Subject: | |
From: | |
Reply To: | |
Date: | Thu, 15 Nov 2007 14:11:27 -0600 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Synopsis: Low: wireshark security and bug fix update
Issue date: 2007-11-15
CVE Names: CVE-2007-3389 CVE-2007-3390 CVE-2007-3391
CVE-2007-3392 CVE-2007-3393
Several denial of service bugs were found in Wireshark's HTTP, iSeries, DCP
ETSI, SSL, MMS, DHCP and BOOTP protocol dissectors. It was possible for
Wireshark to crash or stop responding if it read a malformed packet off the
network. (CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392,
CVE-2007-3393)
Wireshark would interpret certain completion codes incorrectly when
dissecting IPMI traffic. Additionally, IPMI 2.0 packets would be reported
as malformed IPMI traffic.
SL 4.x
SRPMS:
wireshark-0.99.6-EL4.1.src.rpm
i386:
wireshark-0.99.6-EL4.1.i386.rpm
wireshark-gnome-0.99.6-EL4.1.i386.rpm
x86_64:
wireshark-0.99.6-EL4.1.x86_64.rpm
wireshark-gnome-0.99.6-EL4.1.x86_64.rpm
-Connie Sieh
-Troy Dawson
|
|
|