[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Wed Mar 7 05:21:47 PST 2012
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 287 Published: Tue, 06 Mar 2012 19:20:11 GMT
New Fixlets:
============
***************************************************************
Title: HTTP dissector vulnerability in Wireshark 0.99.3
Severity: Medium
Fixlet ID: 1412001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14120.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-5468
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors.
***************************************************************
Title: WiMAX dissector vulnerability in Wireshark 0.99.6
Severity: Low
Fixlet ID: 1412601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14126.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6441
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors related to "unaligned access on some platforms."
***************************************************************
Title: Buffer overflow in the MAC-LTE dissector in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2
Severity: High
Fixlet ID: 1428301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14283.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0444
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c) in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of RARs.
***************************************************************
Title: Heap-based buffer overflow in the dissect_ldss_transfer function in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1
Severity: High
Fixlet ID: 1428701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14287.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4300
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption.
***************************************************************
Title: Vulnerability in dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7
Severity: Medium
Fixlet ID: 1432501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14325.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1957
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (infinite loop) via an invalid PDU length.
***************************************************************
Title: Vulnerability in ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2
Severity: Medium
Fixlet ID: 1450501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14505.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0445
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (assertion failure) via crafted packets, as demonstrated by fuzz-2010-12-30-28473.pcap.
***************************************************************
Title: LDAP dissector vulnerability in Wireshark 0.99.2 through 0.99.8
Severity: Medium
Fixlet ID: 1454901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14549.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1562
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The LDAP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet, a different vulnerability than CVE-2006-5740.
***************************************************************
Title: PPP dissector vulnerability in Wireshark 0.99.6
Severity: High
Fixlet ID: 1456101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14561.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6112
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.
***************************************************************
Title: ANSI MAP dissector vulnerability in Wireshark 0.99.5 to 0.99.6
Severity: High
Fixlet ID: 1457801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14578.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6115
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors.
***************************************************************
Title: Multiple off-by-one errors in the IPSec ESP preference parser in Wireshark 0.99.2
Severity: Medium
Fixlet ID: 1458701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14587.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-4331
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Multiple off-by-one errors in the IPSec ESP preference parser in Wireshark (formerly Ethereal) 0.99.2 allow remote attackers to cause a denial of service (crash) via unspecified vectors.
***************************************************************
Title: Vulnerability in pcap-ng processing in Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0
Severity: Medium
Fixlet ID: 1460501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14605.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0538
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file.
***************************************************************
Title: Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12
Severity: Medium
Fixlet ID: 1460701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14607.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3445
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP.
***************************************************************
Title: ANSI MAP dissector vulnerability in Wireshark 1.4.x before 1.4.8 and 1.6.x before 1.6.1
Severity: Medium
Fixlet ID: 1461001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14610.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2698
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Off-by-one error in the elem_cell_id_aux function in epan/dissectors/packet-ansi_a.c in the ANSI MAP dissector in Wireshark 1.4.x before 1.4.8 and 1.6.x before 1.6.1 allows remote attackers to cause a denial of service (infinite loop) via an invalid packet.
***************************************************************
Title: Integer underflow in the visual_read function in wiretap/visual.c vulnerability in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7
Severity: Medium
Fixlet ID: 1464501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14645.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2175
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Integer underflow in the visual_read function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a malformed Visual Networks file that triggers a heap-based buffer over-read.
***************************************************************
Title: Vulnerability in the snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7
Severity: Medium
Fixlet ID: 1465601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14656.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1959
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that triggers a stack-based buffer over-read.
***************************************************************
Title: LDAP dissector vulnerability in Wireshark 0.99.3
Severity: Medium
Fixlet ID: 1467901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14679.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-5740
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in the LDAP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via a crafted LDAP packet.
***************************************************************
Title: RTMPT dissector vulnerability in Wireshark 0.99.8 through 1.0.0
Severity: Medium
Fixlet ID: 1468201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14682.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3139
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.
***************************************************************
Title: SCSI dissector vulnerability in Wireshark 0.99.2
Severity: Medium
Fixlet ID: 1468401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14684.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-4330
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in the SCSI dissector in Wireshark (formerly Ethereal) 0.99.2 allows remote attackers to cause a denial of service (crash) via unspecified vectors.
***************************************************************
Title: syslog dissector vulnerability in Wireshark 1.0.0
Severity: Medium
Fixlet ID: 1470001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14700.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3140
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The syslog dissector in Wireshark (formerly Ethereal) 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors, possibly related to an "incomplete SS7 MSU syslog encapsulated packet."
***************************************************************
Title: Vulnerability in wtap.c in Wireshark 0.99.7 through 1.0.3
Severity: Medium
Fixlet ID: 1470501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14705.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4682
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application abort) via a malformed Tamos CommView capture file (aka .ncf file) with an "unknown/unexpected packet type" that triggers a failed assertion.
***************************************************************
Title: Vulnerability in ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1
Severity: Medium
Fixlet ID: 1471301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14713.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4301
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet, related to Discover Attributes.
***************************************************************
Title: Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3
Severity: Medium
Fixlet ID: 1471501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14715.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1140
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet.
***************************************************************
Title: DCP ETSI dissector vulnerability in Wireshark 0.99.6
Severity: High
Fixlet ID: 1472101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14721.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6119
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors.
***************************************************************
Title: Stack consumption vulnerability in the dissect_ber_choice function in the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through 1.4.4
Severity: Medium
Fixlet ID: 1472401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14724.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1142
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Stack consumption vulnerability in the dissect_ber_choice function in the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through 1.4.4 might allow remote attackers to cause a denial of service (infinite loop) via vectors involving self-referential ASN.1 CHOICE values.
***************************************************************
Title: Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5
Severity: Medium
Fixlet ID: 1473201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14732.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0599
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed NetScreen snoop file.
***************************************************************
Title: SMB dissector vulnerability in Wireshark 0.99.6
Severity: Medium
Fixlet ID: 1473401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14734.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6438
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in the SMB dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service via unknown vectors. NOTE: this identifier originally included MP3 and NCP, but those issues are already covered by CVE-2007-6111.
***************************************************************
Title: Infiniband dissector in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service
Severity: Medium
Fixlet ID: 1476001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14760.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4101
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The dissect_infiniband_common function in epan/dissectors/packet-infiniband.c in the Infiniband dissector in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet.
***************************************************************
Title: Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3
Severity: Medium
Fixlet ID: 1476601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14766.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0713
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file.
***************************************************************
Title: packet-frame vulnerability in Wireshark 0.99.2 through 1.0.3
Severity: Medium
Fixlet ID: 1476701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14767.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4684
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post dissector.
***************************************************************
Title: Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7
Severity: Medium
Fixlet ID: 1477701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14777.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2174
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression.
***************************************************************
Title: SNMP dissector vulnerability in Wireshark 0.99.6 through 0.99.7
Severity: Medium
Fixlet ID: 1478401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14784.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1071
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet.
***************************************************************
Title: AirPcap support vulnerability in Wireshark 0.99.3
Severity: Medium
Fixlet ID: 1478701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14787.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-5595
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in the AirPcap support in Wireshark (formerly Ethereal) 0.99.3 has unspecified attack vectors related to WEP key parsing.
***************************************************************
Title: Lucent/Ascend file parser vulnerability in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0
Severity: Medium
Fixlet ID: 1479401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14794.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2597
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service (infinite loop) via malformed packets.
***************************************************************
Title: Bluetooth SDP dissector vulnerability in Wireshark 0.99.2 to 0.99.6
Severity: Medium
Fixlet ID: 1480201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14802.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6120
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
***************************************************************
Title: CSN.1 dissector in Wireshark 1.6.x before 1.6.3 denial of service vulnerability
Severity: Medium
Fixlet ID: 1483301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14833.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4100
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.3 does not initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
***************************************************************
Title: HTTP dissector vulnerability in Wireshark 0.99.3 and 0.99.4
Severity: Medium
Fixlet ID: 1483601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14836.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0458
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors, a different issue than CVE-2006-5468.
***************************************************************
Title: Unspecified vulnerability in the Bluetooth RFCOMM dissector in Wireshark 0.99.7 through 1.0.3
Severity: Medium
Fixlet ID: 1485301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14853.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4681
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in the Bluetooth RFCOMM dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via unknown packets.
***************************************************************
Title: LLT dissector vulnerability in Wireshark 0.99.3 and 0.99.4
Severity: Medium
Fixlet ID: 1486701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14867.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0456
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in the LLT dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
***************************************************************
Title: TCP dissector vulnerability in Wireshark 0.99.2 to 0.99.4
Severity: Medium
Fixlet ID: 1487501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14875.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0459
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: packet-tcp.c in the TCP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.4 allows remote attackers to cause a denial of service (application crash or hang) via fragmented HTTP packets.
***************************************************************
Title: CSN.1 dissector in Wireshark 1.6.x before 1.6.2 denial of service vulnerability
Severity: Medium
Fixlet ID: 1488601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14886.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3482
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.2 does not initialize a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
***************************************************************
Title: Vulnerability in PANA and KISMET dissectors in Wireshark 0.99.3 through 1.0.0
Severity: Medium
Fixlet ID: 1489801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14898.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3138
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0 allow remote attackers to cause a denial of service (application stop) via unknown vectors.
***************************************************************
Title: DCP ETSI dissector vulnerability in Wireshark 0.99.5
Severity: High
Fixlet ID: 1491101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14911.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-3391
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Wireshark 0.99.5 allows remote attackers to cause a denial of service (memory consumption) via a malformed DCP ETSI packet that triggers an infinite loop.
***************************************************************
Title: Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2
Severity: High
Fixlet ID: 1493701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14937.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4538
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding (RLE) compression.
***************************************************************
Title: Vulnerability in bytes_repr_len function in Wireshark 1.4.5
Severity: Medium
Fixlet ID: 1494301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14943.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1956
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The bytes_repr_len function in Wireshark 1.4.5 uses an incorrect pointer argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via arbitrary TCP traffic.
***************************************************************
Title: Wireshark 1.6.x before 1.6.2 buffer exception handling vulnerability
Severity: Medium
Fixlet ID: 1497101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14971.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3483
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (application crash) via a malformed capture file that leads to an invalid root tvbuff, related to a "buffer exception handling vulnerability."
***************************************************************
Title: Vulnerability in epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3
Severity: Medium
Fixlet ID: 1497401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14974.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1141
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements.
***************************************************************
Title: Vulnerability in the Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3
Severity: Medium
Fixlet ID: 1498201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14982.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4683
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a packet with an invalid length, related to an erroneous tvb_memcpy call.
***************************************************************
Title: NFS dissector in epan/dissectors/packet-nfs.c vulnerability in Wireshark 1.4.x before 1.4.5 on Windows
Severity: Medium
Fixlet ID: 1498701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14987.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1592
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x before 1.4.5 on Windows uses an incorrect integer data type during decoding of SETCLIENTID calls, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.
***************************************************************
Title: SCTP dissector vulnerability in Wireshark 0.99.5 through 0.99.7
Severity: Medium
Fixlet ID: 1499501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14995.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1070
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The SCTP dissector in Wireshark (formerly Ethereal) 0.99.5 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet.
***************************************************************
Title: Vulnerability in wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3
Severity: Medium
Fixlet ID: 1499701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14997.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1139
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field.
***************************************************************
Title: Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5
Severity: High
Fixlet ID: 1500001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15000.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1591
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file.
***************************************************************
Title: IPv6 or USB dissector vulnerability in Wireshark 0.99.6
Severity: Medium
Fixlet ID: 1500201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15002.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6439
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite or large loop) via the (1) IPv6 or (2) USB dissector, which can trigger resource consumption or a crash. NOTE: this identifier originally included Firebird/Interbase, but it is already covered by CVE-2007-6116. The DCP ETSI issue is already covered by CVE-2007-6119.
***************************************************************
Title: Firebird/Interbase dissector vulnerability in Wireshark 0.99.6
Severity: Medium
Fixlet ID: 1503601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15036.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6116
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The Firebird/Interbase dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite loop or crash) via unknown vectors.
***************************************************************
Title: Wireshark 0.99.6 through 1.0.5 vulnerability via crafted Tektronix K12 text capture file
Severity: Medium
Fixlet ID: 1504101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15041.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0600
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly one frame.
***************************************************************
Title: proto_tree_add_item function vulnerability in Wireshark 1.4.x through 1.4.8 and 1.6.0 through 1.6.1
Severity: Low
Fixlet ID: 1504201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15042.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3266
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The proto_tree_add_item function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service (infinite loop) via vectors involving a malformed IKE packet and many items in a tree.
***************************************************************
Title: Diameter dictionary file vulnerability in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7
Severity: Medium
Fixlet ID: 1504501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15045.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1958
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Diameter dictionary file.
***************************************************************
Title: Vulnerability in X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5
Severity: Medium
Fixlet ID: 1505001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15050.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1590
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.
***************************************************************
Title: Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2
Severity: High
Fixlet ID: 1505901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15059.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3360
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory.
***************************************************************
Title: OpenSafety dissector in Wireshark 1.6.x before 1.6.2 denial of service vulnerability
Severity: Medium
Fixlet ID: 1506201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15062.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3484
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The unxorFrame function in epan/dissectors/packet-opensafety.c in the OpenSafety dissector in Wireshark 1.6.x before 1.6.2 does not properly validate a certain frame size, which allows remote attackers to cause a denial of service (loop and application crash) via a malformed packet.
***************************************************************
Title: GSM SMS dissector vulnerability in Wireshark 0.99.2 through 1.0.0
Severity: Medium
Fixlet ID: 1506801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15068.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3137
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors.
***************************************************************
Title: Heap-based buffer overflow in the erf_read_header function in wiretap/erf.c in the ERF file parser in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3
Severity: Medium
Fixlet ID: 1507301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15073.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4102
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Heap-based buffer overflow in the erf_read_header function in wiretap/erf.c in the ERF file parser in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (application crash) via a malformed file.
***************************************************************
Title: SCCP dissector vulnerability in Wireshark 0.99.6 through 0.99.8
Severity: Medium
Fixlet ID: 1507401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15074.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1563
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The "decode as" feature in packet-bssap.c in the SCCP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
***************************************************************
Title: Unspecified vulnerability in Wireshark 0.99.6 through 1.0.2
Severity: Low
Fixlet ID: 1508701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15087.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3934
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.
***************************************************************
Title: Multiple unspecified vulnerabilities in Wireshark 0.99.5 through 0.99.8
Severity: Medium
Fixlet ID: 1508901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15089.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1561
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) 0.99.5 through 0.99.8 allow remote attackers to cause a denial of service (application crash) via a malformed packet to the (1) X.509sat or (2) Roofnet dissectors. NOTE: Vector 2 might also lead to a hang.
***************************************************************
Title: Vulnerability in packet-usb.c in the USB dissector in Wireshark 0.99.7 through 1.0.3
Severity: Medium
Fixlet ID: 1509101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15091.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4680
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: packet-usb.c in the USB dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a malformed USB Request Block (URB).
More information about the WinVulns-Announcements
mailing list