Red Hat Bugzilla – Bug 501929
CVE-2009-1829 wireshark: PCNFSD dissector crash
Last modified: 2012-06-20 10:42:16 EDT
The Wireshark's PCNFSD dissector, dissecting records of network traffic
from an RPC server that supports ONC clients on PC (DOS, OS/2, Macintosh, and other) systems, could crash.
Versions affected: 0.8.20 to 1.0.7
Upstream patch against 1.0.*:
http://anonsvn.wireshark.org/viewvc?view=rev&revision=28404 -- part:
r28128 | gerald | 2009-04-22 10:42:47 -0700 (Wed, 22 Apr 2009) | 6 lines
From Mark Cave-Ayland: Fix a crash in the PCNFSD dissector.
From me: Apply Mark's fix to the ident string. Add public #defines for
the special strings that dissect_rpc_* might return and use them in
PCNFSD. Replace a manual buffer allocation with ep_strdup_printf.
Public now via:
Fixed in upstream version 1.0.8.
wireshark-1.0.8-1.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
wireshark-1.0.8-1.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products:
Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 4
Via RHSA-2009:1100 https://rhn.redhat.com/errata/RHSA-2009-1100.html