Common Vulnerabilities and Exposures assigned an identifier CVE-2008-1072 to the following vulnerability: The TFTP dissector in Wireshark (formerly Ethereal) 0.6.0 through 0.99.7, when running on Ubuntu 7.10, allows remote attackers to cause a denial of service (crash or memory consumption) via a malformed packet, possibly related to a Cairo library bug. References: http://www.wireshark.org/security/wnpa-sec-2008-01.html http://www.securityfocus.com/bid/28025 http://www.securitytracker.com/id?1019515 http://secunia.com/advisories/29156
Unable to reproduce on supported RHEL an Fedora releases.
wireshark-1.0.0-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
wireshark-1.0.0-1.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
This issue was addressed in: Red Hat Enterprise Linux: http://rhn.redhat.com/errata/RHSA-2008-0890.html Fedora: https://admin.fedoraproject.org/updates/F8/FEDORA-2008-3040
Reporter changed to security-response-team by request of Jay Turner.