=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2009/VULN377
_____________________________________________________________________

DATE                      : 15/09/2009

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Wireshark versions prior
                               to 1.0.9, 1.2.2.

======================================================================
http://www.wireshark.org/security/wnpa-sec-2009-06.html
http://www.wireshark.org/security/wnpa-sec-2009-05.html
______________________________________________________________________

Summary

Name:Multiple vulnerabilities in Wireshark® version 0.99.6 to 1.2.1

Docid: wnpa-sec-2009-06

Date: September 15, 2009

Versions affected: 0.99.6 up to and including 1.2.1

Details

Description

Wireshark 1.2.2 fixes the following vulnerabilities:

    * The GSM A RR dissector could crash. (Bug 3893)
      Versions affected: 1.2.0 to 1.2.1
    * The OpcUa dissector could use excessive CPU and memory. (Bug 3986)
      Versions affected: 0.99.6 to 1.0.8, 1.2.0 to 1.2.1
    * The TLS dissector could crash on some platforms. (Bug 4008)
      Versions affected: 1.2.0 to 1.2.1

Impact

It may be possible to make Wireshark crash remotely or by convincing
someone to read a malformed packet trace file.

Resolution

Upgrade to Wireshark 1.2.2 or later.

If are running Wireshark 1.2.1 or earlier (including Ethereal) and cannot
upgrade, you can work around each of the problems listed above by doing
the following:

    * Disable the affected dissectors:
          o Select Analyze→Enabled Protocols... from the menu.
          o Make sure "GSM CCCH", "OpcUa", and "SSL" are all un-checked.
          o Click "Save", then click "OK".

______________________________________________________________________

Summary

Name:Multiple vulnerabilities in Wireshark® version 0.9.2 to 1.0.8

Docid: wnpa-sec-2009-05

Date: September 15, 2009

Versions affected: 0.9.2 up to and including 1.0.8

Details

Description

Wireshark 1.0.9 fixes the following vulnerabilities:

    * The AFS dissector could crash. (Bug 3564)
      Versions affected: 0.9.2 to 1.0.8, 1.2.0
    * The Infiniband dissector could crash on some platforms.
      Versions affected: 0.9.2 to 1.0.8, 1.2.0
    * The OpcUa dissector could use excessive CPU and memory. (Bug 3986)
      Versions affected: 0.99.6 to 1.0.8, 1.2.0 to 1.2.1

Impact

It may be possible to make Wireshark crash remotely or by convincing
someone to read a malformed packet trace file.

Resolution

Upgrade to Wireshark 1.0.9 or later.

If are running Wireshark 1.0.8 or earlier (including Ethereal) and cannot
upgrade, you can work around each of the problems listed above by doing
the following:

    * Disable the affected dissectors:
          o Select Analyze→Enabled Protocols... from the menu.
          o Make sure "AFS (RX)", "Infiniband", and "OpcUa" are all un-checked.
          o Click "Save", then click "OK".


======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================