SCIENTIFIC-LINUX-ERRATA Archives

March 2011

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Moderate: wireshark on SL4.x, SL5.x i386/x86_64
From:
Troy Dawson <[log in to unmask]>
Reply To:
Troy Dawson <[log in to unmask]>
Date:
Tue, 22 Mar 2011 14:24:36 -0500
Content-Type:
text/plain
Parts/Attachments:
text/plain (43 lines) 
Synopsis:	Moderate: wireshark security update
Issue date:	2011-03-21
CVE Names:	CVE-2010-3445 CVE-2011-0024 CVE-2011-0538
                   CVE-2011-1139 CVE-2011-1140 CVE-2011-1141
                   CVE-2011-1143

A heap-based buffer overflow flaw was found in Wireshark. If Wireshark
opened a specially-crafted capture file, it could crash or, possibly,
execute arbitrary code as the user running Wireshark. (CVE-2011-0024)

Several denial of service flaws were found in Wireshark. Wireshark could
crash or stop responding if it read a malformed packet off a network, or
opened a malicious dump file. (CVE-2010-3445, CVE-2011-0538, 
CVE-2011-1139, CVE-2011-1140, CVE-2011-1141, CVE-2011-1143)

All running instances of Wireshark must be restarted for the update to 
take effect.

SL 4.x

      SRPMS:
wireshark-1.0.15-2.el4.src.rpm
      i386:
wireshark-1.0.15-2.el4.i386.rpm
wireshark-gnome-1.0.15-2.el4.i386.rpm
      x86_64:
wireshark-1.0.15-2.el4.x86_64.rpm
wireshark-gnome-1.0.15-2.el4.x86_64.rpm

SL 5.x

      SRPMS:
wireshark-1.0.15-1.el5_6.4.src.rpm
      i386:
wireshark-1.0.15-1.el5_6.4.i386.rpm
wireshark-gnome-1.0.15-1.el5_6.4.i386.rpm
      x86_64:
wireshark-1.0.15-1.el5_6.4.x86_64.rpm
wireshark-gnome-1.0.15-1.el5_6.4.x86_64.rpm

-Connie Sieh
-Troy Dawson

ATOM RSS1 RSS2