LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: September 26th, 2014
Linux Security Week: September 22nd, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Debian: New wireshark packages fix several vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Debian Several remote vulnerabilities have been discovered network traffic analyzer Wireshark. The Common Vulnerabilities and Exposures project identifies the following problems: The GSM SMS dissector is vulnerable to denial of service.
- ------------------------------------------------------------------------
Debian Security Advisory DSA-1673-1                  security@debian.org
http://www.debian.org/security/                       Moritz Muehlenhoff
November 29, 2008                     http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : wireshark
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2008-3137 CVE-2008-3138 CVE-2008-3141 CVE-2008-3145 CVE-2008-3933 CVE-2008-4683 CVE-2008-4684 CVE-2008-4685

Several remote vulnerabilities have been discovered network traffic
analyzer Wireshark. The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2008-3137

    The GSM SMS dissector is vulnerable to denial of service.

CVE-2008-3138

    The PANA and KISMET dissectors are vulnerable to denial of service.

CVE-2008-3141

    The RMI dissector could disclose system memory.

CVE-2008-3145

    The packet reassembling module is vulnerable to denial of service.

CVE-2008-3933

    The zlib uncompression module is vulnerable to denial of service.

CVE-2008-4683

    The Bluetooth ACL dissector is vulnerable to denial of service.

CVE-2008-4684

    The PRP and MATE dissectors are vulnerable to denial of service.

CVE-2008-4685

    The Q931 dissector is vulnerable to denial of service.

For the stable distribution (etch), these problems have been fixed in
version 0.99.4-5.etch.3.

For the upcoming stable distribution (lenny), these problems have been
fixed in version 1.0.2-3+lenny2.

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your wireshark packages.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4.orig.tar.gz
    Size/MD5 checksum: 13306790 2556a31d0d770dd1990bd67b98bd2f9b
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3.dsc
    Size/MD5 checksum:     1066 ece7cc5dd8e70c0b5c13bfbf6e8c6eee
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3.diff.gz
    Size/MD5 checksum:    48388 2918d72a79fafde4759afe72db727d6f

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_alpha.deb
    Size/MD5 checksum:    22872 2ac3fe313364295340483294f1e9fb91
  http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_alpha.deb
    Size/MD5 checksum:    22504 e67991e3aa09ce8bd8a44833fe7e3883
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_alpha.deb
    Size/MD5 checksum:  9318436 d88e91f579849725048a4f5d9155871d
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_alpha.deb
    Size/MD5 checksum:   181432 bd619bdb6fdc69e10dd31241268fac22
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_alpha.deb
    Size/MD5 checksum:    22498 b6e13d7c505bceb09cd278c5f07c7c40
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_alpha.deb
    Size/MD5 checksum:   674820 b6a532ff5292b77773e1aa4cfc2fd577
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_alpha.deb
    Size/MD5 checksum:    22510 eafc125f4a6f9084880fdd2a557b9814
  http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_alpha.deb
    Size/MD5 checksum:   117502 d829953f80e3402ea53f96b5a60010a4

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_amd64.deb
    Size/MD5 checksum:   181784 be30e7ac952ecec26ed7cf9d73cf07ca
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_amd64.deb
    Size/MD5 checksum:   619708 b97e43ebf7fb339df7210c0fed2de92b
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_amd64.deb
    Size/MD5 checksum:    22502 24d2101cd90f05f7206ed1b222cf2655
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_amd64.deb
    Size/MD5 checksum:  9119506 67bc221048a9a1909e0780547e267956
  http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_amd64.deb
    Size/MD5 checksum:   112146 24dad3e9789181bc32c555174ebc6331
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_amd64.deb
    Size/MD5 checksum:    22516 fd918d886d3f43e85efc336267f8d3b1
  http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_amd64.deb
    Size/MD5 checksum:    22504 e427825910c10ca825d6263d72f3231d
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_amd64.deb
    Size/MD5 checksum:    22862 8b219977905e0ca92c11669b819a4d62

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_arm.deb
    Size/MD5 checksum:  7739012 2393f419581304f9d1bc96b2e80a87b9
  http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_arm.deb
    Size/MD5 checksum:    22520 91159635ccf35f1d0fc51d80eb5af43d
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_arm.deb
    Size/MD5 checksum:   600564 6c9dc2dfc018156969644378f856521a
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_arm.deb
    Size/MD5 checksum:    22870 64f1146af6c9759d7fce864dc5f0d7d3
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_arm.deb
    Size/MD5 checksum:    22528 44b24f50cf31c9c8e734fbf5cb32603f
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_arm.deb
    Size/MD5 checksum:    22514 073d8b3cf84d186a28f1923b77825651
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_arm.deb
    Size/MD5 checksum:   182074 21f420a957afb36f416b743ea928344c
  http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_arm.deb
    Size/MD5 checksum:   107352 a57d347239ea877d9dc7944f025a357f

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_hppa.deb
    Size/MD5 checksum:    22872 2ccd34d4f66efe4103e8bd6abefa9522
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_hppa.deb
    Size/MD5 checksum:    22512 5969e22027936a31221f293be3ee9a07
  http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_hppa.deb
    Size/MD5 checksum:    22506 c624bb7b41ceb11e497c09c231388f17
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_hppa.deb
    Size/MD5 checksum:  9856512 1dc01e880f2cbc9ed221775bada95006
  http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_hppa.deb
    Size/MD5 checksum:   109670 d4eea1ac706ac762a8ed8327438f4642
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_hppa.deb
    Size/MD5 checksum:    22504 a738cb866d71bd90d6221655993db604
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_hppa.deb
    Size/MD5 checksum:   634968 a399926534b08d75dc0858bebd83c9b5
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_hppa.deb
    Size/MD5 checksum:   182054 cef379511143780007c649c3089ea1b2

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_i386.deb
    Size/MD5 checksum:   182668 a1c8033946069020bf3c985ac15f3262
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_i386.deb
    Size/MD5 checksum:   564704 810e62b84fec47703eb3a123059b576b
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_i386.deb
    Size/MD5 checksum:    22492 e0730ad8b28f63b46e57dda4577009f2
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_i386.deb
    Size/MD5 checksum:  7502356 84707ff563a36e6dbdcafb47657b4260
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_i386.deb
    Size/MD5 checksum:    22860 34cc7a26d0416a35b9cbcd5dce2f875c
  http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_i386.deb
    Size/MD5 checksum:   102308 882325dfde6476fa6fef27435af1c9c7
  http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_i386.deb
    Size/MD5 checksum:    22498 a03f9bc9d8ce5f23bbab2280ab49798b
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_i386.deb
    Size/MD5 checksum:    22504 f2b77a28c0675c396652fcdc9c2c3803

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_ia64.deb
    Size/MD5 checksum:    22846 3c2f1b3206af0c51ad92aef628d1296c
  http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_ia64.deb
    Size/MD5 checksum:   145732 4f709746e604fd49e8500000c0c8b9fd
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_ia64.deb
    Size/MD5 checksum:    22498 00c321e1542af1331ca18b0df70eee08
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_ia64.deb
    Size/MD5 checksum: 10652434 5884462db3ab99cd180970b81bab92e1
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_ia64.deb
    Size/MD5 checksum:    22484 4591898f96b98e28d183328a0e21dba4
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_ia64.deb
    Size/MD5 checksum:   827582 c67bd7ddb1ab16764b7ebebbd5b1bb7c
  http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_ia64.deb
    Size/MD5 checksum:    22498 45334f3ef44ae17bb9c8d4a95f6cf4e6
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_ia64.deb
    Size/MD5 checksum:   182626 67cd7391e4c59b412ddc2e76c6fa6791

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_mips.deb
    Size/MD5 checksum:   104812 d3f86fe05592a3ac315047246c4dd26e
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_mips.deb
    Size/MD5 checksum:  8017676 583e585fb11a943ef5c0288016dffb43
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_mips.deb
    Size/MD5 checksum:   588850 2ea0a20be951ff4e8ab6ba6525dea911
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_mips.deb
    Size/MD5 checksum:    21856 8ad7420ab94abbaedd0a0283530f9bad
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_mips.deb
    Size/MD5 checksum:    22108 74e578c0a220a579e57830fe8031cc8b
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_mips.deb
    Size/MD5 checksum:    21844 7821c6a42d28f2c2833cf58b9ca033a5
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_mips.deb
    Size/MD5 checksum:   181530 cbdd1d6dd954ee7f1d7050ef3c9eba91
  http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_mips.deb
    Size/MD5 checksum:    21850 42ed2c8bc444299b2f6e4987e79ab666

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_mipsel.deb
    Size/MD5 checksum:   104602 79217e35d38b7a65b76c40f4e3cb9be1
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_mipsel.deb
    Size/MD5 checksum:    22492 f3005b052212919cdb4fcdb9b4fba65e
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_mipsel.deb
    Size/MD5 checksum:  7408744 4228174f1af0bf0b17f4d30de7cf7ea5
  http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_mipsel.deb
    Size/MD5 checksum:    22506 9b8bca5a067957146d32d0b92bb09117
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_mipsel.deb
    Size/MD5 checksum:    22506 250f509a57cee02c619151b65e6fd18e
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_mipsel.deb
    Size/MD5 checksum:   575840 750acb173d59b7936388b2a0d82dc796
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_mipsel.deb
    Size/MD5 checksum:   182672 766ee8b1ff019b03703ee93ebb76717f
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_mipsel.deb
    Size/MD5 checksum:    22856 9c5861628a2de7fd905f1924c0474332

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_powerpc.deb
    Size/MD5 checksum:   182652 1dfdaa74d72de475b67c3256bf14b637
  http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_powerpc.deb
    Size/MD5 checksum:    22498 4ec636076c7587204842382f6729001d
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_powerpc.deb
    Size/MD5 checksum:    22850 cb065d5901a738e96c35dc534407d59e
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_powerpc.deb
    Size/MD5 checksum:    22504 2da403f29c784c2da2b65d34a4342517
  http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_powerpc.deb
    Size/MD5 checksum:   104242 fd8bac6c5986e895547a8cd2bd0e047a
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_powerpc.deb
    Size/MD5 checksum:  8606102 2f48dcbf4864fff90668b9c9fd0b1f65
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_powerpc.deb
    Size/MD5 checksum:   583590 c2d40168eec70056745aacac50a1b6cd
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_powerpc.deb
    Size/MD5 checksum:    22490 452169dd566fa6bbf2d2ca1c2d950a37

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_s390.deb
    Size/MD5 checksum:    22848 02756b25f5eb8866a1c8281f088aba85
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_s390.deb
    Size/MD5 checksum:    22504 11c3d2072753d2f3a100e44c3d3fe33a
  http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_s390.deb
    Size/MD5 checksum:   115600 049e7e0f056196df2500e03c4d32a300
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_s390.deb
    Size/MD5 checksum:  9756694 e39b358505fa9cb7c7a8d0d6d898fd79
  http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_s390.deb
    Size/MD5 checksum:    22498 39c467d08525f96ce4900c9a26643477
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_s390.deb
    Size/MD5 checksum:    22488 23d2f294343796f2a7d44c3b5d93651e
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_s390.deb
    Size/MD5 checksum:   640960 539d3faeb8bebf6f945803a88f48f927
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_s390.deb
    Size/MD5 checksum:   182622 e0e7919335705d8062378606615675b7

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_sparc.deb
    Size/MD5 checksum:    22520 fcded97d018614d9c009b7381af86c0c
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_sparc.deb
    Size/MD5 checksum:    22508 08b5ee4324e7bf9c70e3dc64790c0b3a
  http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_sparc.deb
    Size/MD5 checksum:   104122 5389c35fe323621a57e570eae09efa84
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_sparc.deb
    Size/MD5 checksum:   586906 d32db40176c7a72e691d1015c1c399dc
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_sparc.deb
    Size/MD5 checksum:   183182 db42ff4d1f6cb72b3fed705d72cd9334
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_sparc.deb
    Size/MD5 checksum:    22866 880b204b5182202328541153989cf082
  http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_sparc.deb
    Size/MD5 checksum:    22522 acf3820b48c050b01da592940dee07ad
  http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_sparc.deb
    Size/MD5 checksum:  8679242 716f14e3d3ea4795e742fed07ebe2f44

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Honeypot Snares Two Bots Exploiting Bash Vulnerability
CloudFlare Rolls Out Free SSL
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.