Synopsis: Moderate: wireshark security update Advisory ID: SLSA-2014:0341-1 Issue Date: 2014-03-31 CVE Numbers: CVE-2012-5600 CVE-2012-6062 CVE-2012-5599 CVE-2012-6061 CVE-2012-5598 CVE-2012-6060 CVE-2012-5595 CVE-2012-6056 CVE-2013-3559 CVE-2013-3557 CVE-2013-4081 CVE-2013-4083 CVE-2013-4927 CVE-2013-4931 CVE-2013-4932 CVE-2013-4933 CVE-2013-4934 CVE-2013-4935 CVE-2013-5721 CVE-2013-7112 CVE-2014-2299 CVE-2014-2281 -- Multiple flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2013-3559, CVE-2013-4083, CVE-2014-2281, CVE-2014-2299) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2012-5595, CVE-2012-5598, CVE-2012-5599, CVE-2012-5600, CVE-2012-6056, CVE-2012-6060, CVE-2012-6061, CVE-2012-6062, CVE-2013-3557, CVE-2013-4081, CVE-2013-4927, CVE-2013-4931, CVE-2013-4932, CVE-2013-4933, CVE-2013-4934, CVE-2013-4935, CVE-2013-5721, CVE-2013-7112) All running instances of Wireshark must be restarted for the update to take effect. -- SL5 x86_64 wireshark-1.0.15-6.el5_10.x86_64.rpm wireshark-debuginfo-1.0.15-6.el5_10.x86_64.rpm wireshark-gnome-1.0.15-6.el5_10.x86_64.rpm i386 wireshark-1.0.15-6.el5_10.i386.rpm wireshark-debuginfo-1.0.15-6.el5_10.i386.rpm wireshark-gnome-1.0.15-6.el5_10.i386.rpm - Scientific Linux Development Team