Ubuntu
wireshark package

CVE- 2011-1139 denial of service (application crash),via a pcap-ng file that contains a large packet-length field

Bug #730409 reported by Mahyuddin Susanto on 2011-03-07

354

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	wireshark (Ubuntu)	Invalid	Low	Unassigned
	Karmic	Invalid	Low	Unassigned
	Lucid	Invalid	Low	Unassigned
	Maverick	Invalid	Low	Unassigned

Bug Description

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

affects ubuntu/wireshark
status inprogress
assignee udienz
importance medium
security yes
private yes
done

Common Vulnerabilities and Exposures assigned an identifier CVE-2011-1139 to
the following vulnerability:

Name: CVE-2011-1139
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1139
Assigned: 20110302
Reference:
CONFIRM:http://anonsvn.wireshark.org/viewvc?view=rev&revision=35855
Reference:
CONFIRM:http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html
Reference:
CONFIRM:http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
Reference: CONFIRM:http://www.wireshark.org/security/wnpa-sec-2011-03.html
Reference: CONFIRM:http://www.wireshark.org/security/wnpa-sec-2011-04.html
Reference: CONFIRM:https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5661

wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through
1.4.3 allows remote attackers to cause a denial of service
(application crash) via a pcap-ng file that contains a large
packet-length field.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iF4EAREIAAYFAk10VScACgkQdr7GbwjmqKVpnAEAv98HqhvHGIhdTNe67In4XX5J
42zBpb9O7E4R6fujRgEBAJlK9agdMwdWByxJwqTIyxMUUiKdRhGxRorK4+Fp0Miw
=pvSJ
-----END PGP SIGNATURE-----

CVE References

2011-1139

Mahyuddin Susanto (udienz) on 2011-03-07

visibility:

private → public

Mahyuddin Susanto (udienz) on 2011-03-07

summary:

- denial of service (application crash),via a pcap-ng file that contains a
- large packet-length field
+ CVE- 2011-1139 denial of service (application crash),via a pcap-ng file
+ that contains a large packet-length field

Revision history for this message

Micah Gersten (micahg) wrote on 2011-03-08:

#1

Fixed in Natty in 1.4.4-1

Changed in wireshark (Ubuntu):
assignee:	Mahyuddin Susanto (udienz) → nobody
status:	In Progress → Fix Released
importance:	Medium → Low
Changed in wireshark (Ubuntu Karmic):
importance:	Undecided → Low
status:	New → Triaged
Changed in wireshark (Ubuntu Maverick):
importance:	Undecided → Low
status:	New → Triaged
Changed in wireshark (Ubuntu Lucid):
importance:	Undecided → Low

Revision history for this message

Micah Gersten (micahg) wrote on 2011-03-08:

#2

Debdiff for Lucid attached to Bug #730413

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2011-10-14:

#3

Thank you for reporting this bug to Ubuntu. karmic has reached EOL
(End of Life) and is no longer supported. As a result, this bug
against karmic is being marked "Won't Fix". Please see
https://wiki.ubuntu.com/Releases for currently supported Ubuntu
releases.

Please feel free to report any other bugs you may find.

Changed in wireshark (Ubuntu Karmic):
status:	Triaged → Won't Fix

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2011-12-13:

#4

Ubuntu 10.10 was fixed with 1.2.11-6+squeeze1build0.10.10.1.

Changed in wireshark (Ubuntu Maverick):
status:	Triaged → Fix Released

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2011-12-13:

#5

Thanks for taking the time to report this bug and helping to make Ubuntu better. Since the package referred to in this bug is in universe or multiverse, it is community maintained. If you are able, I suggest coordinating with upstream and posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures

Changed in wireshark (Ubuntu Lucid):
status:	New → Incomplete

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2012-04-23:

#6

We are closing this bug report because it lacks the information we need to investigate the problem, as described in the previous comments. Please reopen it if you can give us the missing information, and don't hesitate to submit bug reports in the future. To reopen the bug report you can click on the current status, under the Status column, and change the Status back to 'New'. Thanks again!

Changed in wireshark (Ubuntu):
status:	Fix Released → Invalid
Changed in wireshark (Ubuntu Lucid):
status:	Incomplete → Invalid
Changed in wireshark (Ubuntu Maverick):
status:	Fix Released → Invalid
Changed in wireshark (Ubuntu Karmic):
status:	Won't Fix → Invalid

Report a bug

This report contains Public Security information

Everyone can see this security related information.

Duplicates of this bug

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.