Jump to content
Compatible Support Forums
Sign in to follow this  
Followers 0
news

[Security Announce] [ MDVSA-2010:016 ] wireshark

By news, in Upcoming News

Recommended Posts

news    28

news
Posted

This is a multi-part message in MIME format...

 

------------=_1263934648-24326-3659

 

 

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

 

_______________________________________________________________________

 

Mandriva Linux Security Advisory MDVSA-2010:016

http://www.mandriva.com/security/

_______________________________________________________________________

 

Package : wireshark

Date : January 19, 2010

Affected: 2010.0

_______________________________________________________________________

 

Problem Description:

 

This advisory updates wireshark to the latest 1.2.5 version, fixing

several bugs and two security issues:

- The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through

1.2.4 allow remote attackers to cause a denial of service (crash)

via a crafted packet (CVE-2009-4377)

- Buffer overflow in the daintree_sna_read function in the Daintree SNA

file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers

to cause a denial of service (crash) and possibly execute arbitrary

code via a crafted packet (CVE-2009-4376)

_______________________________________________________________________

 

References:

 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4376

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4377

_______________________________________________________________________

 

Updated Packages:

 

Mandriva Linux 2010.0:

71fad681a10a98ad96748d56b43bd960 2010.0/i586/dumpcap-1.2.5-0.1mdv2010.0.i586.rpm

43ffdef387c1fad7fbb160d2d889204c 2010.0/i586/libwireshark0-1.2.5-0.1mdv2010.0.i586.rpm

5cfb711e7f8570d4c53a7e39d21493c9 2010.0/i586/libwireshark-devel-1.2.5-0.1mdv2010.0.i586.rpm

855aaba96ae547f133accc19d28f4b2a 2010.0/i586/rawshark-1.2.5-0.1mdv2010.0.i586.rpm

0ebac28e997e78c262a8db3697a23fde 2010.0/i586/tshark-1.2.5-0.1mdv2010.0.i586.rpm

c2153b4b3464dd386893e6229d9c8f50 2010.0/i586/wireshark-1.2.5-0.1mdv2010.0.i586.rpm

9f51d0e64efd305a6d467733a32aeec7 2010.0/i586/wireshark-tools-1.2.5-0.1mdv2010.0.i586.rpm

ee0acbe505f1858cb59910e31b7bf4c2 2010.0/SRPMS/wireshark-1.2.5-0.1mdv2010.0.src.rpm

 

Mandriva Linux 2010.0/X86_64:

6e15d89640ea989bef2a24f0425b2a3c 2010.0/x86_64/dumpcap-1.2.5-0.1mdv2010.0.x86_64.rpm

8e3b54a7a3d1e7d3b4adfdb70559c752 2010.0/x86_64/lib64wireshark0-1.2.5-0.1mdv2010.0.x86_64.rpm

92d2201100d1287e6e9164c8359e7560 2010.0/x86_64/lib64wireshark-devel-1.2.5-0.1mdv2010.0.x86_64.rpm

15700bec5593abcf433411681f550b04 2010.0/x86_64/rawshark-1.2.5-0.1mdv2010.0.x86_64.rpm

d116da6fdb16399ed7fb2844d40a482b 2010.0/x86_64/tshark-1.2.5-0.1mdv2010.0.x86_64.rpm

097559cc9433780f5ed4c7a59f60a48d 2010.0/x86_64/wireshark-1.2.5-0.1mdv2010.0.x86_64.rpm

f33ba47217f3119efdd72bd45acbc2fa 2010.0/x86_64/wireshark-tools-1.2.5-0.1mdv2010.0.x86_64.rpm

ee0acbe505f1858cb59910e31b7bf4c2 2010.0/SRPMS/wireshark-1.2.5-0.1mdv2010.0.src.rpm

_______________________________________________________________________

 

To upgrade automatically use MandrivaUpdate or urpmi. The verification

of md5 checksums and GPG signatures is performed automatically for you.

 

All packages are signed by Mandriva for security. You can obtain the

GPG public key of the Mandriva Security Team by executing:

 

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 

You can view other update advisories for Mandriva Linux at:

 

http://www.mandriva.com/security/advisories

 

If you want to report vulnerabilities, please contact

 

security_(at)_mandriva.com

_______________________________________________________________________

 

Type Bits/KeyID Date User ID

pub 1024D/22458A98 2000-07-10 Mandriva Security Team

 

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.9 (GNU/Linux)

 

iD8DBQFLVfA+mqjQ0CJFipgRAty7AJ98uQATqxPiIV6XZxridVVB2EXiaQCcCT6B

XzjQPq1qfm35N5YckR5xiis=

=U+on

-----END PGP SIGNATURE-----

 

 

------------=_1263934648-24326-3659

Content-Type: text/plain; name="message-footer.txt"

Content-Disposition: inline; filename="message-footer.txt"

Content-Transfer-Encoding: 8bit

 

To unsubscribe, send a email to sympa ( -at -) mandrivalinux.org

with this subject : unsubscribe security-announce

_______________________________________________________

Want to buy your Pack or Services from Mandriva?

Go to http://www.mandrivastore.com

Join the Club : http://www.mandrivaclub.com

_______________________________________________________

 

------------=_1263934648-24326-3659--

 

 

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Upcoming News
×