*** This bug is a security vulnerability *** Public security bug reported:
Binary package hint: wireshark CVE-2008-4680 packet-usb.c in the USB dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a malformed USB Request Block (URB). http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4680 CVE-2008-4681 Unspecified vulnerability in the Bluetooth RFCOMM dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via unknown packets. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4681 CVE-2008-4682 wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application abort) via a malformed Tamos CommView capture file (aka .ncf file) with an "unknown/unexpected packet type" that triggers a failed assertion. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4682 CVE-2008-4683 The dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a packet with an invalid length, related to an erroneous tvb_memcpy call. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4683 CVE-2008-4684 packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post dissector. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4684 CVE-2008-4685 Use-after-free vulnerability in the dissect_q931_cause_ie function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via certain packets that trigger an exception. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4685 ** Affects: wireshark (Ubuntu) Importance: Undecided Status: New ** Visibility changed to: Public ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-4680 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-4681 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-4682 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-4683 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-4684 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-4685 -- [CVE 2008-468[1-5] - Wireshark up to 1.0.3 affected by multiple security vulnerabilities https://bugs.launchpad.net/bugs/290716 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
