Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Linux :: Mandrake/Mandriva :: bu-1525.htm

wireshark vulns



wireshark
wireshark




-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2010:016
http://www.mandriva.com/security/ 
 _______________________________________________________________________

 Package : wireshark
 Date    : January 19, 2010
 Affected: 2010.0
 _______________________________________________________________________

 Problem Description:

 This advisory updates wireshark to the latest 1.2.5 version, fixing
 several bugs and two security issues:
 - The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through
 1.2.4 allow remote attackers to cause a denial of service (crash)
 via a crafted packet (CVE-2009-4377)
 - Buffer overflow in the daintree_sna_read function in the Daintree SNA
 file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers
 to cause a denial of service (crash) and possibly execute arbitrary
 code via a crafted packet (CVE-2009-4376)
 _______________________________________________________________________

 References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4376 
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4377 
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2010.0:
 71fad681a10a98ad96748d56b43bd960  2010.0/i586/dumpcap-1.2.5-0.1mdv2010.0.i586.rpm
 43ffdef387c1fad7fbb160d2d889204c  2010.0/i586/libwireshark0-1.2.5-0.1mdv2010.0.i586.rpm
 5cfb711e7f8570d4c53a7e39d21493c9  2010.0/i586/libwireshark-devel-1.2.5-0.1mdv2010.0.i586.rpm
 855aaba96ae547f133accc19d28f4b2a  2010.0/i586/rawshark-1.2.5-0.1mdv2010.0.i586.rpm
 0ebac28e997e78c262a8db3697a23fde  2010.0/i586/tshark-1.2.5-0.1mdv2010.0.i586.rpm
 c2153b4b3464dd386893e6229d9c8f50  2010.0/i586/wireshark-1.2.5-0.1mdv2010.0.i586.rpm
 9f51d0e64efd305a6d467733a32aeec7  2010.0/i586/wireshark-tools-1.2.5-0.1mdv2010.0.i586.rpm 
 ee0acbe505f1858cb59910e31b7bf4c2  2010.0/SRPMS/wireshark-1.2.5-0.1mdv2010.0.src.rpm

 Mandriva Linux 2010.0/X86_64:
 6e15d89640ea989bef2a24f0425b2a3c  2010.0/x86_64/dumpcap-1.2.5-0.1mdv2010.0.x86_64.rpm
 8e3b54a7a3d1e7d3b4adfdb70559c752  2010.0/x86_64/lib64wireshark0-1.2.5-0.1mdv2010.0.x86_64.rpm
 92d2201100d1287e6e9164c8359e7560  2010.0/x86_64/lib64wireshark-devel-1.2.5-0.1mdv2010.0.x86_64.rpm
 15700bec5593abcf433411681f550b04  2010.0/x86_64/rawshark-1.2.5-0.1mdv2010.0.x86_64.rpm
 d116da6fdb16399ed7fb2844d40a482b  2010.0/x86_64/tshark-1.2.5-0.1mdv2010.0.x86_64.rpm
 097559cc9433780f5ed4c7a59f60a48d  2010.0/x86_64/wireshark-1.2.5-0.1mdv2010.0.x86_64.rpm
 f33ba47217f3119efdd72bd45acbc2fa  2010.0/x86_64/wireshark-tools-1.2.5-0.1mdv2010.0.x86_64.rpm 
 ee0acbe505f1858cb59910e31b7bf4c2  2010.0/SRPMS/wireshark-1.2.5-0.1mdv2010.0.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories 

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFLVfA+mqjQ0CJFipgRAty7AJ98uQATqxPiIV6XZxridVVB2EXiaQCcCT6B
XzjQPq1qfm35N5YckR5xiis=U+on
-----END PGP SIGNATURE-----



TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH