[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE assignments for Wireshark
From:       Josh Bressers <bressers () redhat ! com>
Date:       2011-01-31 14:32:53
Message-ID: 1428885404.213777.1296484373924.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]

----- Original Message -----
> On 01/13/2011 04:21 AM, Steven M. Christey wrote:
> >
> > CVE-2011-0444 - MAC-LTE
> >
> > CVE-2011-0445 - ASN.1 BER
> 
> Looking at the following wireshark bug and the relevant commits:
> 
> https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5530
> 
> http://anonsvn.wireshark.org/viewvc?view=rev&revision=35292
> http://anonsvn.wireshark.org/viewvc?view=rev&revision=35298
> 
> It seems that there are two issues here, buffer overflow in MAC-LTE
> dissector as well as buffer overflow in SNMP engineID preferences.
> 
> This issue was however assigned only one CVE i.e. CVE-2011-0444.
> Do you think two CVEs (for each individual issues), should be assigned
> in this case?
> 

Hi Steve,

Can MITRE handle this one?

Thanks.

-- 
    JB
[prev in list] [next in list] [prev in thread] [next in thread]