commit 5bc2207540e8a0f683650357911ca651761d71ad
Author: Miklos Vajna <>
Date:   Sun Apr 10 21:50:31 2011 +0200


diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml
index d6c91c6..910cb92 100644
--- a/frugalware/xml/security.xml
+++ b/frugalware/xml/security.xml
@@ -26,6 +26,32 @@

+               <id>715</id>
+               <date>2011-04-10</date>
+               <author>Miklos Vajna</author>
+               <package>wireshark</package>
+               <vulnerable>1.4.3-1</vulnerable>
+               <unaffected>1.4.4-1nexon1</unaffected>
+               <bts></bts>
+               <cve>
+              </cve>
+               <desc>Multiple vulnerabilities have been reported in Wireshark, 
which can be exploited by malicious people to cause a DoS (Denial of Service) 
and potentially compromise a vulnerable system.
+1) An error when processing certain pcap-ng files can be exploited to free an 
uninitialised pointer.
+2) An error when handling certain packet lengths can be exploited to cause a 
crash via a specially crafted pcap-ng file.
+3) An error when processing Nokia DCT3 trace files can be exploited to cause a 
buffer overflow via a specially crafted file.
+Successful exploitation of this vulnerability may allow execution of arbitrary 
+4) An error in the "dissect_ms_compressed_string()" (SMB dissector) and 
"dissect_mscldap_string()" (LDAP dissector) functions can be exploited to cause 
a crash due to an infinite recursive function call.
+5) An error when processing LDAP Filter strings can be exploited to cause a 
crash by consuming memory resources via large filter strings.
+6) A validation error in the "dissect_6lowpan_iphc()" function 
(epan/dissectors/packet-6lowpan.c) in the 6LoWPAN dissector when processing 
certain lengths can be exploited to cause a heap-based buffer overflow of a 
single byte resulting in a crash.
+7) A NULL pointer dereference error within the "dissect_ntlmssp_string()" 
function in epan/dissectors/packet-ntlmssp.c when parsing a pcap file can be 
exploited to cause a crash.</desc>
+       </fsa>
+       <fsa>
<author>Miklos Vajna</author>
Frugalware-git mailing list

Reply via email to