SCIENTIFIC-LINUX-ERRATA Archives

March 2011

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Moderate: wireshark on SL6.x i386/x86_64
From:
Troy Dawson <[log in to unmask]>
Reply To:
Troy Dawson <[log in to unmask]>
Date:
Thu, 3 Mar 2011 16:28:58 -0600
Content-Type:
text/plain
Parts/Attachments:
text/plain (35 lines) 
Synopsis:	Moderate: wireshark security update

Issue date:	2010-11-30

CVE Names:	CVE-2010-3445 CVE-2010-4300



A heap-based buffer overflow flaw was found in the Wireshark Local 

Download Sharing Service (LDSS) dissector. If Wireshark read a malformed 

packet off a network or opened a malicious dump file, it could crash or, 

possibly, execute arbitrary code as the user running Wireshark. 

(CVE-2010-4300)



A denial of service flaw was found in Wireshark. Wireshark could crash 

or stop responding if it read a malformed packet off a network, or 

opened a malicious dump file. (CVE-2010-3445)



All running instances of Wireshark must be restarted for the update to 

take effect.



SL 6.x



      SRPMS:

wireshark-1.2.13-1.el6_0.1.src.rpm

      i386:

wireshark-1.2.13-1.el6_0.1.i686.rpm

wireshark-devel-1.2.13-1.el6_0.1.i686.rpm

wireshark-gnome-1.2.13-1.el6_0.1.i686.rpm

      x86_64:

wireshark-1.2.13-1.el6_0.1.i686.rpm

wireshark-1.2.13-1.el6_0.1.x86_64.rpm

wireshark-devel-1.2.13-1.el6_0.1.i686.rpm

wireshark-devel-1.2.13-1.el6_0.1.x86_64.rpm

wireshark-gnome-1.2.13-1.el6_0.1.x86_64.rpm



-Connie Sieh

-Troy Dawson

ATOM RSS1 RSS2