Mandriva Linux Security Advisory 2011-105 - This advisory updates wireshark to the latest version. A large/infinite loop exists in the DICOM dissector. Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted Diameter dictionary file could crash Wireshark. Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted snoop file could crash Wireshark. David Maciejak of Fortinet's FortiGuard Labs discovered that malformed compressed capture data could crash Wireshark. Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted Visual Networks file could crash Wireshark.
2f38c38e6d308c7c93fb99b72c981e9702b7cee1649aa9258e4d92c6c5b9ac01-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2011:105
http://www.mandriva.com/security/
_______________________________________________________________________
Package : wireshark
Date : June 1, 2011
Affected: 2010.1, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
This advisory updates wireshark to the latest version (1.2.17),
fixing several security issues:
* Large/infinite loop in the DICOM dissector. (Bug 5876) Versions
affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
* Huzaifa Sidhpurwala of the Red Hat Security Response Team
discovered that a corrupted Diameter dictionary file could crash
Wireshark. Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
* Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
that a corrupted snoop file could crash Wireshark. (Bug 5912) Versions
affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
* David Maciejak of Fortinet's FortiGuard Labs discovered that
malformed compressed capture data could crash Wireshark. (Bug 5908)
Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
* Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
that a corrupted Visual Networks file could crash Wireshark. (Bug 5934)
Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
_______________________________________________________________________
References:
http://www.wireshark.org/security/wnpa-sec-2011-07.html
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2010.1:
bf11862659afce8761a4d58ee546d1b9 2010.1/i586/dumpcap-1.2.17-0.1mdv2010.2.i586.rpm
0da0281f3c736de4929a053d5d92d1a7 2010.1/i586/libwireshark0-1.2.17-0.1mdv2010.2.i586.rpm
b6e97b06fd0ac0e7384d6aab97e5cc50 2010.1/i586/libwireshark-devel-1.2.17-0.1mdv2010.2.i586.rpm
5cd0f0029fb4431c51ed8cd9207075ee 2010.1/i586/rawshark-1.2.17-0.1mdv2010.2.i586.rpm
43b1ee7fec3df0d6063d2f2e875a3ba1 2010.1/i586/tshark-1.2.17-0.1mdv2010.2.i586.rpm
fa313ad7a730edd4440c7a5d61cb3aa3 2010.1/i586/wireshark-1.2.17-0.1mdv2010.2.i586.rpm
a61c1457627b7371c3c7693dce1ebb6d 2010.1/i586/wireshark-tools-1.2.17-0.1mdv2010.2.i586.rpm
0dd2c106f7747527cab50ccb820e3005 2010.1/SRPMS/wireshark-1.2.17-0.1mdv2010.2.src.rpm
Mandriva Linux 2010.1/X86_64:
125bf4d3c37ff2fd06ca3116d1a06448 2010.1/x86_64/dumpcap-1.2.17-0.1mdv2010.2.x86_64.rpm
2e80800ec2d5a221bcc6a1beffa99605 2010.1/x86_64/lib64wireshark0-1.2.17-0.1mdv2010.2.x86_64.rpm
d05b01efa7eceb47c4dc9655a4108790 2010.1/x86_64/lib64wireshark-devel-1.2.17-0.1mdv2010.2.x86_64.rpm
13ff82aeeed568b1e58884b965d4dd2b 2010.1/x86_64/rawshark-1.2.17-0.1mdv2010.2.x86_64.rpm
fbbbcbcdfd4f98893c6a49f03d9990f7 2010.1/x86_64/tshark-1.2.17-0.1mdv2010.2.x86_64.rpm
d5e412a56fbbb8d8d456ab06408587a7 2010.1/x86_64/wireshark-1.2.17-0.1mdv2010.2.x86_64.rpm
adf06e2c47c991886b674a9b300c83c6 2010.1/x86_64/wireshark-tools-1.2.17-0.1mdv2010.2.x86_64.rpm
0dd2c106f7747527cab50ccb820e3005 2010.1/SRPMS/wireshark-1.2.17-0.1mdv2010.2.src.rpm
Corporate 4.0:
642f57dfe04fbe995e2dc3764305ac48 corporate/4.0/i586/dumpcap-1.2.17-0.1.20060mlcs4.i586.rpm
6a32aebf65252655762e4b276765435e corporate/4.0/i586/libwireshark0-1.2.17-0.1.20060mlcs4.i586.rpm
d3170e8152da4c8911e4a997f68434e6 corporate/4.0/i586/libwireshark-devel-1.2.17-0.1.20060mlcs4.i586.rpm
a352fd66d6778a139e6ba01723fed2fd corporate/4.0/i586/rawshark-1.2.17-0.1.20060mlcs4.i586.rpm
db3c0befa16510f4cb4ecb1420a6d261 corporate/4.0/i586/tshark-1.2.17-0.1.20060mlcs4.i586.rpm
c558f334fa91cef5b92c8de899a138f0 corporate/4.0/i586/wireshark-1.2.17-0.1.20060mlcs4.i586.rpm
60f329a78d00c9c22cbb3b1bf7464ba4 corporate/4.0/i586/wireshark-tools-1.2.17-0.1.20060mlcs4.i586.rpm
45b07dac18687757472e952371f0c7a5 corporate/4.0/SRPMS/wireshark-1.2.17-0.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
b6c85c2f78b59e35e0a07d040fe9ab2e corporate/4.0/x86_64/dumpcap-1.2.17-0.1.20060mlcs4.x86_64.rpm
f7947f2f688a2989edee5202ed7edb4c corporate/4.0/x86_64/lib64wireshark0-1.2.17-0.1.20060mlcs4.x86_64.rpm
1d3938c349d356b719b1461340744a07 corporate/4.0/x86_64/lib64wireshark-devel-1.2.17-0.1.20060mlcs4.x86_64.rpm
615e1104bb0cc89494cd018802c8db99 corporate/4.0/x86_64/rawshark-1.2.17-0.1.20060mlcs4.x86_64.rpm
759e77482159d94b723f2e3cdcad3987 corporate/4.0/x86_64/tshark-1.2.17-0.1.20060mlcs4.x86_64.rpm
20bc7d7883ec6ad04661540aac91750b corporate/4.0/x86_64/wireshark-1.2.17-0.1.20060mlcs4.x86_64.rpm
7552340c66ecaf4ca3c343efd2687844 corporate/4.0/x86_64/wireshark-tools-1.2.17-0.1.20060mlcs4.x86_64.rpm
45b07dac18687757472e952371f0c7a5 corporate/4.0/SRPMS/wireshark-1.2.17-0.1.20060mlcs4.src.rpm
Mandriva Enterprise Server 5:
aaa5c6d5fc4d2c95ac4195e47d33fafa mes5/i586/dumpcap-1.2.17-0.1mdvmes5.2.i586.rpm
6d58055269e6092d0a5686a4a8c42ac3 mes5/i586/libwireshark0-1.2.17-0.1mdvmes5.2.i586.rpm
a3cb3bb89e80fe29c790f6e8b063b131 mes5/i586/libwireshark-devel-1.2.17-0.1mdvmes5.2.i586.rpm
79fa5c8f2a5eb746b1187c65cbae4e40 mes5/i586/rawshark-1.2.17-0.1mdvmes5.2.i586.rpm
e100f6d645ab73a1fc5a9deb84606698 mes5/i586/tshark-1.2.17-0.1mdvmes5.2.i586.rpm
4b04325c54878e19f1f4c72311560034 mes5/i586/wireshark-1.2.17-0.1mdvmes5.2.i586.rpm
5527a82f63a08dd5c975155e1fedd338 mes5/i586/wireshark-tools-1.2.17-0.1mdvmes5.2.i586.rpm
55e251303583720d3cb1017a6ee760cb mes5/SRPMS/wireshark-1.2.17-0.1mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64:
cfb3fce8ca61979a2a6460ae5bb1e0fa mes5/x86_64/dumpcap-1.2.17-0.1mdvmes5.2.x86_64.rpm
a0143cf4fd861df6d0e48f64fde3b624 mes5/x86_64/lib64wireshark0-1.2.17-0.1mdvmes5.2.x86_64.rpm
06d2eabbcefdc213ca49eea94861384f mes5/x86_64/lib64wireshark-devel-1.2.17-0.1mdvmes5.2.x86_64.rpm
e280f7279b408002816ac4a4cc5011db mes5/x86_64/rawshark-1.2.17-0.1mdvmes5.2.x86_64.rpm
9268040d3f61500dda520eab5ac49fd6 mes5/x86_64/tshark-1.2.17-0.1mdvmes5.2.x86_64.rpm
9277a5ee2abdb2382e123269f7ea2688 mes5/x86_64/wireshark-1.2.17-0.1mdvmes5.2.x86_64.rpm
e9d8581141921e54a69932192f96b817 mes5/x86_64/wireshark-tools-1.2.17-0.1mdvmes5.2.x86_64.rpm
55e251303583720d3cb1017a6ee760cb mes5/SRPMS/wireshark-1.2.17-0.1mdvmes5.2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFN5hCamqjQ0CJFipgRAtWMAKC7lUm7KIzYoaUyDLAldfYfMgyPAACg2atx
qx2ViMyJnyfW7cy9RohtHzE=
=IUCE
-----END PGP SIGNATURE-----
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed