sledp1-etherealSecurity update for etherealSecurity update for etherealVarious security problems were fixed in the wireshark
0.99.6 release, which were backported to ethereal
(predecessor of wireshark):
CVE-2007-3389: Wireshark allowed remote attackers to cause
a denial of service (crash) via a crafted chunked encoding
in an HTTP response, possibly related to a zero-length
payload.
CVE-2007-3390: Wireshark when running on certain systems,
allowed remote attackers to cause a denial of service
(crash) via crafted iSeries capture files that trigger a
SIGTRAP.
CVE-2007-3391: Wireshark allowed remote attackers to cause
a denial of service (memory consumption) via a malformed
DCP ETSI packet that triggers an infinite loop.
CVE-2007-3392: Wireshark allowed remote attackers to cause
a denial of service via malformed (1) SSL or (2) MMS
packets that trigger an infinite loop.
CVE-2007-3393: Off-by-one error in the DHCP/BOOTP dissector
in Wireshark allowed remote attackers to cause a denial of
service (crash) via crafted DHCP-over-DOCSIS packets.
Various security problems were fixed in the wireshark
0.99.6 release, which were backported to ethereal
(predecessor of wireshark):
CVE-2007-3389: Wireshark allowed remote attackers to cause
a denial of service (crash) via a crafted chunked encoding
in an HTTP response, possibly related to a zero-length
payload.
CVE-2007-3390: Wireshark when running on certain systems,
allowed remote attackers to cause a denial of service
(crash) via crafted iSeries capture files that trigger a
SIGTRAP.
CVE-2007-3391: Wireshark allowed remote attackers to cause
a denial of service (memory consumption) via a malformed
DCP ETSI packet that triggers an infinite loop.
CVE-2007-3392: Wireshark allowed remote attackers to cause
a denial of service via malformed (1) SSL or (2) MMS
packets that trigger an infinite loop.
CVE-2007-3393: Off-by-one error in the DHCP/BOOTP dissector
in Wireshark allowed remote attackers to cause a denial of
service (crash) via crafted DHCP-over-DOCSIS packets.
securityethereali586747d58dcb8898054a302f30a0b0a39fcacb0f7e0