Login
Newsletter
Werbung

Sicherheit: Denial of Service in wireshark
Aktuelle Meldungen Distributionen
Name: Denial of Service in wireshark
ID: MDVSA-2009:292
Distribution: Mandriva
Plattformen: Mandriva Corporate 4.0, Mandriva 2009.1, Mandriva Enterprise Server 5.0
Datum: Di, 3. November 2009, 17:18
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3550
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3829
Applikationen: Wireshark

Originalnachricht

This is a multi-part message in MIME format...

------------=_1257265111-13155-3663


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2009:292
http://www.mandriva.com/security/
_______________________________________________________________________

Package : wireshark
Date : November 3, 2009
Affected: 2009.1, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

Vulnerabilities have been discovered and corrected in wireshark,
affecting DCERPC/NT dissector, which allows remote attackers to cause
a denial of service (NULL pointer dereference and application crash)
via a file that records a malformed packet trace (CVE-2009-3550); and
in wiretap/erf.c which allows remote attackers to execute arbitrary
code or cause a denial of service (application crash) via a crafted
erf file (CVE-2009-3829).

The wireshark package has been updated to fix these vulnerabilities.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3550
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3829
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2009.1:
9776a5ff48251ff4014a284803f8eedb
2009.1/i586/dumpcap-1.0.10-0.1mdv2009.1.i586.rpm
5763243f9b6de3e0eb998683eb157e37
2009.1/i586/libwireshark0-1.0.10-0.1mdv2009.1.i586.rpm
615c1f912fcae0f63c14046c7292305e
2009.1/i586/libwireshark-devel-1.0.10-0.1mdv2009.1.i586.rpm
fc8c67f248b0039c0006220456f7d0dc
2009.1/i586/rawshark-1.0.10-0.1mdv2009.1.i586.rpm
be03c1c1e06412b5603dc65f1632b18a
2009.1/i586/tshark-1.0.10-0.1mdv2009.1.i586.rpm
4da9966e690a238eecbe215bfce9fe8a
2009.1/i586/wireshark-1.0.10-0.1mdv2009.1.i586.rpm
5ce93f8c9af2127d3255a87c0ea8503b
2009.1/i586/wireshark-tools-1.0.10-0.1mdv2009.1.i586.rpm
d705f70a10051311f0ccfc14e5a587af
2009.1/SRPMS/wireshark-1.0.10-0.1mdv2009.1.src.rpm

Mandriva Linux 2009.1/X86_64:
ab53926e26b33237cd48aedacd0f6260
2009.1/x86_64/dumpcap-1.0.10-0.1mdv2009.1.x86_64.rpm
4d167d0401af7c55904fd0e4bf4d5a09
2009.1/x86_64/lib64wireshark0-1.0.10-0.1mdv2009.1.x86_64.rpm
38c8c81a64a488965f397ac55aca4f0d
2009.1/x86_64/lib64wireshark-devel-1.0.10-0.1mdv2009.1.x86_64.rpm
0dd651556a433aae58a1d3311dbeacf4
2009.1/x86_64/rawshark-1.0.10-0.1mdv2009.1.x86_64.rpm
4e3b3d843fc38637fb5fcb505516a444
2009.1/x86_64/tshark-1.0.10-0.1mdv2009.1.x86_64.rpm
f5d7864ae57e97d98abfd1d0da2c601b
2009.1/x86_64/wireshark-1.0.10-0.1mdv2009.1.x86_64.rpm
e241a5747541de4b35cb884a3a2a2e09
2009.1/x86_64/wireshark-tools-1.0.10-0.1mdv2009.1.x86_64.rpm
d705f70a10051311f0ccfc14e5a587af
2009.1/SRPMS/wireshark-1.0.10-0.1mdv2009.1.src.rpm

Corporate 4.0:
00f7f312ecb50337a61e8aa226351f0f
corporate/4.0/i586/dumpcap-1.0.10-0.1.20060mlcs4.i586.rpm
397831075a172aa09914b851978764c0
corporate/4.0/i586/libwireshark0-1.0.10-0.1.20060mlcs4.i586.rpm
38c43d3e4c53be9afdf63e25f81022cd
corporate/4.0/i586/libwireshark-devel-1.0.10-0.1.20060mlcs4.i586.rpm
7fb8b1da94b58a405fc248c91a46710a
corporate/4.0/i586/rawshark-1.0.10-0.1.20060mlcs4.i586.rpm
275f67bd5a9c81d2fa681802b17ff148
corporate/4.0/i586/tshark-1.0.10-0.1.20060mlcs4.i586.rpm
6512854ec097ba7abd54f8fa216f6e47
corporate/4.0/i586/wireshark-1.0.10-0.1.20060mlcs4.i586.rpm
0de613b7620d731af50e2f952311e0d4
corporate/4.0/i586/wireshark-tools-1.0.10-0.1.20060mlcs4.i586.rpm
29284ce6df7107031ab98a27eca0a1c5
corporate/4.0/SRPMS/wireshark-1.0.10-0.1.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
22ef3658492b8bf0222b00a213b33ddb
corporate/4.0/x86_64/dumpcap-1.0.10-0.1.20060mlcs4.x86_64.rpm
c907ebb1ffd142898a65e4df8c4b98ae
corporate/4.0/x86_64/lib64wireshark0-1.0.10-0.1.20060mlcs4.x86_64.rpm
a61af49a91c9313aa48911240f11b878
corporate/4.0/x86_64/lib64wireshark-devel-1.0.10-0.1.20060mlcs4.x86_64.rpm
c7c476849dd061df9caa056ee435486c
corporate/4.0/x86_64/rawshark-1.0.10-0.1.20060mlcs4.x86_64.rpm
06ea86736d32c321e0f6db14c71eec31
corporate/4.0/x86_64/tshark-1.0.10-0.1.20060mlcs4.x86_64.rpm
1a866f965de14960eec591b4ef91fdb3
corporate/4.0/x86_64/wireshark-1.0.10-0.1.20060mlcs4.x86_64.rpm
619b8cd611129692d4b6948121311336
corporate/4.0/x86_64/wireshark-tools-1.0.10-0.1.20060mlcs4.x86_64.rpm
29284ce6df7107031ab98a27eca0a1c5
corporate/4.0/SRPMS/wireshark-1.0.10-0.1.20060mlcs4.src.rpm

Mandriva Enterprise Server 5:
acb7f0ef708faabc4f8a0107413581ba mes5/i586/dumpcap-1.0.10-0.1mdvmes5.i586.rpm
89771916a201d1877a4e6b3979c9382a
mes5/i586/libwireshark0-1.0.10-0.1mdvmes5.i586.rpm
441055d1c582709fe952c66b0cf0bb3e
mes5/i586/libwireshark-devel-1.0.10-0.1mdvmes5.i586.rpm
8fcc2774a57fe38b3d93ca2be71d485a
mes5/i586/rawshark-1.0.10-0.1mdvmes5.i586.rpm
c2c3e70bffbb284c180d38e59ed78647 mes5/i586/tshark-1.0.10-0.1mdvmes5.i586.rpm
a27530dc435f220afad5a0fa66477210
mes5/i586/wireshark-1.0.10-0.1mdvmes5.i586.rpm
3f9f26f368c18086672e723566960fd1
mes5/i586/wireshark-tools-1.0.10-0.1mdvmes5.i586.rpm
8161692312392406d4105dc57fc5e2b6
mes5/SRPMS/wireshark-1.0.10-0.1mdvmes5.src.rpm

Mandriva Enterprise Server 5/X86_64:
98dfad4d56c40915a2d2b5dd35f21962
mes5/x86_64/dumpcap-1.0.10-0.1mdvmes5.x86_64.rpm
337bda567ca9396d3efdcf80d2b816fb
mes5/x86_64/lib64wireshark0-1.0.10-0.1mdvmes5.x86_64.rpm
f46f021b8985694bef66063606f7b6f1
mes5/x86_64/lib64wireshark-devel-1.0.10-0.1mdvmes5.x86_64.rpm
4858f505a59f1fc0f6cf328dc7079c37
mes5/x86_64/rawshark-1.0.10-0.1mdvmes5.x86_64.rpm
b78c0346f33b1a5d365be74b7b7613c6
mes5/x86_64/tshark-1.0.10-0.1mdvmes5.x86_64.rpm
7e0257e5e30b86c2adc8963d750971d6
mes5/x86_64/wireshark-1.0.10-0.1mdvmes5.x86_64.rpm
ee4107ff89ccf88aed9228869bfc2080
mes5/x86_64/wireshark-tools-1.0.10-0.1mdvmes5.x86_64.rpm
8161692312392406d4105dc57fc5e2b6
mes5/SRPMS/wireshark-1.0.10-0.1mdvmes5.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFK8CuPmqjQ0CJFipgRAnN+AKDESHVSyHgy7SSTB2ZVKHujv2P9UwCg4kds
eiZOd30/d1ivSc14kx6fQmE=
=2LhR
-----END PGP SIGNATURE-----


------------=_1257265111-13155-3663
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1257265111-13155-3663--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung