Synopsis: Moderate: wireshark security update Issue date: 2011-03-21 CVE Names: CVE-2010-3445 CVE-2011-0024 CVE-2011-0538 CVE-2011-1139 CVE-2011-1140 CVE-2011-1141 CVE-2011-1143 A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2011-0024) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2010-3445, CVE-2011-0538, CVE-2011-1139, CVE-2011-1140, CVE-2011-1141, CVE-2011-1143) All running instances of Wireshark must be restarted for the update to take effect. SL 4.x SRPMS: wireshark-1.0.15-2.el4.src.rpm i386: wireshark-1.0.15-2.el4.i386.rpm wireshark-gnome-1.0.15-2.el4.i386.rpm x86_64: wireshark-1.0.15-2.el4.x86_64.rpm wireshark-gnome-1.0.15-2.el4.x86_64.rpm SL 5.x SRPMS: wireshark-1.0.15-1.el5_6.4.src.rpm i386: wireshark-1.0.15-1.el5_6.4.i386.rpm wireshark-gnome-1.0.15-1.el5_6.4.i386.rpm x86_64: wireshark-1.0.15-1.el5_6.4.x86_64.rpm wireshark-gnome-1.0.15-1.el5_6.4.x86_64.rpm -Connie Sieh -Troy Dawson