88 replies to this topic

[AplusWebMaster]

FYI...

Wireshark multiple vulns - update available
- http://secunia.com/advisories/29156/
Release Date: 2008-02-28
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch
Software: Wireshark (formerly Ethereal) 0.x
...The vulnerabilities are reported in various versions prior to 0.99.8.
Solution: Update to version 0.99.8.
http://www.wireshark.org/download.html

[AplusWebMaster]

FYI...

- http://www.wireshark...ec-2008-02.html
Name: Multiple problems in Wireshark®versions 0.99.2 to 0.99.8
Docid: wnpa-sec-2008-02
Date: March 31, 2008 -?-
Versions affected: 0.99.2 up to and including 0.99.8 ...
Impact:
It may be possible to make Wireshark crash by injecting a purposefully malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
Resolution: Upgrade to Wireshark 1.0.0 or later.
If are running Wireshark 0.99.8 or earlier and cannot upgrade, you can work around each of the problems listed above by doing the following:
* Disable the LDAP, Roofnet, and X.509sat dissectors:
o Select Analyze→Enabled Protocols... from the menu.
o Make sure "LDAP," "Roofnet," and "X509SAT" are un-checked.
o Click "Save", then click "OK"...
- http://www.wireshark.org/download.html
"...current stable release of Wireshark is 0.99.8..." (03.28.2008)

- http://secunia.com/advisories/29569/
Release Date: 2008-03-28
Critical: Moderately critical
Impact: DoS
Where: From -remote-
Solution Status: Unpatched
...The vulnerabilities are reported in various versions prior to 1.0.0.
Solution: Fixed in an -upcoming- version 1.0.0.

Edited by AplusWebMaster, 28 March 2008 - 04:48 AM.

[AplusWebMaster]

FYI...

Wireshark 1.0 released
- http://www.wireshark.org/
Mar 31, 2008 - "...In this release:
Security-related vulnerabilities in the X.509sat, Roofnet, LDAP, and SCCP dissectors have been fixed. See the advisory for details: http://www.wireshark...ec-2008-02.html

Download:
- http://www.wireshark.org/download.html

[AplusWebMaster]

FYI...

Wireshark multiple vulns - update available
- http://secunia.com/advisories/30886/
Release Date: 2008-07-01
Critical: Moderately critical
Impact: Exposure of sensitive information, DoS
Where: From remote
Solution Status: Vendor Patch
Software: Wireshark (formerly Ethereal) 0.x, Wireshark 1.x
Solution: Update to version 1.0.1...
Original Advisory: http://www.wireshark...ec-2008-03.html

The current stable release of Wireshark is 1.0.1. It supersedes all previous releases...
- http://www.wireshark.org/download.html

[AplusWebMaster]

FYI...

Wireshark v1.0.2 released
- http://secunia.com/advisories/31044/
Release Date: 2008-07-11
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch
...The vulnerability is reported in versions 0.8.19 to 1.0.1.
Solution:
Update to version 1.0.2.
http://www.wireshark.org/download.html

> http://www.wireshark...ec-2008-04.html

//

[AplusWebMaster]

FYI...

Wireshark v1.0.3 released
- http://secunia.com/advisories/31674/
Release Date: 2008-09-04
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch
Software: Wireshark (formerly Ethereal) 0.x, Wireshark 1.x...
Solution: Update to version 1.0.3.
http://www.wireshark.org/download.html

- http://www.wireshark...ec-2008-05.html

- http://nvd.nist.gov/...e=CVE-2008-3146

[AplusWebMaster]

FYI...

Wireshark multiple vulns - update available
- http://secunia.com/advisories/32355/
Release Date: 2008-10-21
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch
...The weakness and the vulnerability affect versions 0.99.7 to 1.0.3.
Solution: Update to version 1.0.4.
http://www.wireshark.org/download.html ...
Original Advisory:
http://www.wireshark...ec-2008-06.html ...

> http://www.wireshark...s/20081020.html
"...Security-related bugs in the Bluetooth ACL, Bluetooth RFCOMM, PRP, Q.931, MATE, and USB dissectors, as well as the Tammos CommView file parser have been fixed... Many other bugs have been fixed..."

Edited by AplusWebMaster, 21 October 2008 - 06:41 AM.

[AplusWebMaster]

FYI...

Wireshark SMTP Processing DoS vuln - v1.0.4
- http://secunia.com/advisories/32840/
Release Date: 2008-11-24
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Workaround
Software: Wireshark 1.x
...The vulnerability is reported in version 1.0.4. Prior versions may also be affected...
Original Advisory: http://lists.grok.or...ber/065840.html
...prerelease version of Wireshark 1.0.5 here:
http://www.wireshark...oad/prerelease/
(See wireshark-setup-1.0.5pre1-26885.exe 30-Nov-2008 10:38 21M)

- http://web.nvd.nist....d=CVE-2008-5285
Last revised: 12/01/2008

Edited by AplusWebMaster, 02 December 2008 - 05:08 AM.

[AplusWebMaster]

FYI...

Wireshark 1.0.5 Released
- http://www.wireshark...s/20081210.html
Dec 10, 2008

- http://www.wireshark.org/download.html

- http://www.wireshark...ec-2008-07.html
"...Wireshark 1.0.5 fixes the following vulnerabilities:
* The SMTP dissector could consume excessive amounts of CPU and memory. Versions affected: 1.0.4
* The WLCCP dissector could go into an infinte loop. Versions affected: 0.99.7 to 1.0.4
Impact:
It may be possible to make Wireshark crash by injecting a series of malformed packets onto the wire or by convincing someone to read a malformed packet trace file.
Resolution:
Upgrade to Wireshark 1.0.5 or later...:

[AplusWebMaster]

FYI...

Wireshark vuln - update available
- http://secunia.com/advisories/33872/
Release Date: 2009-02-09
Critical: Moderately critical
Impact: DoS, System access
Where: From remote
Solution Status: Vendor Patch
...The vulnerability is reported in versions 0.99.7 through 1.0.5.
Solution: Update to version 1.0.6.
- http://www.wireshark...ec-2009-01.html

- http://www.wireshark.org/download.html
The current stable release of Wireshark is 1.0.6. It supersedes all previous releases...

Edited by AplusWebMaster, 10 February 2009 - 11:46 AM.

[AplusWebMaster]

FYI...

Wireshark vuln - unpatched
- http://secunia.com/advisories/34542/
Release Date: 2009-03-31
Critical: Highly critical
Impact: DoS, System access
Where: From remote
Solution Status: Unpatched
Software: Wireshark 1.x
...The vulnerability is confirmed in version 1.0.6. Other versions may also be affected...
- http://secunia.com/advisories/34542/2/
Solution: Disable support for the "PN-DCP" protocol..." (upgrade when available)
> http://www.wireshark.org/download.html

- http://web.nvd.nist....d=CVE-2009-1210
Last revised: 04/03/2009
CVSS v2 Base Score: 10.0 (HIGH)

Edited by AplusWebMaster, 03 April 2009 - 11:16 AM.
Added CVE ref...

[AplusWebMaster]

FYI...

Wireshark v1.0.7 released
- http://www.wireshark.org/download.html
April 08, 2009 - "The current stable release of Wireshark is 1.0.7. It supersedes all previous releases..."

- http://www.wireshark...ec-2009-02.html
Wireshark 1.0.7 fixes the following vulnerabilities:
• The PROFINET dissector was vulnerable to a format string overflow. (Bug 3382) Versions affected: 0.99.6 to 1.0.6 CVE-2009-1210
• The LDAP dissector could crash on Windows. (Bug 3262) Versions affected: 0.99.2 to 1.0.6 CVE-2009-1267
• The Check Point High-Availability Protocol (CPHAP) dissector could crash. (Bug 3269) Versions affected: 0.9.6 to 1.0.6 CVE-2009-1268
• Wireshark could crash while loading a Tektronix .rf5 file. (Bug 3366) Versions affected: 0.99.6 to 1.0.6 CVE-2009-1269 ...
Resolution: Upgrade to Wireshark 1.0.7 or later...

- http://web.nvd.nist....d=CVE-2009-1210
- http://web.nvd.nist....d=CVE-2009-1267
- http://web.nvd.nist....d=CVE-2009-1268
- http://web.nvd.nist....d=CVE-2009-1269

Edited by AplusWebMaster, 15 April 2009 - 05:09 AM.
Added CVE links...

[AplusWebMaster]

FYI...

Wireshark v1.0.8 released
- http://www.wireshark.org/download.html
May 21, 2008 - "The current stable release of Wireshark is 1.0.8. It supersedes all previous releases..."

- http://www.wireshark...s/20090521.html
"...In this release:
A security-related bug in the PCNFSD dissector has been fixed. See the advisory* for details... Many other bugs have been fixed..."

* http://www.wireshark...ec-2009-03.html
Wireshark 1.0.8 fixes the following vulnerability:
• The PCNFSD dissector could crash. Versions affected: 0.8.20 to 1.0.7 ...

- http://secunia.com/advisories/35201/2/
Release Date: 2009-05-22
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch
Software: Wireshark 1.x
Solution: Update to version 1.0.8...

Edited by AplusWebMaster, 25 May 2009 - 06:14 AM.
Added Secunia advisory link...

[AplusWebMaster]

FYI...

Wireshark v1.2.0 released
- http://www.wireshark.org/download.html
June 15, 2009 - "The current stable release of Wireshark is 1.2.0. It supersedes all previous releases..."

Wireshark 1.2.0 Release Notes - Bug Fixes
- http://www.wireshark...0.html#BugFixes
"... Some notable fixes are:
* Type-ahead search now works properly.
* Several bugs that affected capture from pipes have been fixed.
* Many Lua-related bugs have been fixed.
* Several memory leaks have been found and fixed.
* The "Follow TCP Stream" feature could show two streams at the same time. The hex dump view has been narrowed.
* WPA and SSL decryption bugs have been fixed.
* Readability problems on 256-color displays on Windows have been fixed...

- http://www.wireshark...s/20090615.html

[AplusWebMaster]

FYI...

Wireshark v1.2.1 released
- http://www.wireshark.org/download.html
July 20, 2009 - "The current stable release of Wireshark is 1.2.1. It supersedes all previous releases..."

Bug Fixes
- http://www.wireshark...1.html#WhatsNew

- http://www.wireshark...s/20090720.html

- http://www.wireshark...ec-2009-04.html
... Wireshark 1.2.1 fixes the following vulnerabilities:
• The IPMI dissector could overrun a buffer. (Bug 3559) Versions affected: 1.2.0
• The AFS dissector could crash. (Bug 3564) Versions affected: 0.9.2 to 1.2.0
• The Infiniband dissector could crash on some platforms. Versions affected: 1.0.6 to 1.2.0
• The Bluetooth L2CAP dissector could crash. (Bug 3572) Versions affected: 1.2.0
• The RADIUS dissector could crash. (Bug 3578) Versions affected: 1.2.0
• The MIOP dissector could crash. (Bug 3652) Versions affected: 1.2.0
• The sFlow dissector could use excessive CPU and memory. (Bug 3570) Versions affected: 1.2.0 ...

- http://secunia.com/advisories/35884/2/
Release Date: 2009-07-21
Critical: Moderately critical
Impact: DoS
Where: From remote ...
Solution: Update to version 1.2.1...

Edited by AplusWebMaster, 21 July 2009 - 07:26 AM.
Added Secunia advisory link...