Bug 678571 – VUL-0: wireshark: crash in NTLMSSP via crafted pcap file

Bug 678571 - VUL-0: wireshark: crash in NTLMSSP via crafted pcap file


Summary:	VUL-0: wireshark: crash in NTLMSSP via crafted pcap file

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	General
Version:	unspecified
Hardware:	Other Other

Priority:	P5 - None Severity: Normal
Target Milestone:	---
Assigned To:	Chunyan Liu
QA Contact:	Security Team bot

URL:
Whiteboard:	maint:released:sle11-sp1:39632 maint:...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2011-03-10 15:52 UTC by Ludwig Nussel
Modified:	2011-04-14 06:36 UTC (History)
CC List:	1 user (show)

See Also:
Found By:	Other
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ludwig Nussel 2011-03-10 15:52:03 UTC

Your friendly security team received the following report via mitre.
Please respond ASAP.
The issue is public.

-------8<-------
======================================================
Name: CVE-2011-1143
epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.

Reference: CONFIRM: http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
Reference: CONFIRM: http://anonsvn.wireshark.org/viewvc?view=rev&revision=34018
Reference: CONFIRM: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5157

Comment 1 Swamp Workflow Management 2011-04-06 17:35:00 UTC

Update released for: wireshark, wireshark-debuginfo, wireshark-debugsource, wireshark-devel
Products:
SLE-DEBUGINFO 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-DESKTOP 11-SP1 (i386, x86_64)
SLE-SDK 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLES4VMWARE 11-SP1 (i386, x86_64)

Comment 2 Swamp Workflow Management 2011-04-06 17:55:34 UTC

Update released for: wireshark, wireshark-debuginfo, wireshark-devel
Products:
SLE-DESKTOP 10-SP3 (i386, x86_64)
SLE-SAP-APL 10-SP3 (x86_64)
SLE-SDK 10-SP3 (i386, ia64, ppc, s390x, x86_64)
SLE-SERVER 10-SP3 (i386, ia64, ppc, s390x, x86_64)

Comment 3 Swamp Workflow Management 2011-04-06 18:14:43 UTC

Update released for: wireshark, wireshark-debuginfo, wireshark-devel
Products:
SLE-DESKTOP 10-SP4 (i386, x86_64)
SLE-SDK 10-SP4 (i386, ia64, ppc, s390x, x86_64)
SLE-SERVER 10-SP4 (i386, ia64, ppc, s390x, x86_64)

Comment 4 Bernhard Wiedemann 2011-04-11 14:56:23 UTC

This bug (678571) was mentioned in
https://build.opensuse.org/request/show/66852

Comment 5 Sebastian Krahmer 2011-04-13 09:31:10 UTC

Box received updates too. Closing.