LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: July 28th, 2014
Linux Advisory Watch: July 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: Updated wireshark packages fix multiple vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake Vulnerabilities in the HTTP, LDAP, XOT, WBXML, and MIME Multipart dissectors were discovered in versions of wireshark less than 0.99.4, as well as various other bugs. This updated provides wireshark 0.99.4 which is not vulnerable to these issues.
 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:195
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : wireshark
 Date    : November 2, 2006
 Affected: 2006.0, 2007.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 Vulnerabilities in the HTTP, LDAP, XOT, WBXML, and MIME Multipart
 dissectors were discovered in versions of wireshark less than 0.99.4,
 as well as various other bugs.

 This updated provides wireshark 0.99.4 which is not vulnerable to these
 issues.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4574
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4805
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5468
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5469
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5740
 http://www.wireshark.org/security/wnpa-sec-2006-03.html
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 6d9200ceb28c080700a14c5082d06144  2006.0/i586/libwireshark0-0.99.4-0.1.20060mdk.i586.rpm
 846bf319dbf28977697f0360e6c9c3bf  2006.0/i586/tshark-0.99.4-0.1.20060mdk.i586.rpm
 cf4c6ad8bcc4e8f1d0f30747e43629a0  2006.0/i586/wireshark-0.99.4-0.1.20060mdk.i586.rpm
 7c298b8216d885c501698333a351a6df  2006.0/i586/wireshark-tools-0.99.4-0.1.20060mdk.i586.rpm 
 da584fd84e4eaa96134eae8bb6b2ccd9  2006.0/SRPMS/wireshark-0.99.4-0.1.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 5cc25cf7a14362017b627804a23415ce  2006.0/x86_64/lib64wireshark0-0.99.4-0.1.20060mdk.x86_64.rpm
 a30498851a759f07b8cebcdebb0f906b  2006.0/x86_64/tshark-0.99.4-0.1.20060mdk.x86_64.rpm
 cafef7ec7d7df699ca288ae03ed37c67  2006.0/x86_64/wireshark-0.99.4-0.1.20060mdk.x86_64.rpm
 f84e2b12d83f53f0032992ead38cacff  2006.0/x86_64/wireshark-tools-0.99.4-0.1.20060mdk.x86_64.rpm 
 da584fd84e4eaa96134eae8bb6b2ccd9  2006.0/SRPMS/wireshark-0.99.4-0.1.20060mdk.src.rpm

 Mandriva Linux 2007.0:
 3d1f3895ce1a440d94768fed10657cc6  2007.0/i586/libwireshark0-0.99.4-0.1mdv2007.0.i586.rpm
 ef44905cba00cfb7ba5d72e4d45b4dee  2007.0/i586/tshark-0.99.4-0.1mdv2007.0.i586.rpm
 21ef07d16228990f81952e6a9d0d4c02  2007.0/i586/wireshark-0.99.4-0.1mdv2007.0.i586.rpm
 60cf791c1bdb8819e69da5a31381fbf7  2007.0/i586/wireshark-tools-0.99.4-0.1mdv2007.0.i586.rpm 
 7205c72932f614d8b4bcc7ac214a3cd5  2007.0/SRPMS/wireshark-0.99.4-0.1mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 3c0c94604f22665270ecfd5ea4ef63b8  2007.0/x86_64/lib64wireshark0-0.99.4-0.1mdv2007.0.x86_64.rpm
 2f50e6bdb122c99a8ccfe265bd5e9871  2007.0/x86_64/tshark-0.99.4-0.1mdv2007.0.x86_64.rpm
 d6b35a2cc4871b09e65c97d438d8e5aa  2007.0/x86_64/wireshark-0.99.4-0.1mdv2007.0.x86_64.rpm
 8dbd4f0e7cb7165e0877fead9b767aa8  2007.0/x86_64/wireshark-tools-0.99.4-0.1mdv2007.0.x86_64.rpm 
 7205c72932f614d8b4bcc7ac214a3cd5  2007.0/SRPMS/wireshark-0.99.4-0.1mdv2007.0.src.rpm

 Corporate 4.0:
 cf6d82d53a965a367b37ddce468eb5e1  corporate/4.0/i586/libwireshark0-0.99.4-0.1.20060mlcs4.i586.rpm
 4fd35ab3805a08b8010832759b6520ca  corporate/4.0/i586/tshark-0.99.4-0.1.20060mlcs4.i586.rpm
 5ceb4d06dcec263ca472b1a0cebacb6e  corporate/4.0/i586/wireshark-0.99.4-0.1.20060mlcs4.i586.rpm
 254f405e87704d0a3bff60730af347cd  corporate/4.0/i586/wireshark-tools-0.99.4-0.1.20060mlcs4.i586.rpm 
 063c6e14b5bbcc81f4a26fd183d9c53c  corporate/4.0/SRPMS/wireshark-0.99.4-0.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 66a696916ebf9665d62d0fe7363ac742  corporate/4.0/x86_64/lib64wireshark0-0.99.4-0.1.20060mlcs4.x86_64.rpm
 1662228d5a03d68af75cd6a93654fb81  corporate/4.0/x86_64/tshark-0.99.4-0.1.20060mlcs4.x86_64.rpm
 e4be92066710fb02ad806ebb154006be  corporate/4.0/x86_64/wireshark-0.99.4-0.1.20060mlcs4.x86_64.rpm
 2066c3a5738e8e3ade6fa4afab2adfed  corporate/4.0/x86_64/wireshark-tools-0.99.4-0.1.20060mlcs4.x86_64.rpm 
 063c6e14b5bbcc81f4a26fd183d9c53c  corporate/4.0/SRPMS/wireshark-0.99.4-0.1.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Hackers Plundered Israeli Defense Firms that Built ‘Iron Dome’ Missile Defense System
Internet of things big security worry, says HP
Boffins build FREE SUPERCOMPUTER from free cloud server trials
Insecure Connections: Enterprises hacked after neglecting third-party risks
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.