Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  news  community  lists  wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [thread-next>] [month] [year] [list] 
Date: Tue, 21 Jul 2009 12:56:46 +0200
From: Alex Legler <a3li@...too.org>
To: oss-security@...ts.openwall.com
Subject: CVE request: Wireshark <1.2.1 Multiple DoS

Hi,

in case the vendor has not already requested CVEs for this:

"Wireshark 1.2.1 fixes the following vulnerabilities:

      * The IPMI dissector could overrun a buffer. (Bug 3559) Versions
        affected: 1.2.0 
      * The AFS dissector could crash. (Bug 3564) Versions affected:
        0.9.2 to 1.2.0 
      * The Infiniband dissector could crash on some platforms. Versions
        affected: 1.0.6 to 1.2.0 
      * The Bluetooth L2CAP dissector could crash. (Bug 3572) Versions
        affected: 1.2.0 
      * The RADIUS dissector could crash. (Bug 3578) Versions affected:
        1.2.0 
      * The MIOP dissector could crash. (Bug 3652) Versions affected:
        1.2.0 
      * The sFlow dissector could use excessive CPU and memory. (Bug
        3570) Versions affected: 1.2.0"

http://www.wireshark.org/security/wnpa-sec-2009-04.html

Thanks,
Alex

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux