漏洞信息详情

Wireshark HTTP的协议解析器拒绝服务漏洞

• CNNVD编号：CNNVD-200610-513
• 危害等级： 低危
  
• CVE编号： CVE-2006-5468
• 漏洞类型： 资料不足
• 发布时间： 2006-10-27
• 威胁类型： 远程
• 更新时间： 2006-11-01
• 厂        商： wireshark
• 漏洞来源： Wireshark※http://w...

漏洞简介

Wireshark以前名为Ethereal，是一款非常流行的网络协议分析工具。

Wireshark的HTTP的协议解析器存在漏洞，Wireshark在处理相关协议的畸形报文时会消耗大量内存，导致拒绝服务。

漏洞公告

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接：

Debian已经为此发布了一个安全公告(DSA-1201-1)以及相应补丁:

DSA-1201-1：New ethereal packages fix denial of service

链接：

http://www.debian.org/security/2005/dsa-1201

Debian GNU/Linux 3.1 (sarge)

Source:

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9.dsc

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9.diff.gz

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10.orig.tar.gz

Alpha:

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9_alpha.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge9_alpha.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge9_alpha.deb

http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge9_alpha.deb

AMD64:

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9_amd64.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge9_amd64.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge9_amd64.deb

http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge9_amd64.deb

ARM:

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9_arm.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge9_arm.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge9_arm.deb

http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge9_arm.deb

Intel IA-32:

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9_i386.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge9_i386.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge9_i386.deb

http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge9_i386.deb

Intel IA-64:

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9_ia64.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge9_ia64.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge9_ia64.deb

http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge9_ia64.deb

Motorola 680x0:

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9_m68k.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge9_m68k.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge9_m68k.deb

http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge9_m68k.deb

Big endian MIPS:

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9_mips.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge9_mips.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge9_mips.deb

http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge9_mips.deb

Little endian MIPS:

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9_mipsel.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge9_mipsel.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge9_mipsel.deb

http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge9_mipsel.deb

PowerPC:

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9_powerpc.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge9_powerpc.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge9_powerpc.deb

http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge9_powerpc.deb

IBM S/390:

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9_

参考网址

来源: VU#363992

名称: VU#363992

链接:http://www.kb.cert.org/vuls/id/363992

来源: www.wireshark.org

链接:http://www.wireshark.org/security/wnpa-sec-2006-03.HTML

来源: BID

名称: 20762

链接:http://www.securityfocus.com/bid/20762

来源: SECUNIA

名称: 22590

链接:http://secunia.com/advisories/22590

来源: issues.rpath.com

链接:https://issues.rpath.com/browse/RPL-746

来源: XF

名称: wireshark-http-dos(29840)

链接:http://xforce.iss.net/xforce/xfdb/29840

来源: BUGTRAQ

名称: 20061101 rPSA-2006-0202-1 tshark wireshark

链接:http://www.securityfocus.com/archive/1/archive/1/450307/100/0/threaded

来源: REDHAT

名称: RHSA-2006:0726

链接:http://www.redhat.com/support/errata/RHSA-2006-0726.HTML

来源: SUSE

名称: SUSE-SA:2006:065

链接:http://www.novell.com/linux/security/advisories/2006_65_ethereal.HTML

来源: MANDRIVA

名称: MDKSA-2006:195

链接:http://www.mandriva.com/security/advisories?name=MDKSA-2006:195

来源: VUPEN

名称: ADV-2006-4220

链接:http://www.frsirt.com/english/advisories/2006/4220

来源: support.avaya.com

链接:http://support.avaya.com/elmodocs2/security/ASA-2006-255.htm

来源: SECTRACK

名称: 1017129

链接:http://securitytracker.com/id?1017129

来源: SECUNIA

名称: 23096

链接:http://secunia.com/advisories/23096

来源: SECUNIA

名称: 22929

链接:http://secunia.com/advisories/22929

来源: SECUNIA

名称: 22841

链接:http://secunia.com/advisories/22841

来源: SECUNIA

名称: 22797

链接:http://secunia.com/advisories/22797

来源: SECUNIA

名称: 22692

链接:http://secunia.com/advisories/22692

来源: SECUNIA

名称: 22672

链接:http://secunia.com/advisories/22672

来源: SGI

名称: 20061101-01-P

链接:ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P

受影响实体

• Wireshark Wireshark:0.99.3  

补丁

暂无