Bug 531260 – CVE-2009-3550 Wireshark: NULL pointer dereference in the DCERPC over SMB packet disassembly

Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.

Bug 531260 - (CVE-2009-3550) CVE-2009-3550 Wireshark: NULL pointer dereference in the DCERPC over SMB packet disassembly

Summary:	CVE-2009-3550 Wireshark: NULL pointer dereference in the DCERPC over SMB pack...

Status:	CLOSED ERRATA

Aliases:	CVE-2009-3550

Product:	Security Response
Classification:	Other
Component:	vulnerability (Show other bugs)
Sub Component:
Version:	unspecified
Hardware:	All Linux

Priority	low Severity low
Target Milestone:	---
Target Release:	---
Assigned To:	Red Hat Product Security
QA Contact:
Docs Contact:

URL:	http://anonsvn.wireshark.org/viewvc/t...
Whiteboard:	impact=low,source=vendorsec,reported=...
Keywords:	Security

Depends On:	537905 549581 549582 549583 549584 561099 833992
Blocks:
	Show dependency tree / graph

Reported:	2009-10-27 10:08 EDT by Jan Lieskovsky
Modified:	2016-03-04 07:49 EST (History)
CC List:	5 users (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2010-06-25 05:47:44 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2010:0360	normal	SHIPPED_LIVE	Moderate: wireshark security update	2010-04-20 11:31:15 EDT

Groups: None (edit)

Description Jan Lieskovsky 2009-10-27 10:08:41 EDT

A NULL pointer dereference flaw was found in the Wireshark's DCERPC 
dissector. A remote attacker could provide a specially-crafted DCERPC
packet capture file, which once opened by an unsuspecting user would
lead to denial of service (Wireshark crash).

Upstream patch:
---------------
http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dcerpc-nt.c?view=log&pathrev=30208

Comment 1 Jan Lieskovsky 2009-10-27 10:10:21 EDT

This issue affects the versions of the wireshark package, as shipped
with Red Hat Enterprise Linux 3, 4, and 5.

This issue affects the versions of the wireshark package, as shipped
with Fedora releases of 10, 11, and as scheduled to appear in
Fedora release of 12.

Comment 2 Tomas Hoger 2009-10-28 04:24:52 EDT

1.2.3: http://www.wireshark.org/security/wnpa-sec-2009-07.html
1.0.10: http://www.wireshark.org/security/wnpa-sec-2009-08.html

Comment 6 errata-xmlrpc 2010-04-20 11:31:34 EDT

This issue has been addressed in following products:

  Red Hat Enterprise Linux 4
  Red Hat Enterprise Linux 5
  Red Hat Enterprise Linux 3

Via RHSA-2010:0360 https://rhn.redhat.com/errata/RHSA-2010-0360.html

Note You need to log in before you can comment on or make changes to this bug.