Bug 19778 - Multiple vulnerabilities: CVE-2009-1210, CVE-2009-1268, CVE-2009-1269
Summary: Multiple vulnerabilities: CVE-2009-1210, CVE-2009-1268, CVE-2009-1269
Status: CLOSED FIXED
Alias: None
Product: Sisyphus
Classification: Development
Component: wireshark-base (show other bugs)
Version: unstable
Hardware: all Linux
: P3 blocker
Assignee: Anton Farygin
QA Contact: qa-sisyphus
URL: http://www.wireshark.org/security/wnp...
Keywords: security
Depends on:
Blocks:
 
Reported: 2009-04-26 21:14 MSD by Vladimir Lettiev
Modified: 2009-04-29 08:41 MSD (History)
3 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Vladimir Lettiev 2009-04-26 21:14:06 MSD 
Обнаружены несколько уязвимостей в wireshark:

CVE-2009-1210 - The PROFINET dissector was vulnerable to a format string overflow. 
CVE-2009-1268 - The Check Point High-Availability Protocol (CPHAP) dissector could crash.
CVE-2009-1269 - Wireshark could crash while loading a Tektronix .rf5 file.

Upstream выпустил исправление в виде новой версии 1.0.7
Comment 1 Vladimir Lettiev 2009-04-26 21:16:06 MSD 
reassign
Comment 2 Alexander Bokovoy 2009-04-26 21:23:43 MSD 
Раорн, соберешь?
Comment 3 Sir Raorn 2009-04-26 21:53:37 MSD 
Мотороллер не мой.

$ git.alt acl sisyphus wireshark show                     
wireshark       ab
Comment 4 Alexander Bokovoy 2009-04-26 23:35:48 MSD 
task #5481
Comment 5 Vladimir Lettiev 2009-04-28 19:46:08 MSD 
прошло в sisyphus
Comment 6 Vladimir Lettiev 2009-04-28 19:47:04 MSD 
closed
Comment 7 Alexander Bokovoy 2009-04-29 08:41:02 MSD 
Прошу помощи с 4.0 и 4.1 -- до пятницы 1 мая не будет свободного времени.