exploit the possibilities

Mandriva Linux Security Advisory 2009-292

Mandriva Linux Security Advisory 2009-292
Posted Nov 3, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-292 - Vulnerabilities have been discovered and corrected in wireshark, affecting DCERPC/NT dissector, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace and in wiretap/erf.c which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file. The wireshark package has been updated to fix these vulnerabilities.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2009-3550, CVE-2009-3829
MD5 | cb23f9dc77fe2e41a9c8ec999834c8fb

Mandriva Linux Security Advisory 2009-292

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2009:292
http://www.mandriva.com/security/
_______________________________________________________________________

Package : wireshark
Date : November 3, 2009
Affected: 2009.1, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

Vulnerabilities have been discovered and corrected in wireshark,
affecting DCERPC/NT dissector, which allows remote attackers to cause
a denial of service (NULL pointer dereference and application crash)
via a file that records a malformed packet trace (CVE-2009-3550); and
in wiretap/erf.c which allows remote attackers to execute arbitrary
code or cause a denial of service (application crash) via a crafted
erf file (CVE-2009-3829).

The wireshark package has been updated to fix these vulnerabilities.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3550
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3829
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2009.1:
9776a5ff48251ff4014a284803f8eedb 2009.1/i586/dumpcap-1.0.10-0.1mdv2009.1.i586.rpm
5763243f9b6de3e0eb998683eb157e37 2009.1/i586/libwireshark0-1.0.10-0.1mdv2009.1.i586.rpm
615c1f912fcae0f63c14046c7292305e 2009.1/i586/libwireshark-devel-1.0.10-0.1mdv2009.1.i586.rpm
fc8c67f248b0039c0006220456f7d0dc 2009.1/i586/rawshark-1.0.10-0.1mdv2009.1.i586.rpm
be03c1c1e06412b5603dc65f1632b18a 2009.1/i586/tshark-1.0.10-0.1mdv2009.1.i586.rpm
4da9966e690a238eecbe215bfce9fe8a 2009.1/i586/wireshark-1.0.10-0.1mdv2009.1.i586.rpm
5ce93f8c9af2127d3255a87c0ea8503b 2009.1/i586/wireshark-tools-1.0.10-0.1mdv2009.1.i586.rpm
d705f70a10051311f0ccfc14e5a587af 2009.1/SRPMS/wireshark-1.0.10-0.1mdv2009.1.src.rpm

Mandriva Linux 2009.1/X86_64:
ab53926e26b33237cd48aedacd0f6260 2009.1/x86_64/dumpcap-1.0.10-0.1mdv2009.1.x86_64.rpm
4d167d0401af7c55904fd0e4bf4d5a09 2009.1/x86_64/lib64wireshark0-1.0.10-0.1mdv2009.1.x86_64.rpm
38c8c81a64a488965f397ac55aca4f0d 2009.1/x86_64/lib64wireshark-devel-1.0.10-0.1mdv2009.1.x86_64.rpm
0dd651556a433aae58a1d3311dbeacf4 2009.1/x86_64/rawshark-1.0.10-0.1mdv2009.1.x86_64.rpm
4e3b3d843fc38637fb5fcb505516a444 2009.1/x86_64/tshark-1.0.10-0.1mdv2009.1.x86_64.rpm
f5d7864ae57e97d98abfd1d0da2c601b 2009.1/x86_64/wireshark-1.0.10-0.1mdv2009.1.x86_64.rpm
e241a5747541de4b35cb884a3a2a2e09 2009.1/x86_64/wireshark-tools-1.0.10-0.1mdv2009.1.x86_64.rpm
d705f70a10051311f0ccfc14e5a587af 2009.1/SRPMS/wireshark-1.0.10-0.1mdv2009.1.src.rpm

Corporate 4.0:
00f7f312ecb50337a61e8aa226351f0f corporate/4.0/i586/dumpcap-1.0.10-0.1.20060mlcs4.i586.rpm
397831075a172aa09914b851978764c0 corporate/4.0/i586/libwireshark0-1.0.10-0.1.20060mlcs4.i586.rpm
38c43d3e4c53be9afdf63e25f81022cd corporate/4.0/i586/libwireshark-devel-1.0.10-0.1.20060mlcs4.i586.rpm
7fb8b1da94b58a405fc248c91a46710a corporate/4.0/i586/rawshark-1.0.10-0.1.20060mlcs4.i586.rpm
275f67bd5a9c81d2fa681802b17ff148 corporate/4.0/i586/tshark-1.0.10-0.1.20060mlcs4.i586.rpm
6512854ec097ba7abd54f8fa216f6e47 corporate/4.0/i586/wireshark-1.0.10-0.1.20060mlcs4.i586.rpm
0de613b7620d731af50e2f952311e0d4 corporate/4.0/i586/wireshark-tools-1.0.10-0.1.20060mlcs4.i586.rpm
29284ce6df7107031ab98a27eca0a1c5 corporate/4.0/SRPMS/wireshark-1.0.10-0.1.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
22ef3658492b8bf0222b00a213b33ddb corporate/4.0/x86_64/dumpcap-1.0.10-0.1.20060mlcs4.x86_64.rpm
c907ebb1ffd142898a65e4df8c4b98ae corporate/4.0/x86_64/lib64wireshark0-1.0.10-0.1.20060mlcs4.x86_64.rpm
a61af49a91c9313aa48911240f11b878 corporate/4.0/x86_64/lib64wireshark-devel-1.0.10-0.1.20060mlcs4.x86_64.rpm
c7c476849dd061df9caa056ee435486c corporate/4.0/x86_64/rawshark-1.0.10-0.1.20060mlcs4.x86_64.rpm
06ea86736d32c321e0f6db14c71eec31 corporate/4.0/x86_64/tshark-1.0.10-0.1.20060mlcs4.x86_64.rpm
1a866f965de14960eec591b4ef91fdb3 corporate/4.0/x86_64/wireshark-1.0.10-0.1.20060mlcs4.x86_64.rpm
619b8cd611129692d4b6948121311336 corporate/4.0/x86_64/wireshark-tools-1.0.10-0.1.20060mlcs4.x86_64.rpm
29284ce6df7107031ab98a27eca0a1c5 corporate/4.0/SRPMS/wireshark-1.0.10-0.1.20060mlcs4.src.rpm

Mandriva Enterprise Server 5:
acb7f0ef708faabc4f8a0107413581ba mes5/i586/dumpcap-1.0.10-0.1mdvmes5.i586.rpm
89771916a201d1877a4e6b3979c9382a mes5/i586/libwireshark0-1.0.10-0.1mdvmes5.i586.rpm
441055d1c582709fe952c66b0cf0bb3e mes5/i586/libwireshark-devel-1.0.10-0.1mdvmes5.i586.rpm
8fcc2774a57fe38b3d93ca2be71d485a mes5/i586/rawshark-1.0.10-0.1mdvmes5.i586.rpm
c2c3e70bffbb284c180d38e59ed78647 mes5/i586/tshark-1.0.10-0.1mdvmes5.i586.rpm
a27530dc435f220afad5a0fa66477210 mes5/i586/wireshark-1.0.10-0.1mdvmes5.i586.rpm
3f9f26f368c18086672e723566960fd1 mes5/i586/wireshark-tools-1.0.10-0.1mdvmes5.i586.rpm
8161692312392406d4105dc57fc5e2b6 mes5/SRPMS/wireshark-1.0.10-0.1mdvmes5.src.rpm

Mandriva Enterprise Server 5/X86_64:
98dfad4d56c40915a2d2b5dd35f21962 mes5/x86_64/dumpcap-1.0.10-0.1mdvmes5.x86_64.rpm
337bda567ca9396d3efdcf80d2b816fb mes5/x86_64/lib64wireshark0-1.0.10-0.1mdvmes5.x86_64.rpm
f46f021b8985694bef66063606f7b6f1 mes5/x86_64/lib64wireshark-devel-1.0.10-0.1mdvmes5.x86_64.rpm
4858f505a59f1fc0f6cf328dc7079c37 mes5/x86_64/rawshark-1.0.10-0.1mdvmes5.x86_64.rpm
b78c0346f33b1a5d365be74b7b7613c6 mes5/x86_64/tshark-1.0.10-0.1mdvmes5.x86_64.rpm
7e0257e5e30b86c2adc8963d750971d6 mes5/x86_64/wireshark-1.0.10-0.1mdvmes5.x86_64.rpm
ee4107ff89ccf88aed9228869bfc2080 mes5/x86_64/wireshark-tools-1.0.10-0.1mdvmes5.x86_64.rpm
8161692312392406d4105dc57fc5e2b6 mes5/SRPMS/wireshark-1.0.10-0.1mdvmes5.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFK8CuPmqjQ0CJFipgRAnN+AKDESHVSyHgy7SSTB2ZVKHujv2P9UwCg4kds
eiZOd30/d1ivSc14kx6fQmE=
=2LhR
-----END PGP SIGNATURE-----

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    20 Files
  • 3
    Apr 3rd
    15 Files
  • 4
    Apr 4th
    5 Files
  • 5
    Apr 5th
    5 Files
  • 6
    Apr 6th
    27 Files
  • 7
    Apr 7th
    31 Files
  • 8
    Apr 8th
    18 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close