LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: December 19th, 2014
Linux Advisory Watch: December 12th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: 2010:144: wireshark Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake This advisory updates wireshark to the latest version(s), fixing several security issues: Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack [More...]
 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2010:144
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : wireshark
 Date    : August 4, 2010
 Affected: 2009.1, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 This advisory updates wireshark to the latest version(s), fixing
 several security issues:
 
 Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through
 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack
 vectors (CVE-2010-2284).
 
 Buffer overflow in the SigComp Universal Decompressor Virtual Machine
 dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8
 has unknown impact and remote attack vectors (CVE-2010-2287).
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2284
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2287
 http://www.wireshark.org/docs/relnotes/wireshark-1.0.15.html
 http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2009.1:
 649929b220accc84d3a09cec3f4d16c6  2009.1/i586/dumpcap-1.0.15-0.1mdv2009.1.i586.rpm
 fe9ac34bb04cdaf07928f48e6c504842  2009.1/i586/libwireshark0-1.0.15-0.1mdv2009.1.i586.rpm
 853c3a49e0ba23ca7c8a792a3666fb82  2009.1/i586/libwireshark-devel-1.0.15-0.1mdv2009.1.i586.rpm
 809535583954ce35bf8992d6213aeaf7  2009.1/i586/rawshark-1.0.15-0.1mdv2009.1.i586.rpm
 285be0f4b537006e9005aaf40cd384d2  2009.1/i586/tshark-1.0.15-0.1mdv2009.1.i586.rpm
 392f629afb206556394be294f789e1da  2009.1/i586/wireshark-1.0.15-0.1mdv2009.1.i586.rpm
 e6c10b3275d1fec0706f459d8fd0df80  2009.1/i586/wireshark-tools-1.0.15-0.1mdv2009.1.i586.rpm 
 6cf37803deacd414442d0c14579ecbdd  2009.1/SRPMS/wireshark-1.0.15-0.1mdv2009.1.src.rpm

 Mandriva Linux 2009.1/X86_64:
 58e8f5a39b7be3e0869899f94ce28df7  2009.1/x86_64/dumpcap-1.0.15-0.1mdv2009.1.x86_64.rpm
 5a57f2f2921189c3c1c87ebc91fced9f  2009.1/x86_64/lib64wireshark0-1.0.15-0.1mdv2009.1.x86_64.rpm
 270aed9d53b55438c8f0652cc8d56b72  2009.1/x86_64/lib64wireshark-devel-1.0.15-0.1mdv2009.1.x86_64.rpm
 566568bc35889d4c82c3db488c4ec64e  2009.1/x86_64/rawshark-1.0.15-0.1mdv2009.1.x86_64.rpm
 064cf822bbf4974f1b7428b43c7b6709  2009.1/x86_64/tshark-1.0.15-0.1mdv2009.1.x86_64.rpm
 590c5e18004ed458158aedfb9019a535  2009.1/x86_64/wireshark-1.0.15-0.1mdv2009.1.x86_64.rpm
 28855b853115f2ca4c2b89a39d901271  2009.1/x86_64/wireshark-tools-1.0.15-0.1mdv2009.1.x86_64.rpm 
 6cf37803deacd414442d0c14579ecbdd  2009.1/SRPMS/wireshark-1.0.15-0.1mdv2009.1.src.rpm

 Mandriva Linux 2010.0:
 f286bf9a609d4a4bc4b45a87d1ee3910  2010.0/i586/dumpcap-1.2.10-0.1mdv2010.0.i586.rpm
 fe875ffdd62c4bc02171c749a55b0d5e  2010.0/i586/libwireshark0-1.2.10-0.1mdv2010.0.i586.rpm
 02b337d9f05512076a7a7ae992329428  2010.0/i586/libwireshark-devel-1.2.10-0.1mdv2010.0.i586.rpm
 1ea873e0ffde43399344e4c4fd32ad51  2010.0/i586/rawshark-1.2.10-0.1mdv2010.0.i586.rpm
 33123c074f901ff4eefcab2d8a8331cd  2010.0/i586/tshark-1.2.10-0.1mdv2010.0.i586.rpm
 b6d104b10caa14e34aae52877c334631  2010.0/i586/wireshark-1.2.10-0.1mdv2010.0.i586.rpm
 a81812f5bee2ff7a5882e15e799cf143  2010.0/i586/wireshark-tools-1.2.10-0.1mdv2010.0.i586.rpm 
 bfdc0eda31ac02b624cb3e29c10a80fc  2010.0/SRPMS/wireshark-1.2.10-0.1mdv2010.0.src.rpm

 Mandriva Linux 2010.0/X86_64:
 4648788496bbe490cc2b2f16028421e5  2010.0/x86_64/dumpcap-1.2.10-0.1mdv2010.0.x86_64.rpm
 16e5d6c2c4e0d4e65cd6f5e1bab329c9  2010.0/x86_64/lib64wireshark0-1.2.10-0.1mdv2010.0.x86_64.rpm
 94444fadfd5d95ec04e15fd0ef77d655  2010.0/x86_64/lib64wireshark-devel-1.2.10-0.1mdv2010.0.x86_64.rpm
 d48c90be3918a12615aa708f9e7c1f8e  2010.0/x86_64/rawshark-1.2.10-0.1mdv2010.0.x86_64.rpm
 91cf1c3076a776d176455a0a721f7561  2010.0/x86_64/tshark-1.2.10-0.1mdv2010.0.x86_64.rpm
 fa58a0335a911ca507bbee371cf8ce8c  2010.0/x86_64/wireshark-1.2.10-0.1mdv2010.0.x86_64.rpm
 aa5cb120bc78e48491849ac8b5ea224c  2010.0/x86_64/wireshark-tools-1.2.10-0.1mdv2010.0.x86_64.rpm 
 bfdc0eda31ac02b624cb3e29c10a80fc  2010.0/SRPMS/wireshark-1.2.10-0.1mdv2010.0.src.rpm

 Mandriva Linux 2010.1:
 40c7b0ba7f02da73e6904840e4861ea0  2010.1/i586/dumpcap-1.2.10-0.1mdv2010.1.i586.rpm
 26e9032812ac8f0ab0291eb690f99375  2010.1/i586/libwireshark0-1.2.10-0.1mdv2010.1.i586.rpm
 2f0989489127e31859270f49bf75b2b8  2010.1/i586/libwireshark-devel-1.2.10-0.1mdv2010.1.i586.rpm
 e261ff676225ab54a491cda5e6db6c88  2010.1/i586/rawshark-1.2.10-0.1mdv2010.1.i586.rpm
 c49509969104228248717279ad9a5f99  2010.1/i586/tshark-1.2.10-0.1mdv2010.1.i586.rpm
 a1eb4bae12bde6f1d3c4d6c7640b7b8d  2010.1/i586/wireshark-1.2.10-0.1mdv2010.1.i586.rpm
 cae58096d8cd4c5c09a776a1752a824f  2010.1/i586/wireshark-tools-1.2.10-0.1mdv2010.1.i586.rpm 
 bb0b88dadd21016dd0eb5658eb1409d1  2010.1/SRPMS/wireshark-1.2.10-0.1mdv2010.1.src.rpm

 Mandriva Linux 2010.1/X86_64:
 75a844c34042e0025a7b3246b4d8afd5  2010.1/x86_64/dumpcap-1.2.10-0.1mdv2010.1.x86_64.rpm
 bbb7a7f9645e6e357b9729c7b153f286  2010.1/x86_64/lib64wireshark0-1.2.10-0.1mdv2010.1.x86_64.rpm
 206509108a6bc75f90a9d926981aa810  2010.1/x86_64/lib64wireshark-devel-1.2.10-0.1mdv2010.1.x86_64.rpm
 bd90e8eaca22e75ec4be1e9f2d6286d7  2010.1/x86_64/rawshark-1.2.10-0.1mdv2010.1.x86_64.rpm
 d097aa15ee120fdf9759933e6e6e2d42  2010.1/x86_64/tshark-1.2.10-0.1mdv2010.1.x86_64.rpm
 b33aadf34dcc47717f65b0ca05aba65e  2010.1/x86_64/wireshark-1.2.10-0.1mdv2010.1.x86_64.rpm
 b58853ddf4fd87201ca363f58f0a66a8  2010.1/x86_64/wireshark-tools-1.2.10-0.1mdv2010.1.x86_64.rpm 
 bb0b88dadd21016dd0eb5658eb1409d1  2010.1/SRPMS/wireshark-1.2.10-0.1mdv2010.1.src.rpm

 Corporate 4.0:
 2fb380c5d0e13388f08b8d3816d69d6a  corporate/4.0/i586/dumpcap-1.0.15-0.1.20060mlcs4.i586.rpm
 b09967e9b8e6fd62f43ce1594cb03b3b  corporate/4.0/i586/libwireshark0-1.0.15-0.1.20060mlcs4.i586.rpm
 c9094d5e890265b8d212ff520652a94e  corporate/4.0/i586/libwireshark-devel-1.0.15-0.1.20060mlcs4.i586.rpm
 57de461a9e939792d4d47a193db66414  corporate/4.0/i586/rawshark-1.0.15-0.1.20060mlcs4.i586.rpm
 470752a4722aa3579a021491a77f8a02  corporate/4.0/i586/tshark-1.0.15-0.1.20060mlcs4.i586.rpm
 629b138145e384e1769807442557997f  corporate/4.0/i586/wireshark-1.0.15-0.1.20060mlcs4.i586.rpm
 0543f4009f485a88228d6fbad0651006  corporate/4.0/i586/wireshark-tools-1.0.15-0.1.20060mlcs4.i586.rpm 
 c2a8777b9e91c10db49dcce4bc07ca8f  corporate/4.0/SRPMS/wireshark-1.0.15-0.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 4bcee5cf2b7789794b249a976ab1c090  corporate/4.0/x86_64/dumpcap-1.0.15-0.1.20060mlcs4.x86_64.rpm
 12b528fcebd6f308c9a07b7c8c2808ae  corporate/4.0/x86_64/lib64wireshark0-1.0.15-0.1.20060mlcs4.x86_64.rpm
 03d8df3825ca8ec17eee0d7c1b8f0434  corporate/4.0/x86_64/lib64wireshark-devel-1.0.15-0.1.20060mlcs4.x86_64.rpm
 3331e2e29508545cd1df845f90505e2e  corporate/4.0/x86_64/rawshark-1.0.15-0.1.20060mlcs4.x86_64.rpm
 4f3f7eea19272c34c9772750f7deabf8  corporate/4.0/x86_64/tshark-1.0.15-0.1.20060mlcs4.x86_64.rpm
 23b80b45cc197265f9de150663b92a2d  corporate/4.0/x86_64/wireshark-1.0.15-0.1.20060mlcs4.x86_64.rpm
 74099b44b693ff24f153ed3657885f75  corporate/4.0/x86_64/wireshark-tools-1.0.15-0.1.20060mlcs4.x86_64.rpm 
 c2a8777b9e91c10db49dcce4bc07ca8f  corporate/4.0/SRPMS/wireshark-1.0.15-0.1.20060mlcs4.src.rpm

 Mandriva Enterprise Server 5:
 dac13de131da417f6f5ee277ef29fdad  mes5/i586/dumpcap-1.0.15-0.1mdvmes5.1.i586.rpm
 0cff76874dc8a32453c83339525ab86a  mes5/i586/libwireshark0-1.0.15-0.1mdvmes5.1.i586.rpm
 26c12363682d353a4f092bbcef1c973d  mes5/i586/libwireshark-devel-1.0.15-0.1mdvmes5.1.i586.rpm
 a8ff72f2783addc89d70ac757a43e3c6  mes5/i586/rawshark-1.0.15-0.1mdvmes5.1.i586.rpm
 b6bcb8213a97f268bb8ff5399c98b90e  mes5/i586/tshark-1.0.15-0.1mdvmes5.1.i586.rpm
 b31e891b8f5e790da05c0e038c1dbda9  mes5/i586/wireshark-1.0.15-0.1mdvmes5.1.i586.rpm
 db8612a1102500e85dfba9c46b02d530  mes5/i586/wireshark-tools-1.0.15-0.1mdvmes5.1.i586.rpm 
 68633f05c02b2cc27640f3f07ae74979  mes5/SRPMS/wireshark-1.0.15-0.1mdvmes5.1.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 1ded87839c1efce910be6dd47b197a87  mes5/x86_64/dumpcap-1.0.15-0.1mdvmes5.1.x86_64.rpm
 d91facbb2261cc88e87d8d82bbba7018  mes5/x86_64/lib64wireshark0-1.0.15-0.1mdvmes5.1.x86_64.rpm
 507e512d9b34124e34b3f9f5d745e0a5  mes5/x86_64/lib64wireshark-devel-1.0.15-0.1mdvmes5.1.x86_64.rpm
 9ca6376417d980bd245f1a139e62cb34  mes5/x86_64/rawshark-1.0.15-0.1mdvmes5.1.x86_64.rpm
 e699c4729a8d0d707637e18435bc17e7  mes5/x86_64/tshark-1.0.15-0.1mdvmes5.1.x86_64.rpm
 0e3d4a033e45bf69aeba46bd0a489f4d  mes5/x86_64/wireshark-1.0.15-0.1mdvmes5.1.x86_64.rpm
 7e1adf1ecdd7b98a3354e13a7a38153f  mes5/x86_64/wireshark-tools-1.0.15-0.1mdvmes5.1.x86_64.rpm 
 68633f05c02b2cc27640f3f07ae74979  mes5/SRPMS/wireshark-1.0.15-0.1mdvmes5.1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.