Wireshark-bugs: [Wireshark-bugs] [Bug 3521] New: Wireshark has a vulnerability in a Kerberos lin

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Tue, 9 Jun 2009 12:58:21 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3521

           Summary: Wireshark has a vulnerability in a Kerberos link
                    library.
           Product: Wireshark
           Version: unspecified
          Platform: x86
        OS/Version: Windows XP
            Status: NEW
          Severity: Enhancement
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: webbjd@xxxxxxxxxxxx


Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
--
I am in an IT position on Eglin Air Force Base. I do Information Assurance in
our test labs. We use Gold Disk. It currently finds a Category I vulnerability
in Wireshark in the version  of krb5_32.dll (version 1.3.1.0). Could the newer
version of the library from Kerberos be used in an upcoming release of
Wireshark? The vulnerability is still there in Wireshark 1.0.8. The latest
kerberos for windows contains the krb5_32.dll library at version 1.6.3.16.
Thanks...Jim Webb


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.