-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2201-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff March 23, 2011 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wireshark Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2011-0538 CVE-2011-0713 CVE-2011-1139 CVE-2011-1140 CVE-2011-1141 Huzaifa Sidhpurwala, Joernchen, and Xiaopeng Zhang discovered several vulnerabilities in the Wireshark network traffic analyzer. Vulnerabilities in the DCT3, LDAP and SMB dissectors and in the code to parse pcag-ng files could lead to denial of service or the execution of arbitrary code. For the oldstable distribution (lenny), this problem has been fixed in version 1.0.2-3+lenny13. For the stable distribution (squeeze), this problem has been fixed in version 1.2.11-6+squeeze1 For the unstable distribution (sid), this problem has been fixed in version 1.4.4-1. We recommend that you upgrade your wireshark packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAk2KaxwACgkQXm3vHE4uylpBkgCfabAzulwiyFi/phmPHYyU7Nxm 47sAn03CFpWP+fJ6n3SSbZ9EAwHyjagF =DTar -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/