Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in Wireshark
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Wireshark
ID: USN-3986-1
Distribution: Ubuntu
Plattformen: Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 18.10
Datum: Do, 16. Mai 2019, 20:39
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10899
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10903
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10895
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10896
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9214
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9208
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10901
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10894
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9209
Applikationen: Wireshark

Originalnachricht

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============8535825906948369578==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="WkemENx4WEVTpxfE9Lqik9pKyRWUwm29z"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--WkemENx4WEVTpxfE9Lqik9pKyRWUwm29z
Content-Type: multipart/mixed;
boundary="4PnTOB9rPHUg1Al6J2trt1ZvuJ6VT9s5b";
protected-headers="v1"
From: Mike Salvatore <mike.salvatore@canonical.com>
Reply-To: security <security@ubuntu.com>
To: ubuntu-security-announce@lists.ubuntu.com
Message-ID: <096fdab9-4b36-3028-e192-5bc2f998f5b2@canonical.com>
Subject: [USN-3986-1] Wireshark vulnerabilities
References: <20190516153019.6E31726C25B4@lillypilly.canonical.com>
In-Reply-To: <20190516153019.6E31726C25B4@lillypilly.canonical.com>

--4PnTOB9rPHUg1Al6J2trt1ZvuJ6VT9s5b
Content-Type: text/plain; charset=utf-8
Content-Language: en-U
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-3986-1
May 16, 2019

Wireshark vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.10
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS

Summary:

Wireshark could be made to crash if it received specially crafted network
traffic or input files.

Software Description:
- wireshark: network traffic analyzer

Details:

It was discovered that Wireshark improperly handled certain input. A remote or
local attacker could cause Wireshark to crash by injecting malformed packets
onto the wire or convincing someone to read a malformed packet trace file.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.10:
libwireshark-data 2.6.8-1~ubuntu18.10.0
libwireshark11 2.6.8-1~ubuntu18.10.0
libwiretap8 2.6.8-1~ubuntu18.10.0
libwscodecs2 2.6.8-1~ubuntu18.10.0
libwsutil9 2.6.8-1~ubuntu18.10.0
tshark 2.6.8-1~ubuntu18.10.0
wireshark 2.6.8-1~ubuntu18.10.0
wireshark-common 2.6.8-1~ubuntu18.10.0
wireshark-gtk 2.6.8-1~ubuntu18.10.0
wireshark-qt 2.6.8-1~ubuntu18.10.0

Ubuntu 18.04 LTS:
libwireshark-data 2.6.8-1~ubuntu18.04.0
libwireshark11 2.6.8-1~ubuntu18.04.0
libwiretap8 2.6.8-1~ubuntu18.04.0
libwscodecs2 2.6.8-1~ubuntu18.04.0
libwsutil9 2.6.8-1~ubuntu18.04.0
tshark 2.6.8-1~ubuntu18.04.0
wireshark 2.6.8-1~ubuntu18.04.0
wireshark-common 2.6.8-1~ubuntu18.04.0
wireshark-gtk 2.6.8-1~ubuntu18.04.0
wireshark-qt 2.6.8-1~ubuntu18.04.0

Ubuntu 16.04 LTS:
libwireshark-data 2.6.8-1~ubuntu16.04.0
libwireshark11 2.6.8-1~ubuntu16.04.0
libwiretap8 2.6.8-1~ubuntu16.04.0
libwscodecs2 2.6.8-1~ubuntu16.04.0
libwsutil9 2.6.8-1~ubuntu16.04.0
tshark 2.6.8-1~ubuntu16.04.0
wireshark 2.6.8-1~ubuntu16.04.0
wireshark-common 2.6.8-1~ubuntu16.04.0
wireshark-gtk 2.6.8-1~ubuntu16.04.0
wireshark-qt 2.6.8-1~ubuntu16.04.0

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/usn/usn-3986-1
CVE-2019-10894, CVE-2019-10895, CVE-2019-10896, CVE-2019-10899,
CVE-2019-10901, CVE-2019-10903, CVE-2019-9208, CVE-2019-9209,
CVE-2019-9214

Package Information:
https://launchpad.net/ubuntu/+source/wireshark/2.6.8-1~ubuntu18.10.0
https://launchpad.net/ubuntu/+source/wireshark/2.6.8-1~ubuntu18.04.0
https://launchpad.net/ubuntu/+source/wireshark/2.6.8-1~ubuntu16.04.0


--4PnTOB9rPHUg1Al6J2trt1ZvuJ6VT9s5b--

--WkemENx4WEVTpxfE9Lqik9pKyRWUwm29z
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEwZbe96kJeWh2OITRdyg1Qz0oXX0FAlzdhj0ACgkQdyg1Qz0o
XX0yWhAAjxTh91UHY368MjKMCFteXJRanP5lL5arLO+bFobfEEpbklaUh2WdcsO0
uLzl9gFol+r6WkMO2WkQTj7+mcTz20iVxBE/T4CQInfaOCg+THPO9zDHDCPt2FN2
dr2eKxDyA3yeuzClrrpM2A79eN0BnP5/URaAF+8DjRB3WE+P5oON06GaFNdsH2/j
SFkJryMEXz7gsB4Sp8YNKbLj3dVxuHH8xuxgnBIZ6ZGPoKTqY7pO2iniMPr+AC47
+KDHGyJT+G5rFUAXTiE95cK04+IxU78dVrz2C6G/9B51h4iYj7iT0p1kWqeRcIZl
USJyVAFY0Vllfs7Fagn1siVfylWSmkoLCmZOCc2ezDLijbkHV8GmANwU8d75L9OW
9YpEd3AnMaLEnwmoxYwaY4m+4N9IAMJtSqCr/L1UibQ1B3PwZm9TD1tgW1jqEGny
3/gDdyOjRqYpShLtsBqj3FGZPnRFCpeDIuHrefp7axWMmfbs2KSGG6JLlQq9Fxq8
Hmp9o0Z38bc+qxGuRKKarHWCrbZWvubgH/01rrl7s2SKsHXg77bckuapnoluRvpZ
KKXRCkxyTFS3/AxzxzTDeugqCu04aLiJ3dG/ZagaD0qVLBz2xuU4C6Sx+CGGYJGK
3heP/BRSNB+R8iX1rpEEYzFqiLCd/5DHC+K5AJUAAWL+0yHa6xc=
=Isoj
-----END PGP SIGNATURE-----

--WkemENx4WEVTpxfE9Lqik9pKyRWUwm29z--


--===============8535825906948369578==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5
LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl
IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj
dXJpdHktYW5ub3VuY2UK

--===============8535825906948369578==--
Pro-Linux
Unterstützer werden
Neue Nachrichten
Werbung