SB2014090114 - Gentoo update for Wireshark 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2014090114

SB2014090114 - Gentoo update for Wireshark

Published: September 1, 2014 Updated: September 25, 2016

Security Bulletin ID SB2014090114
Severity
Medium
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Buffer overflow (CVE-ID: CVE-2014-5161)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The dissect_log function in plugins/irda/packet-irda.c in the IrDA dissector in Wireshark 1.10.x before 1.10.9 does not properly strip ' ' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet.


2) Buffer overflow (CVE-ID: CVE-2014-5162)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The read_new_line function in wiretap/catapult_dct2000.c in the Catapult DCT2000 dissector in Wireshark 1.10.x before 1.10.9 does not properly strip ' ' and ' ' characters, which allows remote attackers to cause a denial of service (off-by-one buffer underflow and application crash) via a crafted packet.


3) Buffer overflow (CVE-ID: CVE-2014-5163)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The APN decode functionality in (1) epan/dissectors/packet-gtp.c and (2) epan/dissectors/packet-gsm_a_gm.c in the GTP and GSM Management dissectors in Wireshark 1.10.x before 1.10.9 does not completely initialize a certain buffer, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.


4) Buffer overflow (CVE-ID: CVE-2014-5164)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The rlc_decode_li function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.10.x before 1.10.9 initializes a certain structure member only after this member is used, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.


5) Buffer overflow (CVE-ID: CVE-2014-5165)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The dissect_ber_constrained_bitstring function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.10.x before 1.10.9 does not properly validate padding values, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet.


Remediation

Install update from vendor's website.

References