Subject: | |
From: | |
Reply To: | |
Date: | Tue, 11 Jan 2011 15:54:30 -0600 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Synopsis: Moderate: wireshark security update
Issue date: 2011-01-10
CVE Names: CVE-2010-4538
An array index error, leading to a stack-based buffer overflow, was
found in the Wireshark ENTTEC dissector. If Wireshark read a malformed
packet off a network or opened a malicious dump file, it could crash or,
possibly, execute arbitrary code as the user running Wireshark.
(CVE-2010-4538)
All running instances of Wireshark must be restarted for the update to
take effect.
SL 4.x
SRPMS:
wireshark-1.0.15-1.el4_8.3.src.rpm
i386:
wireshark-1.0.15-1.el4_8.3.i386.rpm
wireshark-gnome-1.0.15-1.el4_8.3.i386.rpm
x86_64:
wireshark-1.0.15-1.el4_8.3.x86_64.rpm
wireshark-gnome-1.0.15-1.el4_8.3.x86_64.rpm
SL 5.x
SRPMS:
wireshark-1.0.15-1.el5_5.3.src.rpm
i386:
wireshark-1.0.15-1.el5_5.3.i386.rpm
wireshark-gnome-1.0.15-1.el5_5.3.i386.rpm
x86_64:
wireshark-1.0.15-1.el5_5.3.x86_64.rpm
wireshark-gnome-1.0.15-1.el5_5.3.x86_64.rpm
-Connie Sieh
-Troy Dawson
|
|
|