The Wireshark's PCNFSD dissector, dissecting records of network traffic from an RPC server that supports ONC clients on PC (DOS, OS/2, Macintosh, and other) systems, could crash. Versions affected: 0.8.20 to 1.0.7 Upstream patch against 1.0.*: http://anonsvn.wireshark.org/viewvc?view=rev&revision=28404 -- part: r28128 | gerald | 2009-04-22 10:42:47 -0700 (Wed, 22 Apr 2009) | 6 lines Changed paths: M /trunk/epan/dissectors/packet-pcnfsd.c M /trunk/epan/dissectors/packet-rpc.c M /trunk/epan/dissectors/packet-rpc.h From Mark Cave-Ayland: Fix a crash in the PCNFSD dissector. From me: Apply Mark's fix to the ident string. Add public #defines for the special strings that dissect_rpc_* might return and use them in PCNFSD. Replace a manual buffer allocation with ep_strdup_printf. i.e. http://anonsvn.wireshark.org/viewvc/trunk-1.0/epan/dissectors/packet-pcnfsd.c?r1=24675&r2=28404&pathrev=28404&view=patch http://anonsvn.wireshark.org/viewvc/trunk-1.0/epan/dissectors/packet-rpc.c?r1=25465&r2=28404&pathrev=28404&view=patch http://anonsvn.wireshark.org/viewvc/trunk-1.0/epan/dissectors/packet-rpc.h?r1=24675&r2=28404&pathrev=28404&view=patch
Public now via: http://www.wireshark.org/security/wnpa-sec-2009-03.html Fixed in upstream version 1.0.8.
wireshark-1.0.8-1.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
wireshark-1.0.8-1.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products: Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 4 Via RHSA-2009:1100 https://rhn.redhat.com/errata/RHSA-2009-1100.html