[Secure-testing-team] Bug#506741: wireshark: DoS caused by sending a SMTP request with large content
Steffen Joeris
steffen.joeris at skolelinux.de
Mon Nov 24 11:58:38 UTC 2008
Package: wireshark
Severity: grave
Tags: security, patch
Justification: user security hole
Hi
the following remotely exploitable vulnerability in Wireshark's
SMTP dissector has been reported:
References:
http://packetstormsecurity.org/0811-advisories/wireshark104-dos.txt
http://bugs.gentoo.org/show_bug.cgi?id=248425
https://bugzilla.redhat.com/show_bug.cgi?id=472737
http://www.nabble.com/-SVRT-04-08--Vulnerability-in-WireShark-1.0.4-for-DoS-Attack-td20640164.html
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2008-11/msg00166.html
Proposed upstream patches:
http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-smtp.c?r1=24989&r2=24988&pathrev=24989&view=patch
http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-smtp.c?r1=24994&r2=24993&pathrev=24994&view=patch
A CVE id has been requested and I'll forward it to the bugreport once it is available.
Packages for lenny and sid build fine with the patch, I haven't tested them though.
Could you get back to me wrt fixes for lenny?
Cheers
Steffen
More information about the Secure-testing-team
mailing list