wireshark 0.99.6rel-3ubuntu0.1 source package in Ubuntu
Changelog
wireshark (0.99.6rel-3ubuntu0.1) gutsy-security; urgency=low * SECURITY UPDATE: (LP: #164501) + CVE-2007-6121: Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet. + CVE-2007-6120: The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. + CVE-2007-6117: Unspecified vulnerability in the HTTP dissector for Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 has unknown impact and remote attack vectors related to chunked messages. + CVE-2007-6114: Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser. + CVE-2007-6113: Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP packet. + CVE-2007-6119: The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors. + CVE-2007-6118: The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors. + CVE-2007-6116: The Firebird/Interbase dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite loop or crash) via unknown vectors. + CVE-2007-6115: Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors. + CVE-2007-6112: Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. + CVE-2007-6111: Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remote attackers to cause a denial of service (crash) via (1) a crafted MP3 file or (2) unspecified vectors to the NCP dissector. * debian/patches/13_CVE-2007-6121.dpatch: - Applied patch by upstream - Link: http://bugs.wireshark.org/bugzilla/attachment.cgi?id=1132 * debian/patches/13_CVE-2007-6120.dpatch: - Applied patch by upstream - Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-btsdp.c?r1=21431&r2=23496&view=patch * debian/patches/13_CVE-2007-6117.dpatch: - Applied patch by upstream - Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-http.c?r1=22515&r2=23415&view=patch * debian/patches/13_CVE-2007-6114.dpatch: - Applied patch by upstream - Link 1: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-ssl-utils.h?r1=21445&r2=22883&view=patch - Link 2: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-ssl.c?r1=22625&r2=22883&view=patch - Link 3: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/wiretap/iseries.c?r1=23000&r2=23232&view=patch * debian/patches/13_CVE-2007-6113.dpatch: - Applied patch by upstream - Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-dnp.c?r1=22764&r2=22811&view=patch * debian/patches/13_CVE-2007-6119.dpatch: - Applied patch by upstream - Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-dcp-etsi.c?r1=22542&r2=23463&view=patch * debian/patches/13_CVE-2007-6118.dpatch: - Applied patch by upstream - Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-megaco.c?r1=23150&r2=23449&view=patch * debian/patches/13_CVE-2007-6116.dpatch: - Applied patch by upstream - Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-gdsdb.c?r1=23211&r2=23251&view=patch * debian/patches/13_CVE-2007-6115.dpatch: - Applied patch by upstream - Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-ansi_map.c?r1=22866&r2=22892&view=patch * debian/patches/13_CVE-2007-6112.dpatch: - Applied patch by upstream - Link: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-ppp.c?r1=23252&r2=23475&view=patch * debian/patches/13_CVE-2007-6111.dpatch: - Applied patch by upstream - Link 1: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/wiretap/mpeg.c?r1=21489&r2=22261 - Link 2: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-ncp.c?r1=21167&r2=23252&view=patch * debian/control: - Updated Maintainer field following Ubuntu Maintainer Policy * References: CVE-2007-6121 CVE-2007-6120 CVE-2007-6117 CVE-2007-6114 CVE-2007-6113 CVE-2007-6119 CVE-2007-6118 CVE-2007-6116 CVE-2007-6115 CVE-2007-6112 CVE-2007-6111 http://www.wireshark.org/security/wnpa-sec-2007-03.html -- Stephan Hermann <email address hidden> Thu, 29 Nov 2007 13:58:59 +0100
Upload details
- Uploaded by:
- Stephan RĂ¼gamer
- Uploaded to:
- Gutsy
- Original maintainer:
- MOTU
- Architectures:
- any
- Section:
- net
- Urgency:
- Low Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
wireshark_0.99.6rel.orig.tar.gz | 14.3 MiB | 3ef432a4ba2687818a92393fd0317bb6f1759325522c74a02d805b321b4151b8 |
wireshark_0.99.6rel-3ubuntu0.1.diff.gz | 38.4 KiB | 196fe8efba31b2676634e3753e9a5fc6319a3d732171c864c4a916c0830db324 |
wireshark_0.99.6rel-3ubuntu0.1.dsc | 1.1 KiB | 91fbd35cda0d659e4220a0ba9fc38626b85aea3ba0124cec3a7b6006ed948d25 |
Binary packages built by this source
- ethereal: No summary available for ethereal in ubuntu gutsy.
No description available for ethereal in ubuntu gutsy.
- ethereal-common: No summary available for ethereal-common in ubuntu gutsy.
No description available for ethereal-common in ubuntu gutsy.
- ethereal-dev: No summary available for ethereal-dev in ubuntu gutsy.
No description available for ethereal-dev in ubuntu gutsy.
- tethereal: No summary available for tethereal in ubuntu gutsy.
No description available for tethereal in ubuntu gutsy.
- tshark: No summary available for tshark in ubuntu gutsy.
No description available for tshark in ubuntu gutsy.
- wireshark: No summary available for wireshark in ubuntu gutsy.
No description available for wireshark in ubuntu gutsy.
- wireshark-common: No summary available for wireshark-common in ubuntu gutsy.
No description available for wireshark-common in ubuntu gutsy.
- wireshark-dev: No summary available for wireshark-dev in ubuntu gutsy.
No description available for wireshark-dev in ubuntu gutsy.