---------------------------------------------------------------------Fedora Update Notification
FEDORA-2006-860
2006-07-28
---------------------------------------------------------------------Product     : Fedora Core 5
Name        : wireshark
Version     : 0.99.2
Release     : fc5.2
Summary     : Network traffic analyzer
Description :
Wireshark is a network traffic analyzer for Unix-ish operating systems.

This package lays base for libpcap, a packet capture and filtering
library, contains command-line utilities, contains plugins and
documentation for wireshark. A graphical user interface is packaged
separately to GTK+ package.

---------------------------------------------------------------------Update Information:

Versions affected: 0.8.16 up to and including 0.99.0
Details
Description
Wireshark 0.99.2 fixes the following vulnerabilities:

    * The GSM BSSMAP dissector could crash. Versions
affected: 0.10.11. CVE:
CVE-2006-3627 

Ilja van Sprundel discovered the following vulnerabilities:

    * The ANSI MAP dissector was vulnerable to a format
string overflow.
Versions affected: 0.10.0. CVE: CVE-2006-3628
    * The Checkpoint FW-1 dissector was vulnerable to a
format string overflow.
Versions affected: 0.10.10. CVE: CVE-2006-3628
    * The MQ dissector was vulnerable to a format string
overflow. Versions
affected: 0.10.4. CVE: CVE-2006-3628
    * The XML dissector was vulnerable to a format string
overflow. Versions
affected: 0.10.13. CVE: CVE-2006-3628
    * The MOUNT dissector could attempt to allocate large
amounts of memory.
Versions affected: 0.9.4. CVE: CVE-2006-3629
    * The NCP NMAS and NDPS dissectors were susceptible to
off-by-one errors.
Versions affected: 0.9.7. CVE: CVE-2006-3630
    * The NTP dissector was vulnerable to a format string
overflow. Versions
affected: 0.10.13. CVE: CVE-2006-3628
    * The SSH dissector was vulnerable to an infinite loop.
Versions affected:
0.9.10. CVE: CVE-2006-3631
    * The NFS dissector may have been susceptible to a
buffer overflow. Versions
affected: 0.8.16. CVE: CVE-2006-3632 

Impact
It may be possible to make Ethereal crash, use up available
memory, or run
arbitrary code by injecting a purposefully malformed packet
onto the wire or by
convincing someone to read a malformed packet trace file.
Resolution
Upgrade to Wireshark 0.99.2.
---------------------------------------------------------------------* Wed Jul 26 2006 Radek Vokal  0.99.2-fc5.2
- fix BuildRequires
* Tue Jul 25 2006 Radek Vokal  0.99.2-fc5.1
- build for FC5
* Tue Jul 18 2006 Radek Vokál  0.99.2-1
- upgrade to 0.99.2
* Wed Jul 12 2006 Jesse Keating  - 0.99.2-0.pre1.1
- rebuild
* Tue Jul 11 2006 Radek Vokál  0.99.2-0.pre1
- upgrade to 0.99.2pre1, fixes (#198242)
* Tue Jun 13 2006 Radek Vokal  0.99.1-0.pre1
- spec file changes
* Fri Jun  9 2006 Radek Vokal  0.99.1pre1-1
- initial build for Fedora Core

---------------------------------------------------------------------This update can be downloaded from:
    
f1d9b2cef1401a5f2de96e94c6abca2e32255129  SRPMS/wireshark-0.99.2-fc5.2.src.rpm
f1d9b2cef1401a5f2de96e94c6abca2e32255129  noarch/wireshark-0.99.2-fc5.2.src.rpm
ae0b87f149021f18217e6e1efdd7826a64f73c95  ppc/wireshark-0.99.2-fc5.2.ppc.rpm
5ad8121ba4bacc956691a992e87c264753e20152  ppc/wireshark-gnome-0.99.2-fc5.2.ppc.rpm
3d592a657a1e919cd236130a44307bac46652d33  ppc/debug/wireshark-debuginfo-0.99.2-fc5.2.ppc.rpm
94bbe410546b308e395531b3664f1961867d8cce  x86_64/wireshark-gnome-0.99.2-fc5.2.x86_64.rpm
4148be8dbb210052648edbd372ce0c7c5eecaeeb  x86_64/wireshark-0.99.2-fc5.2.x86_64.rpm
aa2f5af96bc0bafb6cf3f0ce16bf4bf48bc04418  x86_64/debug/wireshark-debuginfo-0.99.2-fc5.2.x86_64.rpm
f601eb9e09760675498d931bb6fbce54c6f9e123  i386/wireshark-gnome-0.99.2-fc5.2.i386.rpm
67cd230efa9175b2d322f8e238dc8fcfa5bcda57  i386/wireshark-0.99.2-fc5.2.i386.rpm
4c072da9fadc48a4eace524448979c9375e6043e  i386/debug/wireshark-debuginfo-0.99.2-fc5.2.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at .
---------------------------------------------------------------------_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce

Fedora Core 5 Update: wireshark-0.99.2-fc5.2

July 28, 2006
Updated package.

Summary

Wireshark is a network traffic analyzer for Unix-ish operating systems.

This package lays base for libpcap, a packet capture and filtering

library, contains command-line utilities, contains plugins and

documentation for wireshark. A graphical user interface is packaged

separately to GTK+ package.

Versions affected: 0.8.16 up to and including 0.99.0

Details

Description

Wireshark 0.99.2 fixes the following vulnerabilities:

* The GSM BSSMAP dissector could crash. Versions

affected: 0.10.11. CVE:

CVE-2006-3627

Ilja van Sprundel discovered the following vulnerabilities:

* The ANSI MAP dissector was vulnerable to a format

string overflow.

Versions affected: 0.10.0. CVE: CVE-2006-3628

* The Checkpoint FW-1 dissector was vulnerable to a

format string overflow.

Versions affected: 0.10.10. CVE: CVE-2006-3628

* The MQ dissector was vulnerable to a format string

overflow. Versions

affected: 0.10.4. CVE: CVE-2006-3628

* The XML dissector was vulnerable to a format string

overflow. Versions

affected: 0.10.13. CVE: CVE-2006-3628

* The MOUNT dissector could attempt to allocate large

amounts of memory.

Versions affected: 0.9.4. CVE: CVE-2006-3629

* The NCP NMAS and NDPS dissectors were susceptible to

off-by-one errors.

Versions affected: 0.9.7. CVE: CVE-2006-3630

* The NTP dissector was vulnerable to a format string

overflow. Versions

affected: 0.10.13. CVE: CVE-2006-3628

* The SSH dissector was vulnerable to an infinite loop.

Versions affected:

0.9.10. CVE: CVE-2006-3631

* The NFS dissector may have been susceptible to a

buffer overflow. Versions

affected: 0.8.16. CVE: CVE-2006-3632

Impact

It may be possible to make Ethereal crash, use up available

memory, or run

arbitrary code by injecting a purposefully malformed packet

onto the wire or by

convincing someone to read a malformed packet trace file.

Resolution

Upgrade to Wireshark 0.99.2.

- fix BuildRequires

* Tue Jul 25 2006 Radek Vokal 0.99.2-fc5.1

- build for FC5

* Tue Jul 18 2006 Radek Vokál 0.99.2-1

- upgrade to 0.99.2

* Wed Jul 12 2006 Jesse Keating - 0.99.2-0.pre1.1

- rebuild

* Tue Jul 11 2006 Radek Vokál 0.99.2-0.pre1

- upgrade to 0.99.2pre1, fixes (#198242)

* Tue Jun 13 2006 Radek Vokal 0.99.1-0.pre1

- spec file changes

* Fri Jun 9 2006 Radek Vokal 0.99.1pre1-1

- initial build for Fedora Core

f1d9b2cef1401a5f2de96e94c6abca2e32255129 SRPMS/wireshark-0.99.2-fc5.2.src.rpm

f1d9b2cef1401a5f2de96e94c6abca2e32255129 noarch/wireshark-0.99.2-fc5.2.src.rpm

ae0b87f149021f18217e6e1efdd7826a64f73c95 ppc/wireshark-0.99.2-fc5.2.ppc.rpm

5ad8121ba4bacc956691a992e87c264753e20152 ppc/wireshark-gnome-0.99.2-fc5.2.ppc.rpm

3d592a657a1e919cd236130a44307bac46652d33 ppc/debug/wireshark-debuginfo-0.99.2-fc5.2.ppc.rpm

94bbe410546b308e395531b3664f1961867d8cce x86_64/wireshark-gnome-0.99.2-fc5.2.x86_64.rpm

4148be8dbb210052648edbd372ce0c7c5eecaeeb x86_64/wireshark-0.99.2-fc5.2.x86_64.rpm

aa2f5af96bc0bafb6cf3f0ce16bf4bf48bc04418 x86_64/debug/wireshark-debuginfo-0.99.2-fc5.2.x86_64.rpm

f601eb9e09760675498d931bb6fbce54c6f9e123 i386/wireshark-gnome-0.99.2-fc5.2.i386.rpm

67cd230efa9175b2d322f8e238dc8fcfa5bcda57 i386/wireshark-0.99.2-fc5.2.i386.rpm

4c072da9fadc48a4eace524448979c9375e6043e i386/debug/wireshark-debuginfo-0.99.2-fc5.2.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update

package-name' at the command line. For more information, refer to 'Managing

Software with yum,' available at .

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

http://www.redhat.com/mailman/listinfo/fedora-package-announce

FEDORA-2006-860 2006-07-28 Name : wireshark Version : 0.99.2 Release : fc5.2 Summary : Network traffic analyzer Description : Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. Versions affected: 0.8.16 up to and including 0.99.0 Details Description Wireshark 0.99.2 fixes the following vulnerabilities: * The GSM BSSMAP dissector could crash. Versions affected: 0.10.11. CVE: CVE-2006-3627 Ilja van Sprundel discovered the following vulnerabilities: * The ANSI MAP dissector was vulnerable to a format string overflow. Versions affected: 0.10.0. CVE: CVE-2006-3628 * The Checkpoint FW-1 dissector was vulnerable to a format string overflow. Versions affected: 0.10.10. CVE: CVE-2006-3628 * The MQ dissector was vulnerable to a format string overflow. Versions affected: 0.10.4. CVE: CVE-2006-3628 * The XML dissector was vulnerable to a format string overflow. Versions affected: 0.10.13. CVE: CVE-2006-3628 * The MOUNT dissector could attempt to allocate large amounts of memory. Versions affected: 0.9.4. CVE: CVE-2006-3629 * The NCP NMAS and NDPS dissectors were susceptible to off-by-one errors. Versions affected: 0.9.7. CVE: CVE-2006-3630 * The NTP dissector was vulnerable to a format string overflow. Versions affected: 0.10.13. CVE: CVE-2006-3628 * The SSH dissector was vulnerable to an infinite loop. Versions affected: 0.9.10. CVE: CVE-2006-3631 * The NFS dissector may have been susceptible to a buffer overflow. Versions affected: 0.8.16. CVE: CVE-2006-3632 Impact It may be possible to make Ethereal crash, use up available memory, or run arbitrary code by injecting a purposefully malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 0.99.2. - fix BuildRequires * Tue Jul 25 2006 Radek Vokal 0.99.2-fc5.1 - build for FC5 * Tue Jul 18 2006 Radek Vokál 0.99.2-1 - upgrade to 0.99.2 * Wed Jul 12 2006 Jesse Keating - 0.99.2-0.pre1.1 - rebuild * Tue Jul 11 2006 Radek Vokál 0.99.2-0.pre1 - upgrade to 0.99.2pre1, fixes (#198242) * Tue Jun 13 2006 Radek Vokal 0.99.1-0.pre1 - spec file changes * Fri Jun 9 2006 Radek Vokal 0.99.1pre1-1 - initial build for Fedora Core f1d9b2cef1401a5f2de96e94c6abca2e32255129 SRPMS/wireshark-0.99.2-fc5.2.src.rpm f1d9b2cef1401a5f2de96e94c6abca2e32255129 noarch/wireshark-0.99.2-fc5.2.src.rpm ae0b87f149021f18217e6e1efdd7826a64f73c95 ppc/wireshark-0.99.2-fc5.2.ppc.rpm 5ad8121ba4bacc956691a992e87c264753e20152 ppc/wireshark-gnome-0.99.2-fc5.2.ppc.rpm 3d592a657a1e919cd236130a44307bac46652d33 ppc/debug/wireshark-debuginfo-0.99.2-fc5.2.ppc.rpm 94bbe410546b308e395531b3664f1961867d8cce x86_64/wireshark-gnome-0.99.2-fc5.2.x86_64.rpm 4148be8dbb210052648edbd372ce0c7c5eecaeeb x86_64/wireshark-0.99.2-fc5.2.x86_64.rpm aa2f5af96bc0bafb6cf3f0ce16bf4bf48bc04418 x86_64/debug/wireshark-debuginfo-0.99.2-fc5.2.x86_64.rpm f601eb9e09760675498d931bb6fbce54c6f9e123 i386/wireshark-gnome-0.99.2-fc5.2.i386.rpm 67cd230efa9175b2d322f8e238dc8fcfa5bcda57 i386/wireshark-0.99.2-fc5.2.i386.rpm 4c072da9fadc48a4eace524448979c9375e6043e i386/debug/wireshark-debuginfo-0.99.2-fc5.2.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at . Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce

Change Log

References

Update Instructions

Severity
Name : wireshark
Version : 0.99.2
Release : fc5.2
Summary : Network traffic analyzer

Related News

1.Penguin Landscape Esm H320
2 - 3 min read
The recent release of AlmaLinux 9.4 , closely aligned with Red Hat Enterprise Linux (RHEL) 9.4 , presents Linux admins and infosec professionals
11.Locks IsometricPattern Esm H320
2 - 3 min read
The upcoming release of Linux Mint 22 will introduce significant changes, particularly in handling XApp , GNOME applications, and the Software
2.Motherboard Esm H320
2 - 3 min read
German software engineer Lennart Poettering recently presented run0 , a new tool in systemd v256 that aims to address the security concerns
22.Lock ScreenEffect Esm H320
2 - 3 min read
Red Hat recently released its newest enterprise Linux distro, Red Hat Enterprise Linux (RHEL) 9.4 , which introduces several features designed to
8.Locks HexConnections CodeGlobe Esm H320
1 - 2 min read
The latest release of Debian , one of the oldest and most trusted distributions within the Linux ecosystem, redefines security, stability, and
20.Lock AbstractDigital Circular Esm H320
1 - 2 min read
The Ubuntu security team has recently discovered and addressed multiple vulnerabilities in the Apache HTTP Server. The vulnerabilities affected
1.Penguin Landscape Esm H320
1 - 2 min read
A critical vulnerability was discovered in the Linux kernel's netfilter subsystem, specifically within the nf_tables component, posing potential
19.Laptop Bed Esm H320
2 - 3 min read
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw that can enable attackers to execute arbitrary
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved