Title: Wireshark 1.0.2 Multiple Vulnerabilities

Severity: MODERATE

Description:

Wireshark (formerly Ethereal) is an application for analyzing network traffic; it is available for Microsoft Windows and UNIX-like operating systems.

Wireshark is prone to multiple vulnerabilities when handling certain types of packets and protocols in varying conditions.

1. Multiple buffer-overflow and denial-of-service vulnerabilities occur in the NCP dissector. Specifically, the 'epan/dissectors/packet-ncp2222.inc' file is affected.

2. A denial-of-service vulnerability occurs in the 'tvbuff.c' file when uncompressing a specially crafted zlib-compressed packet.

3. A denial-of-service issue occurs when parsing a Tektronix '.rf5' file.

Exploiting these issues may allow attackers to crash the application and deny service to legitimate users. Attackers may be able to leverage some of these vulnerabilities to execute arbitrary code, but this has not been confirmed.

These issues affect Wireshark 0.9.7 up to and including 1.0.2.

Affected Products:

Avaya Communication Manager 1.1.0
Avaya Communication Manager 1.3.1
Avaya Communication Manager 2.0.0
Avaya Communication Manager 2.0.1
Avaya Communication Manager 2.1
Avaya Communication Manager 2.2
Avaya Communication Manager 3.0
Avaya Communication Manager 3.1
Avaya Communication Manager 3.1.4 SP2
Avaya Communication Manager 4.0
Avaya Communication Manager 4.0.3 SP1
Avaya Communication Manager 5.0
Avaya Communication Manager 5.0 SP3
Avaya Communication Manager 5.1
Avaya Communication Manager Server DEFINITY Server R10
Avaya Communication Manager Server DEFINITY Server R11
Avaya Communication Manager Server DEFINITY Server R9
Avaya Communication Manager Server DEFINITY Server SI/CS
Avaya Communication Manager Server S8100
Avaya Communication Manager Server S8300
Avaya Communication Manager Server S8500
Avaya Communication Manager Server S8700
Avaya SIP Enablement Services 3.1.2
Avaya SIP Enablement Services 4.0
Avaya SIP Enablement Services 5.0
Conectiva Linux 9.0.0
Debian Linux 4.0
Debian Linux 4.0 alpha
Debian Linux 4.0 amd64
Debian Linux 4.0 arm
Debian Linux 4.0 hppa
Debian Linux 4.0 ia-32
Debian Linux 4.0 ia-64
Debian Linux 4.0 m68k
Debian Linux 4.0 mips
Debian Linux 4.0 mipsel
Debian Linux 4.0 powerpc
Debian Linux 4.0 s/390
Debian Linux 4.0 sparc
Ethereal Group Ethereal 0.10.0
Ethereal Group Ethereal 0.10.1
Ethereal Group Ethereal 0.10.10
Ethereal Group Ethereal 0.10.11
Ethereal Group Ethereal 0.10.12
Ethereal Group Ethereal 0.10.13
Ethereal Group Ethereal 0.10.14
Ethereal Group Ethereal 0.10.2
Ethereal Group Ethereal 0.10.3
Ethereal Group Ethereal 0.10.4
Ethereal Group Ethereal 0.10.5
Ethereal Group Ethereal 0.10.6
Ethereal Group Ethereal 0.10.7
Ethereal Group Ethereal 0.10.8
Ethereal Group Ethereal 0.10.9
Ethereal Group Ethereal 0.9.10
Ethereal Group Ethereal 0.9.11
Ethereal Group Ethereal 0.9.12
Ethereal Group Ethereal 0.9.13
Ethereal Group Ethereal 0.9.14
Ethereal Group Ethereal 0.9.15
Ethereal Group Ethereal 0.9.16
Ethereal Group Ethereal 0.9.7
Ethereal Group Ethereal 0.9.8
Ethereal Group Ethereal 0.9.9
Gentoo Linux
MandrakeSoft Corporate Server 4.0
MandrakeSoft Corporate Server 4.0.0 x86_64
MandrakeSoft Linux Mandrake 10.0.0
MandrakeSoft Linux Mandrake 10.0.0 amd64
MandrakeSoft Linux Mandrake 10.1.0
MandrakeSoft Linux Mandrake 10.1.0 x86_64
MandrakeSoft Linux Mandrake 2008.0
MandrakeSoft Linux Mandrake 2008.0 x86_64
MandrakeSoft Linux Mandrake 2008.1
MandrakeSoft Linux Mandrake 2008.1 x86_64
MandrakeSoft Linux Mandrake 9.1.0
MandrakeSoft Linux Mandrake 9.1.0 ppc
MandrakeSoft Linux Mandrake 9.2.0
MandrakeSoft Linux Mandrake 9.2.0 amd64
Pardus Linux 2007
Pardus Linux 2008
RedHat Enterprise Linux 5 server
RedHat Enterprise Linux AS 3
RedHat Enterprise Linux AS 4
RedHat Enterprise Linux Desktop 5 client
RedHat Enterprise Linux Desktop Workstation 5 client
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 4
RedHat Fedora 8
RedHat Fedora 9
RedHat Fedora Core1
RedHat Fedora Core2
RedHat Linux 7.2.0
RedHat Linux 7.2.0 i386
RedHat Linux 7.2.0 ia64
RedHat Linux 7.3.0
RedHat Linux 7.3.0 i386
RedHat Linux 8.0.0
RedHat Linux 8.0.0 i386
RedHat Linux 9.0.0 i386
S.u.S.E. Linux Personal 9.0.0
S.u.S.E. Linux Personal 9.1.0
S.u.S.E. Linux Personal 9.2.0
S.u.S.E. Novell Linux Desktop SDK 9.0.0
S.u.S.E. Novell Linux POS 9
S.u.S.E. Open-Enterprise-Server
S.u.S.E. SLE SDK 10 SP2
S.u.S.E. SUSE Linux Enterprise Desktop 10 SP2
S.u.S.E. SUSE Linux Enterprise Server 10 SP2
S.u.S.E. SUSE Linux Enterprise Server 9
S.u.S.E. openSUSE 10.3
S.u.S.E. openSUSE 11.0
S.u.S.E. openSUSE 11.1
Terra Soft Solutions Yellow Dog Linux 3.0.0
Wireshark Wireshark 0.10.0
Wireshark Wireshark 0.10.13
Wireshark Wireshark 0.10.4
Wireshark Wireshark 0.9.10
Wireshark Wireshark 0.99.0
Wireshark Wireshark 0.99.1
Wireshark Wireshark 0.99.2
Wireshark Wireshark 0.99.3
Wireshark Wireshark 0.99.4
Wireshark Wireshark 0.99.5
Wireshark Wireshark 0.99.6
Wireshark Wireshark 0.99.7
Wireshark Wireshark 0.99.8
Wireshark Wireshark 1.0.0
Wireshark Wireshark 1.0.1
Wireshark Wireshark 1.0.2
rPath rPath Linux 1

References:

Avaya: ASA-2008-392 - wireshark security update (RHSA-2008-0890)
Red Hat: RHSA-2008:0890-2 wireshark security update
Wireshark: Multiple problems in WiresharkÂ® versions 0.9.7 to 1.0.2
Wireshark: Wireshark Web Site

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.

J-Security Center

Title: Wireshark 1.0.2 Multiple Vulnerabilities

Severity: MODERATE

Description:

Affected Products:

References: