LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

SCIENTIFIC-LINUX-ERRATA Archives

November 2007

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-ERRATA Home
	SCIENTIFIC-LINUX-ERRATA November 2007

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Security ERRATA for wireshark on SL4.x i386/x86_64
From:	Troy Dawson <[log in to unmask]>
Reply To:	Troy Dawson <[log in to unmask]>
Date:	Thu, 15 Nov 2007 14:11:27 -0600
Content-Type:	text/plain
Parts/Attachments:	text/plain (29 lines)

Synopsis:	Low: wireshark security and bug fix update
Issue date:	2007-11-15
CVE Names:	CVE-2007-3389 CVE-2007-3390 CVE-2007-3391
                 CVE-2007-3392 CVE-2007-3393

Several denial of service bugs were found in Wireshark's HTTP, iSeries, DCP
ETSI, SSL, MMS, DHCP and BOOTP protocol dissectors. It was possible for
Wireshark to crash or stop responding if it read a malformed packet off the
network. (CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392,
CVE-2007-3393)

Wireshark would interpret certain completion codes incorrectly when
dissecting IPMI traffic. Additionally, IPMI 2.0 packets would be reported
as malformed IPMI traffic.

SL 4.x

   SRPMS:
wireshark-0.99.6-EL4.1.src.rpm
   i386:
wireshark-0.99.6-EL4.1.i386.rpm
wireshark-gnome-0.99.6-EL4.1.i386.rpm
   x86_64:
wireshark-0.99.6-EL4.1.x86_64.rpm
wireshark-gnome-0.99.6-EL4.1.x86_64.rpm

-Connie Sieh
-Troy Dawson

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV