes Wireshark

Comment 6 Red Hat Product Security 2008-07-25 08:47:34 UTC

This issue was addressed in:

Red Hat Enterprise Linux:
  http://rhn.redhat.com/errata/RHSA-2007-0710.html
  http://rhn.redhat.com/errata/RHSA-2007-0709.html
  http://rhn.redhat.com/errata/RHSA-2008-0059.html

Comment 7 Red Hat Bugzilla 2009-10-23 19:05:46 UTC

Reporter changed to security-response-team by request of Jay Turner.

Note You need to log in before you can comment on or make changes to this bug.