FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

wireshark -- multiple vulnerabilities

Affected packages
	ethereal	<	1.0.7
	ethereal-lite	<	1.0.7
	tethereal	<	1.0.7
	tethereal-lite	<	1.0.7
	wireshark	<	1.0.7
	wireshark-lite	<	1.0.7

Details

VuXML ID	defce068-39aa-11de-a493-001b77d09812
Discovery	2009-04-06
Entry	2009-05-09
Modified	2009-05-13

Wireshark team reports:

Wireshark 1.0.7 fixes the following vulnerabilities:

The PROFINET dissector was vulnerable to a format string overflow. (Bug 3382) Versions affected: 0.99.6 to 1.0.6, CVE-2009-1210.

The Check Point High-Availability Protocol (CPHAP) dissector could crash. (Bug 3269) Versions affected: 0.9.6 to 1.0.6; CVE-2009-1268.

Wireshark could crash while loading a Tektronix .rf5 file. (Bug 3366) Versions affected: 0.99.6 to 1.0.6, CVE-2009-1269.

[source]

References

Bugtraq ID	34291
Bugtraq ID	34457
CVE Name	CVE-2009-1210
CVE Name	CVE-2009-1268
CVE Name	CVE-2009-1269
URL	http://secunia.com/advisories/34542
URL	http://www.wireshark.org/security/wnpa-sec-2009-02.html