Common Vulnerabilities and Exposures assigned an identifier CVE-2008-3139 to the following vulnerability: The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error. References: http://www.wireshark.org/security/wnpa-sec-2008-03.html http://secunia.com/advisories/30886 Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2620 Upstream commit: http://anonsvn.wireshark.org/viewvc/index.py?view=rev&revision=25497
This issue did not affect the versions of wireshark as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.
wireshark-1.0.2-1.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
wireshark-1.0.2-1.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
This issue was addressed in: Fedora: https://admin.fedoraproject.org/updates/F8/FEDORA-2008-6645 https://admin.fedoraproject.org/updates/F9/FEDORA-2008-6440