LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: September 15th, 2014
Linux Security Week: September 8th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: Subject: [Security Announce] [ MDVSA-2009:270 ] wireshark Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake A vulnerability has been found and corrected in wireshark: Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets (CVE-2009-3241). This update fixes this vulnerability.
 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2009:270
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : wireshark
 Date    : October 12, 2009
 Affected: 2009.0, 2009.1, Corporate 4.0, Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 A vulnerability has been found and corrected in wireshark:
 
 Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark
 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers
 to cause a denial of service (memory and CPU consumption) via malformed
 OPCUA Service CallRequest packets (CVE-2009-3241).
 
 This update fixes this vulnerability.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3241
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2009.0:
 2bde688e3de981ae3180da4f05f5e860  2009.0/i586/dumpcap-1.0.8-3.3mdv2009.0.i586.rpm
 8216fb437b04046ad2b78c6a8ddebdce  2009.0/i586/libwireshark0-1.0.8-3.3mdv2009.0.i586.rpm
 282063c02297a2a70be4fd87b69762c0  2009.0/i586/libwireshark-devel-1.0.8-3.3mdv2009.0.i586.rpm
 93b7d86a3f5e45c8bbe0ecd349c97bde  2009.0/i586/rawshark-1.0.8-3.3mdv2009.0.i586.rpm
 f4f449adb85ac8bfc32ace580857a6ea  2009.0/i586/tshark-1.0.8-3.3mdv2009.0.i586.rpm
 8716922a83cd417e9b7b2ce883ca884c  2009.0/i586/wireshark-1.0.8-3.3mdv2009.0.i586.rpm
 08268e3ffdd712e455683461c7824932  2009.0/i586/wireshark-tools-1.0.8-3.3mdv2009.0.i586.rpm 
 557f530edfefccd6c86722471a420157  2009.0/SRPMS/wireshark-1.0.8-3.3mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 351498c928631fca8b4a17e2cda0e9e4  2009.0/x86_64/dumpcap-1.0.8-3.3mdv2009.0.x86_64.rpm
 031e245b10fbceb7b0c31a6655f6e865  2009.0/x86_64/lib64wireshark0-1.0.8-3.3mdv2009.0.x86_64.rpm
 ea2868e2e3275ef8d81d1df0921c94a4  2009.0/x86_64/lib64wireshark-devel-1.0.8-3.3mdv2009.0.x86_64.rpm
 c2de9defd468a89b0253dc666c1deec5  2009.0/x86_64/rawshark-1.0.8-3.3mdv2009.0.x86_64.rpm
 b78e8891183e62b82c7e2b69c82d6b2f  2009.0/x86_64/tshark-1.0.8-3.3mdv2009.0.x86_64.rpm
 77587f7f59238df2369268343fab38df  2009.0/x86_64/wireshark-1.0.8-3.3mdv2009.0.x86_64.rpm
 7f73ef1ea62e8135449aef0081767b9a  2009.0/x86_64/wireshark-tools-1.0.8-3.3mdv2009.0.x86_64.rpm 
 557f530edfefccd6c86722471a420157  2009.0/SRPMS/wireshark-1.0.8-3.3mdv2009.0.src.rpm

 Mandriva Linux 2009.1:
 60a5e67fccdef0c1262fbd0a09c2348c  2009.1/i586/dumpcap-1.0.8-3.3mdv2009.1.i586.rpm
 5acf7dc50d50c411b95197afd57e900e  2009.1/i586/libwireshark0-1.0.8-3.3mdv2009.1.i586.rpm
 b5d518bb595eab0ae8d45076251f5310  2009.1/i586/libwireshark-devel-1.0.8-3.3mdv2009.1.i586.rpm
 9e6420089364f4328f23f69097234ef4  2009.1/i586/rawshark-1.0.8-3.3mdv2009.1.i586.rpm
 6f1185ef8f9f40bbb658f717aa3e1bc3  2009.1/i586/tshark-1.0.8-3.3mdv2009.1.i586.rpm
 abb50dcc4f9f724a9616c9312f22242d  2009.1/i586/wireshark-1.0.8-3.3mdv2009.1.i586.rpm
 9b57739a885b779ed27f8ecd1741741c  2009.1/i586/wireshark-tools-1.0.8-3.3mdv2009.1.i586.rpm 
 0de2b5f93d233d934fc60db6b878df39  2009.1/SRPMS/wireshark-1.0.8-3.3mdv2009.1.src.rpm

 Mandriva Linux 2009.1/X86_64:
 bd69b75efaf76123bc6f432b497c4d48  2009.1/x86_64/dumpcap-1.0.8-3.3mdv2009.1.x86_64.rpm
 ca9e6caf06d3d04b6733c91b4fdebadf  2009.1/x86_64/lib64wireshark0-1.0.8-3.3mdv2009.1.x86_64.rpm
 080aeaac702ee188bb14117f4fb8ad78  2009.1/x86_64/lib64wireshark-devel-1.0.8-3.3mdv2009.1.x86_64.rpm
 26f7faa79b096c647a7dc28b7437a43d  2009.1/x86_64/rawshark-1.0.8-3.3mdv2009.1.x86_64.rpm
 907b493706802e0346f9b49d30c6ab8a  2009.1/x86_64/tshark-1.0.8-3.3mdv2009.1.x86_64.rpm
 e9f7324616e46f70f1121067c7e90763  2009.1/x86_64/wireshark-1.0.8-3.3mdv2009.1.x86_64.rpm
 6d8711428172217d929ddde4af90d753  2009.1/x86_64/wireshark-tools-1.0.8-3.3mdv2009.1.x86_64.rpm 
 0de2b5f93d233d934fc60db6b878df39  2009.1/SRPMS/wireshark-1.0.8-3.3mdv2009.1.src.rpm

 Corporate 4.0:
 235a73de04afa52b6c2bd4d15fc04de8  corporate/4.0/i586/dumpcap-1.0.8-0.3.20060mlcs4.i586.rpm
 527692971e6feb970b85d660ec3db6f5  corporate/4.0/i586/libwireshark0-1.0.8-0.3.20060mlcs4.i586.rpm
 54e5d379b63c1dd73dd0a6637117c80e  corporate/4.0/i586/libwireshark-devel-1.0.8-0.3.20060mlcs4.i586.rpm
 3c632ea90bef9509cb12c87ab4260bc5  corporate/4.0/i586/rawshark-1.0.8-0.3.20060mlcs4.i586.rpm
 8009af53ab8d2f2e6771c08d88f3696e  corporate/4.0/i586/tshark-1.0.8-0.3.20060mlcs4.i586.rpm
 22f786d733ceada2b2714d7a92bdbd96  corporate/4.0/i586/wireshark-1.0.8-0.3.20060mlcs4.i586.rpm
 b4c9f6f49203ddfa51e71dc63a859f63  corporate/4.0/i586/wireshark-tools-1.0.8-0.3.20060mlcs4.i586.rpm 
 c595cf7c6f131cf59cd842886f5ad4b8  corporate/4.0/SRPMS/wireshark-1.0.8-0.3.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 42469cfd64904936faa44d905748528c  corporate/4.0/x86_64/dumpcap-1.0.8-0.3.20060mlcs4.x86_64.rpm
 69b656cbd3318d651a3e0848eb075d25  corporate/4.0/x86_64/lib64wireshark0-1.0.8-0.3.20060mlcs4.x86_64.rpm
 b5b033f2e2dcd4f3dd7667c7ce3dcbd7  corporate/4.0/x86_64/lib64wireshark-devel-1.0.8-0.3.20060mlcs4.x86_64.rpm
 3ce35df4b75a82efe453b0029920e6b4  corporate/4.0/x86_64/rawshark-1.0.8-0.3.20060mlcs4.x86_64.rpm
 434a75fe14dcd011a41e776a14ed7350  corporate/4.0/x86_64/tshark-1.0.8-0.3.20060mlcs4.x86_64.rpm
 6ad3ecc27f403ca13b083b238b06c7e7  corporate/4.0/x86_64/wireshark-1.0.8-0.3.20060mlcs4.x86_64.rpm
 30314354841e099d96d4b027663b5015  corporate/4.0/x86_64/wireshark-tools-1.0.8-0.3.20060mlcs4.x86_64.rpm 
 c595cf7c6f131cf59cd842886f5ad4b8  corporate/4.0/SRPMS/wireshark-1.0.8-0.3.20060mlcs4.src.rpm

 Mandriva Enterprise Server 5:
 17f89060c77952ed112258f1abfe0abc  mes5/i586/dumpcap-1.0.8-3.3mdvmes5.i586.rpm
 abe0adc98b505d61603fe290bc7e61d1  mes5/i586/libwireshark0-1.0.8-3.3mdvmes5.i586.rpm
 49d5467f90ebb20fba8fc357accd2ba7  mes5/i586/libwireshark-devel-1.0.8-3.3mdvmes5.i586.rpm
 352b688a76410b04c541c4e203c9e7a2  mes5/i586/rawshark-1.0.8-3.3mdvmes5.i586.rpm
 b98e60094dea42ac3342bc26e215dead  mes5/i586/tshark-1.0.8-3.3mdvmes5.i586.rpm
 c6ea5e0db20a3094c3d5d88a5038a0c8  mes5/i586/wireshark-1.0.8-3.3mdvmes5.i586.rpm
 a101c193c08eeaa47f036407360981b5  mes5/i586/wireshark-tools-1.0.8-3.3mdvmes5.i586.rpm 
 8aa8055f7abf91a44be930b673a17666  mes5/SRPMS/wireshark-1.0.8-3.3mdvmes5.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 81435f348933151e20d407dc454b7185  mes5/x86_64/dumpcap-1.0.8-3.3mdvmes5.x86_64.rpm
 1bc631e207090e4ea14697f6402698af  mes5/x86_64/lib64wireshark0-1.0.8-3.3mdvmes5.x86_64.rpm
 96aa50d0c98a3b67186b5a6aa4fd564b  mes5/x86_64/lib64wireshark-devel-1.0.8-3.3mdvmes5.x86_64.rpm
 9017d0824e7358b941a021e9b15c05cf  mes5/x86_64/rawshark-1.0.8-3.3mdvmes5.x86_64.rpm
 9fe1cc86912952fdd1a43a27081c52db  mes5/x86_64/tshark-1.0.8-3.3mdvmes5.x86_64.rpm
 550faa2dc40cd436b5119d969da8553a  mes5/x86_64/wireshark-1.0.8-3.3mdvmes5.x86_64.rpm
 67485a40e441e2d23f14e9e227618a9b  mes5/x86_64/wireshark-tools-1.0.8-3.3mdvmes5.x86_64.rpm 
 8aa8055f7abf91a44be930b673a17666  mes5/SRPMS/wireshark-1.0.8-3.3mdvmes5.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Infosec geniuses hack a Canon PRINTER and install DOOM
How network virtualization is used as a security tool
Here's What Hackers Can Do With Your CRM Data
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.