Pardus: 2010-113: Wireshark: Multiple
Posted by Benjamin D. Thomas   
Multiple vulnerabilities have been fixed in Wireshark.
------------------------------------------------------------------------
Pardus Linux Security Advisory 2010-113           security@pardus.org.tr
------------------------------------------------------------------------
      Date: 2010-08-12
  Severity: 3
      Type: Remote
------------------------------------------------------------------------

Summary
======
Multiple vulnerabilities have been fixed in Wireshark.


Description
==========
CVE-2010-2287:

Buffer overflow in the SigComp Universal Decompressor  Virtual  Machine
dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has
unknown impact and remote attack vectors.



CVE-2010-2284:

Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through
1.0.13 and 1.2.0 through 1.2.8 has unknown  impact  and  remote  attack
vectors.



Affected packages:

  Pardus 2009:
    wireshark, all before 1.2.10-36-13


Resolution
=========
There are update(s) for wireshark. You  can  update  them  via  Package
Manager or with a single command from console:

    pisi up wireshark

References
=========
  * http://bugs.pardus.org.tr/show_bug.cgi?id922

------------------------------------------------------------------------