Name: Multiple vulnerabilities in Wireshark® version
1.2.0 to 1.2.8
Date: June 9, 2010
Versions affected: 1.2.0 up to and including
Related: wnpa-sec-2010-05 (Multiple in Wireshark® version 0.8.20 to 1.0.13 )
Wireshark 1.2.9 fixes the following vulnerabilities:
The SMB dissector could dereference a NULL pointer.
Versions affected: 0.99.6 to 1.0.13, 1.2.0 to 1.2.8
J. Oquendo discovered that the ASN.1 BER dissector could overrun the stack.
Versions affected: 0.10.13 to 1.0.13, 1.2.0 to 1.2.8
The SMB PIPE dissector could dereference a NULL pointer on some platforms.
Versions affected: 0.8.20 to 1.0.13, 1.2.0 to 1.2.8
The SigComp Universal Decompressor Virtual Machine could go into an infinite loop.
Versions affected: 0.10.7 to 1.0.13, 1.2.0 to 1.2.8
The SigComp Universal Decompressor Virtual Machine could overrun a buffer.
Versions affected: 0.10.8 to 1.0.13, 1.2.0 to 1.2.8
It may be possible to make Wireshark crash, hang, or execute code by injecting a
series of malformed packets onto the wire or by convincing someone to read a
malformed packet trace file.
Upgrade to Wireshark 1.2.9 or later.
Due to the nature of these bugs we do not recommend trying to work around the
problem by disabling dissectors.