Date: Tue, 2 Nov 2010 18:41:34 +0300 (MSK) From: Eygene Ryabinkin <rea-fbsd@codelabs.ru> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/151891: VuXML entry for CVE-2010-2010-3445 in Wireshark Message-ID: <20101102154134.99190DA81F@void.codelabs.ru> Resent-Message-ID: <201011021600.oA2G0JBW048177@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 151891 >Category: ports >Synopsis: VuXML entry for CVE-2010-2010-3445 in Wireshark >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Nov 02 16:00:19 UTC 2010 >Closed-Date: >Last-Modified: >Originator: Eygene Ryabinkin >Release: FreeBSD 9.0-CURRENT amd64 >Organization: Code Labs >Environment: System: FreeBSD 9.0-CURRENT amd64 >Description: There is a DoS in BER-based dissectors: [1]. It was fixed in 1.4.1 [2] and 1.2.12 [3]. FreeBSD ports now have 1.4.1 in the tree, so only VuXML entry is needed. >How-To-Repeat: [1] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5230 [2] http://www.wireshark.org/lists/wireshark-announce/201010/msg00002.html [3] http://www.wireshark.org/lists/wireshark-announce/201010/msg00001.html >Fix: The following VuXML entry should be evaluated and added: --- vuln.xml begins here --- <vuln vid="b2eaa7c2-e64a-11df-bc65-0022156e8794"> <topic>Wireshark -- DoS in the BER-based dissectors</topic> <affects> <package> <name>wireshark</name> <range><ge>1.3</ge><lt>1.4.1</lt></range> <range><ge>1.0</ge><lt>1.2.12</lt></range> </package> <package> <name>wireshark-lite</name> <range><ge>1.3</ge><lt>1.4.1</lt></range> <range><ge>1.0</ge><lt>1.2.12</lt></range> </package> <package> <name>tshark</name> <range><ge>1.3</ge><lt>1.4.1</lt></range> <range><ge>1.0</ge><lt>1.2.12</lt></range> </package> <package> <name>tshark-lite</name> <range><ge>1.3</ge><lt>1.4.1</lt></range> <range><ge>1.0</ge><lt>1.2.12</lt></range> </package> </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml">; <p>Secunia reports:</p> <blockquote cite="http://secunia.com/advisories/41535">; <p>A vulnerability has been discovered in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service).</p> <p>The vulnerability is caused due to an infinite recursion error in the "dissect_unknown_ber()" function in epan/dissectors/packet-ber.c and can be exploited to cause a stack overflow e.g. via a specially crafted SNMP packet.</p> <p>The vulnerability is confirmed in version 1.4.0 and reported in version 1.2.11 and prior and version 1.4.0 and prior.</p> </blockquote> </body> </description> <references> <cvename>CVE-2010-3445</cvename> <url>http://www.wireshark.org/lists/wireshark-announce/201010/msg00002.html</url>; <url>http://www.wireshark.org/lists/wireshark-announce/201010/msg00001.html</url>; </references> <dates> <discovery>2010-09-16</discovery> <entry>TODAY</entry> </dates> </vuln> --- vuln.xml ends here --- It passes 'make validate' fine on my machine. >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20101102154134.99190DA81F>