Wireshark-dev: [Wireshark-dev] 1.8.9 and 1.8.10: some CVE(s) stated as fixed still has problems
From: "Chun Yan Liu" <cyliu@xxxxxxxx>
Date: Mon, 16 Sep 2013 02:20:11 -0600
Hi, List,

While update 1.8.8 to 1.8.9 on SUSE, we found some CVE(s) specified 'fixed' in release note, still has problems in new version.
Now update to 1.8.10, those problems still exist. Could anyone familiar with this bugs check it?

wireshark is crashing for HTTP dissector when 'Decode As...' HTTP is use
CVE-2013-4081
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8733 
1. # wireshark ocsp.cap
2. select packet no 7 and right click -> 'Decode As...' in Transport list choose
'HTTP' and 'Apply' --> wireshark crashes 
3. Segmentation fault

wireshark - GSM_CBCH dissector - gtk_text_buffer_insert_with_tags
CVE-2013-4079
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8730
1 open wireshark and load the file
2 right click on any packet and choose 'Follow UDP stream'
3 observe the message: 
Gtk-CRITICAL **: gtk_text_buffer_insert_with_tags: assertion `text != NULL'
failed


The Netmon file parser could crash
CVE-2013-4933 CVE-2013-4934 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8742 
1. start wireshark and open netmon.pcap file
(can directly run #wireshark netmon.pcap)
On s390 architecture it is reproducible 100%
However it can crash on the other architectures as well, but it is reproducible
30% or less - just warning is displayed all the time (usually it has crashed
when I had another file already opened within wireshark and after time I have
tried to open netmon).
GLib-ERROR **: gmem.c:136: failed to allocate 1392509008 bytes
aborting...
Aborted

GSM RR - crashing while using 'SCTP' - 'Analyse this association' functionality 
CVE-2013-4931:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8923 
1. open the file
 2. it is crashing when this action is performed:
- right click on any packet and use SCTP -> Analyze this association

Regards,
Chunyan