CVE-2009-4376

Common Vulnerabilities and Exposures

Upstream information

CVE-2009-4376 at MITRE

Description

Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet.

NVD CVSS v2 Base Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

Novell/SUSE information

Novell Bugzilla entry: 565902

SUSE Security Advisories:

SUSE-SR:2010:007, published Tue, 30 Mar 2010 10:00:00 +0000

List of released packages

Product(s)	Fixed package version(s)	References
Open Enterprise Server	`ethereal >= 0.10.13-2.47`	core9.s390x sles9-nlpos.x86 core9.x86-64 sles9-oes.x86 core9.ia64 core9.ppc core9.s390 core9.x86 YOU Patch Nr: 12593
openSUSE 11.0	`wireshark-debuginfo >= 1.0.0-17.21` `wireshark-debugsource >= 1.0.0-17.21`
openSUSE 11.0	`wireshark >= 1.0.0-17.21` `wireshark-devel >= 1.0.0-17.21`
openSUSE 11.1	`wireshark-debuginfo >= 1.0.4-2.14.2` `wireshark-debugsource >= 1.0.4-2.14.2`
openSUSE 11.1	`wireshark >= 1.0.4-2.14.2` `wireshark-devel >= 1.0.4-2.14.2`
openSUSE 11.2	`wireshark-debuginfo >= 1.2.1-3.11.2` `wireshark-debugsource >= 1.2.1-3.11.2`
openSUSE 11.2	`wireshark >= 1.2.1-3.11.2` `wireshark-devel >= 1.2.1-3.11.2`
SUSE Linux Enterprise 11 GA DEBUGINFO	`wireshark-debuginfo >= 1.0.5-1.34.1` `wireshark-debugsource >= 1.0.5-1.34.1`	sled11.x86-64 sle11-debuginfo.ia64 sle11-sdk.x86 sle11-sdk.s390x sle11-debuginfo.x86-64 sle11-sdk.x86-64 sles11.x86-64 sle11-sdk.ppc sle11-debuginfo.x86 sles11.s390x sles11.x86 sle11-sdk.ia64 sles11.ppc sle11-debuginfo.s390x sled11.x86 sles11.ia64 sle11-debuginfo.ppc SAT Patch Nr: 2082
SUSE Linux Enterprise SDK 11 GA	`wireshark >= 1.0.5-1.34.1` `wireshark-devel >= 1.0.5-1.34.1`	sled11.x86-64 sle11-debuginfo.ia64 sle11-sdk.x86 sle11-sdk.s390x sle11-debuginfo.x86-64 sle11-sdk.x86-64 sles11.x86-64 sle11-sdk.ppc sle11-debuginfo.x86 sles11.s390x sles11.x86 sle11-sdk.ia64 sles11.ppc sle11-debuginfo.s390x sled11.x86 sles11.ia64 sle11-debuginfo.ppc SAT Patch Nr: 2082
SUSE Linux Enterprise SDK 11 GA	`wireshark-devel >= 1.0.5-1.34.1`	sled11.x86-64 sle11-debuginfo.ia64 sle11-sdk.x86 sle11-sdk.s390x sle11-debuginfo.x86-64 sle11-sdk.x86-64 sles11.x86-64 sle11-sdk.ppc sle11-debuginfo.x86 sles11.s390x sles11.x86 sle11-sdk.ia64 sles11.ppc sle11-debuginfo.s390x sled11.x86 sles11.ia64 sle11-debuginfo.ppc SAT Patch Nr: 2082
SUSE Linux Enterprise Desktop 11 GA SUSE Linux Enterprise Server 11 GA	`wireshark >= 1.0.5-1.34.1`	sled11.x86-64 sle11-debuginfo.ia64 sle11-sdk.x86 sle11-sdk.s390x sle11-debuginfo.x86-64 sle11-sdk.x86-64 sles11.x86-64 sle11-sdk.ppc sle11-debuginfo.x86 sles11.s390x sles11.x86 sle11-sdk.ia64 sles11.ppc sle11-debuginfo.s390x sled11.x86 sles11.ia64 sle11-debuginfo.ppc SAT Patch Nr: 2082
SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T SUSE Linux Enterprise Desktop 10 SP3 for x86	`ethereal >= 0.10.14-16.41.1`	sles10-sp3.s390x sle10-sp3-sdk.ppc sle10-sp3-sdk.x86-64 sles10-sp3.x86 sles10-sp3.ppc sles10-sp3.ia64 sled10-sp3.x86 sles10-sp3.x86-64 sle10-sp3-sdk.s390x sle10-sp3-sdk.ia64 sle10-sp3-sdk.x86 sled10-sp3.x86-64 ZYPP Patch Nr: 6890
SUSE Linux Enterprise SDK 10 SP3	`ethereal-devel >= 0.10.14-16.41.1`	sles10-sp3.s390x sle10-sp3-sdk.ppc sle10-sp3-sdk.x86-64 sles10-sp3.x86 sles10-sp3.ppc sles10-sp3.ia64 sled10-sp3.x86 sles10-sp3.x86-64 sle10-sp3-sdk.s390x sle10-sp3-sdk.ia64 sle10-sp3-sdk.x86 sled10-sp3.x86-64 ZYPP Patch Nr: 6890
SUSE Linux Enterprise SDK 10 SP3 SUSE Linux Enterprise Server 10 SP3 SUSE Linux Enterprise Server for SAP 10 SP3	`ethereal >= 0.10.14-16.41.1` `ethereal-devel >= 0.10.14-16.41.1`	sles10-sp3.s390x sle10-sp3-sdk.ppc sle10-sp3-sdk.x86-64 sles10-sp3.x86 sles10-sp3.ppc sles10-sp3.ia64 sled10-sp3.x86 sles10-sp3.x86-64 sle10-sp3-sdk.s390x sle10-sp3-sdk.ia64 sle10-sp3-sdk.x86 sled10-sp3.x86-64 ZYPP Patch Nr: 6890
SUSE Linux Enterprise Server for SAP 10 SP2	`ethereal >= 0.10.14-16.40.3` `ethereal-devel >= 0.10.14-16.40.3`	sle10-sp2-sdk.x86-64 sles10-sp2.ppc sled10-sp2.x86-64 sle10-sp2-sdk.s390x sles10-sp2.s390x sle10-sp2-sdk.ia64 sle10-sp2-sdk.ppc sled10-sp2.x86 sle10-sp2-sdk.x86 sles10-sp2.x86-64 sles10-sp2.x86 sles10-sp2.ia64 ZYPP Patch Nr: 6889
SUSE Linux Enterprise SDK 10 SP2	`ethereal-devel >= 0.10.14-16.40.3`	sle10-sp2-sdk.x86-64 sles10-sp2.ppc sled10-sp2.x86-64 sle10-sp2-sdk.s390x sles10-sp2.s390x sle10-sp2-sdk.ia64 sle10-sp2-sdk.ppc sled10-sp2.x86 sle10-sp2-sdk.x86 sles10-sp2.x86-64 sles10-sp2.x86 sles10-sp2.ia64 ZYPP Patch Nr: 6889

Products

Products By Category

Collaboration

Endpoint Management

File & Networking Services

Services & Support

Help Yourself

Let Us Help

Download

IT Consulting

Technical Training

Customer Center

Contribute

Partners

Partner With Novell

PartnerNet

Find a Partner

Developers

Communities

About Novell

How to Buy