FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Wireshark -- Multiple vulnerabilities

Affected packages
1.4 <= wireshark < 1.4.11
1.6.0 <= wireshark < 1.6.5
1.4 <= wireshark-lite < 1.4.11
1.6.0 <= wireshark-lite < 1.6.5
1.4 <= tshark < 1.4.11
1.6.0 <= tshark < 1.6.5
1.4 <= tshark-lite < 1.4.11
1.6.0 <= tshark-lite < 1.6.5

Details

VuXML ID 3ebb2dc8-4609-11e1-9f47-00e0815b8da8
Discovery 2010-01-10
Entry 2012-01-23

Wireshark reports:

Laurent Butti discovered that Wireshark failed to properly check record sizes for many packet capture file formats

Wireshark could dereference a NULL pointer and crash.

The RLC dissector could overflow a buffer.

References

CVE Name CVE-2012-0041
CVE Name CVE-2012-0066
CVE Name CVE-2012-0067
CVE Name CVE-2012-0068
URL http://www.wireshark.org/security/wnpa-sec-2012-01.html
URL http://www.wireshark.org/security/wnpa-sec-2012-02.html
URL http://www.wireshark.org/security/wnpa-sec-2012-03.html
URL https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6391
URL https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6634
URL https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6663
URL https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6666
URL https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6667
URL https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6668
URL https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6669
URL https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6670