Bug 227140 (CVE-2007-0456, CVE-2007-0457, CVE-2007-0458, CVE-2007-0459) - CVE-2007-0456 Multiple Wireshark issues (CVE-2007-0457, CVE-2007-0458, CVE-2007-0459)
Summary: CVE-2007-0456 Multiple Wireshark issues (CVE-2007-0457, CVE-2007-0458, CVE-20...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: CVE-2007-0456, CVE-2007-0457, CVE-2007-0458, CVE-2007-0459
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
low
Target Milestone: ---
Assignee: Radek Vokál
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-02-02 19:29 UTC by Josh Bressers
Modified: 2019-09-29 12:19 UTC (History)
1 user (show)

Fixed In Version: 0.99.5-1
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-02-06 17:49:36 UTC
Embargoed:

Attachments (Terms of Use)

Description Josh Bressers 2007-02-02 19:29:48 UTC 
+++ This bug was initially created as a clone of Bug #225689 +++

Wireshark 0.99.5 is set to be released in a few days, it fixes four flaws, all
of which will only result in a crash:

CVE-2007-0459
  The TCP dissector could hang or crash while reassembling HTTP packets.
  Fixed in: r19859
  Bug IDs: 1200
  Versions affected: 0.99.2 to 0.99.4

CVE-2007-0459
  The HTTP dissector could crash.
  Fixed in: r19899
  Bug IDs: None
  Versions affected: 0.99.3 to 0.99.4

CVE-2007-0457
  On some systems, the IEEE 802.11 dissector could crash.
  Fixed in: r20126
  Bug IDs: None
  Versions affected: 0.10.14 to 0.99.4

CVE-2007-0456
  On some systems, the LLT dissector could crash.
  Fixed in: r20007
  Bug IDs: None
  Versions affected: 0.99.3 to 0.99.4


These flaws also affect FC5
Comment 1 Fedora Update System 2007-02-06 17:13:43 UTC 
wireshark-0.99.5-1.fc5 has been pushed for fc5, which should resolve this issue.  If these problems are still present in this version, then please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.