Login
Newsletter
Werbung

Sicherheit: Denial of Service in Wireshark
Aktuelle Meldungen Distributionen
Name: Denial of Service in Wireshark
ID: MDVSA-2010:099
Distribution: Mandriva
Plattformen: Mandriva Corporate 4.0, Mandriva 2009.1, Mandriva Enterprise Server 5.0, Mandriva 2010.0
Datum: Di, 18. Mai 2010, 22:27
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1455
http://www.wireshark.org/security/wnpa-sec-2010-03.html
http://www.wireshark.org/security/wnpa-sec-2010-04.html
Applikationen: Wireshark

Originalnachricht

This is a multi-part message in MIME format...

------------=_1274209937-24326-8006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2010:099
http://www.mandriva.com/security/
_______________________________________________________________________

Package : wireshark
Date : May 18, 2010
Affected: 2009.1, 2010.0, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

This advisory updates wireshark to the latest version(s), fixing
several bugs and one security issue:

The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0
through 1.2.7 allows user-assisted remote attackers to cause a denial
of service (application crash) via a malformed packet trace file
(CVE-2010-1455).
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1455
http://www.wireshark.org/security/wnpa-sec-2010-03.html
http://www.wireshark.org/security/wnpa-sec-2010-04.html
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2009.1:
3427658b5fa7df10dfa9171fce88f274
2009.1/i586/dumpcap-1.0.13-0.1mdv2009.1.i586.rpm
95eaa9c7c7ac154903915192da011c30
2009.1/i586/libwireshark0-1.0.13-0.1mdv2009.1.i586.rpm
8ff6136b164403ef8723c79ba1c4fe9c
2009.1/i586/libwireshark-devel-1.0.13-0.1mdv2009.1.i586.rpm
a941891c51278956c8b09542fe38b316
2009.1/i586/rawshark-1.0.13-0.1mdv2009.1.i586.rpm
e7f5402a8b5ea82a517331662d052258
2009.1/i586/tshark-1.0.13-0.1mdv2009.1.i586.rpm
0766111a0a9343548634dabaa1d45532
2009.1/i586/wireshark-1.0.13-0.1mdv2009.1.i586.rpm
19a17a62a92d2c5b5333fd50b084b6af
2009.1/i586/wireshark-tools-1.0.13-0.1mdv2009.1.i586.rpm
8ab9c2e193eac4ae22d7d511a4090781
2009.1/SRPMS/wireshark-1.0.13-0.1mdv2009.1.src.rpm

Mandriva Linux 2009.1/X86_64:
8f7794755f7c0eedc2b28e8418856360
2009.1/x86_64/dumpcap-1.0.13-0.1mdv2009.1.x86_64.rpm
e97ce630c1d3574081498ceb43a212b0
2009.1/x86_64/lib64wireshark0-1.0.13-0.1mdv2009.1.x86_64.rpm
35cc38b16123a19a98a2861b6e6bae54
2009.1/x86_64/lib64wireshark-devel-1.0.13-0.1mdv2009.1.x86_64.rpm
fa900f436680fcab9743efb8f0d22f51
2009.1/x86_64/rawshark-1.0.13-0.1mdv2009.1.x86_64.rpm
47a14ff044d80421e45dedb1b7efd8fd
2009.1/x86_64/tshark-1.0.13-0.1mdv2009.1.x86_64.rpm
a1876af79319c30d2b8566c5952588eb
2009.1/x86_64/wireshark-1.0.13-0.1mdv2009.1.x86_64.rpm
c4f1f8b8379ce70809273245444e0274
2009.1/x86_64/wireshark-tools-1.0.13-0.1mdv2009.1.x86_64.rpm
8ab9c2e193eac4ae22d7d511a4090781
2009.1/SRPMS/wireshark-1.0.13-0.1mdv2009.1.src.rpm

Mandriva Linux 2010.0:
2c5b85c0cb3e8221d600ea1c940d64c4
2010.0/i586/dumpcap-1.2.8-0.1mdv2010.0.i586.rpm
a85db0c4912c68d69a6e413a6746f3f2
2010.0/i586/libwireshark0-1.2.8-0.1mdv2010.0.i586.rpm
0e9fbb983c87fad49130ae895d967f18
2010.0/i586/libwireshark-devel-1.2.8-0.1mdv2010.0.i586.rpm
8145924953fb4978e6aac7f7a3350ad4
2010.0/i586/rawshark-1.2.8-0.1mdv2010.0.i586.rpm
91b4fe8fbd482e9c23c20cb94419b095
2010.0/i586/tshark-1.2.8-0.1mdv2010.0.i586.rpm
e2d9d1a05bb335b46c30436cc96c451b
2010.0/i586/wireshark-1.2.8-0.1mdv2010.0.i586.rpm
76267d68aef9aaa1eb0980313caf870e
2010.0/i586/wireshark-tools-1.2.8-0.1mdv2010.0.i586.rpm
06020dae672ccfa508fb2178ebebc40d
2010.0/SRPMS/wireshark-1.2.8-0.1mdv2010.0.src.rpm

Mandriva Linux 2010.0/X86_64:
2586bb1431247188f3baa0defefaa56b
2010.0/x86_64/dumpcap-1.2.8-0.1mdv2010.0.x86_64.rpm
e90b861b4536d972a0aecd8872332ed6
2010.0/x86_64/lib64wireshark0-1.2.8-0.1mdv2010.0.x86_64.rpm
6659765951116ebf828767453770c894
2010.0/x86_64/lib64wireshark-devel-1.2.8-0.1mdv2010.0.x86_64.rpm
d4df009441f8298a31166051b856bbb6
2010.0/x86_64/rawshark-1.2.8-0.1mdv2010.0.x86_64.rpm
f6ca978a30455563574c7692c5761645
2010.0/x86_64/tshark-1.2.8-0.1mdv2010.0.x86_64.rpm
3f14e37aeba9563c97565450e3cff0c4
2010.0/x86_64/wireshark-1.2.8-0.1mdv2010.0.x86_64.rpm
ceb5d1d67c811a789f689b6c52c6b138
2010.0/x86_64/wireshark-tools-1.2.8-0.1mdv2010.0.x86_64.rpm
06020dae672ccfa508fb2178ebebc40d
2010.0/SRPMS/wireshark-1.2.8-0.1mdv2010.0.src.rpm

Corporate 4.0:
c4b2c595380a9ffecf99a9d5327d718d
corporate/4.0/i586/dumpcap-1.0.13-0.1.20060mlcs4.i586.rpm
684237a417550abfb5cd737e4251209a
corporate/4.0/i586/libwireshark0-1.0.13-0.1.20060mlcs4.i586.rpm
3bd58a1b9287347d442337893918134e
corporate/4.0/i586/libwireshark-devel-1.0.13-0.1.20060mlcs4.i586.rpm
3b74b6610f9f4cbfdde3a91ecb1ad968
corporate/4.0/i586/rawshark-1.0.13-0.1.20060mlcs4.i586.rpm
5d51ba1b7f02a343c75a12832ca35ad8
corporate/4.0/i586/tshark-1.0.13-0.1.20060mlcs4.i586.rpm
82526ef77e651cf0b7c02a81c7a700c0
corporate/4.0/i586/wireshark-1.0.13-0.1.20060mlcs4.i586.rpm
dc716e950488d94feed96787f67be9c9
corporate/4.0/i586/wireshark-tools-1.0.13-0.1.20060mlcs4.i586.rpm
b97b0f6aa0d8c5642ac07436141c855d
corporate/4.0/SRPMS/wireshark-1.0.13-0.1.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
2ec3496f75013772d6e9bdea6828c16f
corporate/4.0/x86_64/dumpcap-1.0.13-0.1.20060mlcs4.x86_64.rpm
c0865dc441a4ec7c400ac058412cb032
corporate/4.0/x86_64/lib64wireshark0-1.0.13-0.1.20060mlcs4.x86_64.rpm
ec3f166d445b74f6e46e0c4bac4e6c62
corporate/4.0/x86_64/lib64wireshark-devel-1.0.13-0.1.20060mlcs4.x86_64.rpm
9d7cf63bbdd653cae0c798c208add461
corporate/4.0/x86_64/rawshark-1.0.13-0.1.20060mlcs4.x86_64.rpm
8df217351b953556dbfee0ea8b5ddf50
corporate/4.0/x86_64/tshark-1.0.13-0.1.20060mlcs4.x86_64.rpm
d53580174b0a15136052fd5669791667
corporate/4.0/x86_64/wireshark-1.0.13-0.1.20060mlcs4.x86_64.rpm
24ab0d2d38836f963606cfd8f7aa6232
corporate/4.0/x86_64/wireshark-tools-1.0.13-0.1.20060mlcs4.x86_64.rpm
b97b0f6aa0d8c5642ac07436141c855d
corporate/4.0/SRPMS/wireshark-1.0.13-0.1.20060mlcs4.src.rpm

Mandriva Enterprise Server 5:
f865f10f62d8e5527f1f8524b9891c5e
mes5/i586/dumpcap-1.0.13-0.1mdvmes5.1.i586.rpm
7bde53dbbc605a62b83e48e5a0bbde53
mes5/i586/libwireshark0-1.0.13-0.1mdvmes5.1.i586.rpm
7ecca1bf236e03022150f93092dd3ef7
mes5/i586/libwireshark-devel-1.0.13-0.1mdvmes5.1.i586.rpm
32bbd3675662dea150f915e1ee77ae17
mes5/i586/rawshark-1.0.13-0.1mdvmes5.1.i586.rpm
c072835fc21b9b36a5eb7d0761d288c7
mes5/i586/tshark-1.0.13-0.1mdvmes5.1.i586.rpm
b5fca6f651f1b81f0df15b5c71d9cdfb
mes5/i586/wireshark-1.0.13-0.1mdvmes5.1.i586.rpm
d711e784319692510c6691594936d57e
mes5/i586/wireshark-tools-1.0.13-0.1mdvmes5.1.i586.rpm
355ce77e75e6cf4f2f86e0824aeb81a2
mes5/SRPMS/wireshark-1.0.13-0.1mdvmes5.1.src.rpm

Mandriva Enterprise Server 5/X86_64:
f997085cdfb83ec7b21a5096b3f7f655
mes5/x86_64/dumpcap-1.0.13-0.1mdvmes5.1.x86_64.rpm
586e93233e0596f188f3cf3400540db3
mes5/x86_64/lib64wireshark0-1.0.13-0.1mdvmes5.1.x86_64.rpm
101ac339faa3cb81e855eff790fc57b2
mes5/x86_64/lib64wireshark-devel-1.0.13-0.1mdvmes5.1.x86_64.rpm
a5bdef0bb8c7a95abc2a397acedf4c6b
mes5/x86_64/rawshark-1.0.13-0.1mdvmes5.1.x86_64.rpm
20e38292613f404a59e1d0c7a459a7dc
mes5/x86_64/tshark-1.0.13-0.1mdvmes5.1.x86_64.rpm
f60e210371f306a9d65032d0a9eebc74
mes5/x86_64/wireshark-1.0.13-0.1mdvmes5.1.x86_64.rpm
45a0c1e7597283105216f4a722d32854
mes5/x86_64/wireshark-tools-1.0.13-0.1mdvmes5.1.x86_64.rpm
355ce77e75e6cf4f2f86e0824aeb81a2
mes5/SRPMS/wireshark-1.0.13-0.1mdvmes5.1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFL8ratmqjQ0CJFipgRAh+GAJ9c5ildsVIRLxoBRyVh+7LWOc73VwCfZNL8
+N6HtVQiR7ONcm65k5tvU84=
=y6OA
-----END PGP SIGNATURE-----


------------=_1274209937-24326-8006
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1274209937-24326-8006--
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung