wireshark < 1.0.7, multiple vulnerabilities

infwonder · **Posted:** Thu Apr 09, 2009 4:24 pm

wnpa-sec-2009-02 wrote:

Wireshark 1.0.7 fixes the following vulnerabilities:

* The PROFINET dissector was vulnerable to a format string overflow. (Bug 3382) Versions affected: 0.99.6 to 1.0.6 CVE-2009-1210
* The LDAP dissector could crash on Windows. (Bug 3262) Versions affected: 0.99.2 to 1.0.6 CVE-2009-1267
* The Check Point High-Availability Protocol (CPHAP) dissector could crash. (Bug 3269) Versions affected: 0.9.6 to 1.0.6 CVE-2009-1268
* Wireshark could crash while loading a Tektronix .rf5 file. (Bug 3366) Versions affected: 0.99.6 to 1.0.6 CVE-2009-1269

Impact

It may be possible to make Wireshark crash by altering the HOME environment variable or by convincing someone to read a malformed packet trace file.
Resolution

Upgrade to Wireshark 1.0.7 or later.

We currently have version 1.0.6 in both types of repo.

references
http://isc.sans.org/diary.html?storyid=6160
http://www.wireshark.org/security/wnpa-sec-2009-02.html

!8!

wireshark < 1.0.7, multiple vulnerabilities

Who is online