Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 29 Aug 2012 12:25:05 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Jan Lieskovsky <jlieskov@...hat.com>, Gerald Combs <gerald@...eshark.org>,
        Jan Safranek <jsafrane@...hat.com>,
        Martin Wilck <martin.wilck@...fujitsu.com>
Subject: Re: CVE Request -- wireshark (X >= 1.6.8): DoS (excessive
 CPU use and infinite loop) in DRDA dissector

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/29/2012 09:39 AM, Jan Lieskovsky wrote:
> Hello Kurt, Steve, Gerald, vendors,
> 
> a denial of service flaw was found in the way Distributed
> Relational Database Architecture (DRDA) dissector of Wireshark, a
> network traffic analyzer, performed processing of certain DRDA
> packet capture files. A remote attacker could create a
> specially-crafted capture file that, when opened could lead to
> wireshark executable to consume excessive amount of CPU time and
> hang with an infinite loop.
> 
> Issue found by: Martin Wilck
> 
> Upstream bug report: [1]
> https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7666
> 
> Reproducer: [2]
> https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7666#c0
> 
> References: [3] https://bugzilla.redhat.com/show_bug.cgi?id=849926
> 
> Affected versions: Seems to affect wireshark 1.6.x versions and 
> later (1.0.x and 1.2.x definitely aren't affected)
> 
> Could you allocate a CVE id for this?
> 
> Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat
> Security Response Team

Please use CVE-2012-3548 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iQIcBAEBAgAGBQJQPl6BAAoJEBYNRVNeJnmTV/0QAJyDsp6OHvnADeErcigT7Kxg
E0W2fLtb635roZdDV7Qo8k1R/huY0P89VZjDM7cyOH6FqjAx9GpFfbFf/QUOVjjR
3rFBNx9p0iChyyIUtC8z2jNRO+d0EhcuhbF348remhNKAf5fbxd/J+C2j4VVxf+L
X8n3OpZsAJMh94jmKxt2JfJppVN8gDfAL8TlUItLsZeN5DyfTOXMPoaGSQxhjgxy
SjE3/WGzQUrNLwzBjMseIq3fKa6SI7+Owy3YYAS+w/tXxAlr+c8BzD6x5ej0PG1H
NJI2xbnl1na2WL2Cf8C2QbK57vQAE6qF/ApEicM/oRB0H8abR+uAJzheg+ciRTl+
Ulc614pXJVdRRVP0/J2J/Iie60HD1zS9YOHFPGVsUMoKCOAWBlgys/+Sgyo9hBwl
9bZlN2wSsp3Q1bm+BU/i7+f9BI0CKREM8CIzlJmZKXNSGPZ0JXryDx+Spm1+qezG
DJlWdhPa2IlLQJH5f8U9qUKZbocQPkaDo1+mai5MzOId3uVQuWBhLz9uTCbL0y+Y
8to53q/QJ0isHAnBripJkDk4krgr0O36ZKisnBSUcnEHtCKNRElUhdyWvmdEYYog
rBElX0caPyqrh8Ul9ATqIJJeSa1lSgxWYqPndP8E9g+ypGqMvpLlhrqXiSPX1uvH
uBhGnDzTdDnT5XBJfZJu
=jqeq
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ