what you don't know can hurt you

Mandriva Linux Security Advisory 2012-080

Mandriva Linux Security Advisory 2012-080
Posted May 24, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-080 - It may be possible to make Wireshark hang for long or indefinite periods by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.

tags | advisory
systems | linux, mandriva
MD5 | c74ea7a4613c2f33de2b3617a94f24e7

Mandriva Linux Security Advisory 2012-080

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2012:080
http://www.mandriva.com/security/
_______________________________________________________________________

Package : wireshark
Date : May 23, 2012
Affected: 2011.
_______________________________________________________________________

Problem Description:

Multiple vulnerabilities was found and corrected in Wireshark:

It may be possible to make Wireshark hang for long or indefinite
periods by injecting a malformed packet onto the wire or by convincing
someone to read a malformed packet trace file.

It may be possible to make Wireshark crash by injecting a malformed
packet onto the wire or by convincing someone to read a malformed
packet trace file.

This advisory provides the latest version of Wireshark (1.6.8) which
is not vulnerable to these issues.
_______________________________________________________________________

References:

http://www.wireshark.org/security/wnpa-sec-2012-08.html
http://www.wireshark.org/security/wnpa-sec-2012-09.html
http://www.wireshark.org/security/wnpa-sec-2012-10.html
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2011:
16a577c0711df7fc568696402109d6b4 2011/i586/dumpcap-1.6.8-0.1-mdv2011.0.i586.rpm
eada57c1d6f02e7ebf14fbb3789c5bbe 2011/i586/libwireshark1-1.6.8-0.1-mdv2011.0.i586.rpm
e9e98acba88c6ee3ab1d2e51536463aa 2011/i586/libwireshark-devel-1.6.8-0.1-mdv2011.0.i586.rpm
8017f3883e54db24eeee1e0f7b3c820f 2011/i586/rawshark-1.6.8-0.1-mdv2011.0.i586.rpm
bc33e60ea854669c81652090880c430b 2011/i586/tshark-1.6.8-0.1-mdv2011.0.i586.rpm
52cc8b37b569f8bc31800eacf347a7bd 2011/i586/wireshark-1.6.8-0.1-mdv2011.0.i586.rpm
b8cd1dca05b43e22accf8cd4a1517946 2011/i586/wireshark-tools-1.6.8-0.1-mdv2011.0.i586.rpm
c7678d090d491738155aa4bb6ae2b09d 2011/SRPMS/wireshark-1.6.8-0.1.src.rpm

Mandriva Linux 2011/X86_64:
25b79e5781f78e7c7a0f239406ad3a5a 2011/x86_64/dumpcap-1.6.8-0.1-mdv2011.0.x86_64.rpm
851832cf2439b688a491620ec43318ce 2011/x86_64/lib64wireshark1-1.6.8-0.1-mdv2011.0.x86_64.rpm
6c659fbff4840bc333d90e4d72a656eb 2011/x86_64/lib64wireshark-devel-1.6.8-0.1-mdv2011.0.x86_64.rpm
9b37711290f16de47b594397de980256 2011/x86_64/rawshark-1.6.8-0.1-mdv2011.0.x86_64.rpm
2aa4ab2ba5d5b4f914b91b7d0e608c15 2011/x86_64/tshark-1.6.8-0.1-mdv2011.0.x86_64.rpm
86cdbf15b98aaacb3d42bb43dfdf2c8f 2011/x86_64/wireshark-1.6.8-0.1-mdv2011.0.x86_64.rpm
d72665f272867ca3d4af106c1a751f91 2011/x86_64/wireshark-tools-1.6.8-0.1-mdv2011.0.x86_64.rpm
c7678d090d491738155aa4bb6ae2b09d 2011/SRPMS/wireshark-1.6.8-0.1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFPvM7pmqjQ0CJFipgRAgddAJ9vTgXP+6YXzxHaP3OflVdGXI5O6ACeKc+9
Q9lNj2Y7agvEy1+p9wOy+Nw=
=BGJY
-----END PGP SIGNATURE-----

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    2 Files
  • 15
    Sep 15th
    1 Files
  • 16
    Sep 16th
    11 Files
  • 17
    Sep 17th
    16 Files
  • 18
    Sep 18th
    8 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close