246229 – (CVE-2007-3392, CVE-2007-3392_MMS) CVE-2007-3392 Wireshark crashes when inspecting MMS traffic

Bug 246229 (CVE-2007-3392, CVE-2007-3392_MMS) - CVE-2007-3392 Wireshark crashes when inspecting MMS traffic

Summary: CVE-2007-3392 Wireshark crashes when inspecting MMS traffic

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2007-3392, CVE-2007-3392_MMS
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:	http://bugs.wireshark.org/bugzilla/sh...
Whiteboard:
Depends On:	247617 247618 247619 247621 247622 247623
Blocks:
TreeView+	depends on / blocked

Reported:	2007-06-29 12:17 UTC by Red Hat Product Security
Modified:	2019-09-29 12:20 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2008-07-25 08:52:33 UTC
Embargoed:

Attachments	(Terms of Use)
Capture file of MMS traffic that crashes Wireshark (979.22 KB, application/octet-stream) 2007-06-29 12:17 UTC, Lubomir Kundrak	no flags	Details
View All

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2007:0709	normal	SHIPPED_LIVE	Low: wireshark security and bug fix update	2007-11-15 15:00:47 UTC
Red Hat Product Errata	RHSA-2007:0710	normal	SHIPPED_LIVE	Low: wireshark security update	2007-11-07 16:26:59 UTC
Red Hat Product Errata	RHSA-2008:0059	normal	SHIPPED_LIVE	Moderate: wireshark security update	2008-01-21 09:34:35 UTC

Description Lubomir Kundrak 2007-06-29 12:17:12 UTC

+++ This bug was initially created as a clone of Bug #246225 +++

Description of problem:

Wireshark was reported to crash due to NULL pointer dereference when
attempting to dissect a fuzzed MMS traffic traffic.

Version-Release number of selected component (if applicable):

Wireshark 0.99.5

Additional info:

This is fixed in upstream revision 20837.
I was not able to reproduce this on an x86_64 architecture box.

Comment 1 Lubomir Kundrak 2007-06-29 12:17:12 UTC

Created attachment 158202 [details]
Capture file of MMS traffic that crashes Wireshark

Comment 6 Red Hat Product Security 2008-07-25 08:52:33 UTC

This issue was addressed in:

Red Hat Enterprise Linux:
  http://rhn.redhat.com/errata/RHSA-2007-0710.html
  http://rhn.redhat.com/errata/RHSA-2007-0709.html
  http://rhn.redhat.com/errata/RHSA-2008-0059.html

Comment 7 Red Hat Bugzilla 2009-10-23 19:06:05 UTC

Reporter changed to security-response-team by request of Jay Turner.

Note You need to log in before you can comment on or make changes to this bug.