CVE-2009-1268 Information

Description

The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet.

Reference

http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html http://secunia.com/advisories/34778 http://secunia.com/advisories/34970 http://secunia.com/advisories/35133 http://secunia.com/advisories/35224 http://secunia.com/advisories/35416 http://secunia.com/advisories/35464 http://secunia.com/advisories/37477 http://wiki.rpath.com/Advisories:rPSA-2009-0062 http://www.debian.org/security/2009/dsa-1785 http://www.debian.org/security/2009/dsa-1942 http://www.mandriva.com/security/advisories?name=MDVSA-2009:088 http://www.redhat.com/support/errata/RHSA-2009-1100.html http://www.securityfocus.com/archive/1/502745/100/0/threaded http://www.securityfocus.com/bid/34457 http://www.securitytracker.com/id?1022027 http://www.wireshark.org/security/wnpa-sec-2009-02.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3269 https://exchange.xforce.ibmcloud.com/vulnerabilities/49815 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10876 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A5335 https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00675.html https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01167.html https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01213.html