Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:24068
HistoryJun 14, 2010 - 12:00 a.m.

[ MDVSA-2010:113 ] wireshark

2010-06-1400:00:00
vulners.com
4

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Mandriva Linux Security Advisory MDVSA-2010:113
http://www.mandriva.com/security/


Package : wireshark
Date : June 10, 2010
Affected: 2009.1, 2010.0, Corporate 4.0, Enterprise Server 5.0


Problem Description:

This advisory updates wireshark to the latest version(s), fixing
several security issues:

  • The SMB dissector could dereference a NULL pointer. (Bug 4734)
  • J. Oquendo discovered that the ASN.1 BER dissector could overrun
    the stack.
  • The SMB PIPE dissector could dereference a NULL pointer on some
    platforms.
  • The SigComp Universal Decompressor Virtual Machine could go into
    an infinite loop. (Bug 4826)
  • The SigComp Universal Decompressor Virtual Machine could overrun
    a buffer. (Bug 4837)

References:

http://www.wireshark.org/security/wnpa-sec-2010-06.html


Updated Packages:

Mandriva Linux 2009.1:
0149a3fead677c67a65d689ca5d14003 2009.1/i586/dumpcap-1.0.14-0.1mdv2009.1.i586.rpm
11cc457d2403d1528a21ffe5b9ac7262 2009.1/i586/libwireshark0-1.0.14-0.1mdv2009.1.i586.rpm
f21953c954858ae6a42ac17c2652cfd3
2009.1/i586/libwireshark-devel-1.0.14-0.1mdv2009.1.i586.rpm
9ce458c253544e9db459e47031d0fc14 2009.1/i586/rawshark-1.0.14-0.1mdv2009.1.i586.rpm
ec86335e22ee4131f3309c9ac7f89179 2009.1/i586/tshark-1.0.14-0.1mdv2009.1.i586.rpm
51d99d113f714d520a6822e40bd404b1 2009.1/i586/wireshark-1.0.14-0.1mdv2009.1.i586.rpm
7cce0b057fe2ddba39322a6c8e921021
2009.1/i586/wireshark-tools-1.0.14-0.1mdv2009.1.i586.rpm
3e445d801ec43cec961207ed015ab18b 2009.1/SRPMS/wireshark-1.0.14-0.1mdv2009.1.src.rpm

Mandriva Linux 2009.1/X86_64:
8c62a4b0639d0410f8a7ba0eb570aba9 2009.1/x86_64/dumpcap-1.0.14-0.1mdv2009.1.x86_64.rpm
4c3e4e1ac92419e056e0d7c17388c7a5
2009.1/x86_64/lib64wireshark0-1.0.14-0.1mdv2009.1.x86_64.rpm
22142ce9111218ac0a2e8e8a349c777d
2009.1/x86_64/lib64wireshark-devel-1.0.14-0.1mdv2009.1.x86_64.rpm
8ae04d4331132c1d7760191a74554097 2009.1/x86_64/rawshark-1.0.14-0.1mdv2009.1.x86_64.rpm
31ccfda4a4876616f0060d138c3bf792 2009.1/x86_64/tshark-1.0.14-0.1mdv2009.1.x86_64.rpm
2009a55c6de17a76bac77527df496805 2009.1/x86_64/wireshark-1.0.14-0.1mdv2009.1.x86_64.rpm
ed9dc6458f9a2d420c09f2ae60d94305
2009.1/x86_64/wireshark-tools-1.0.14-0.1mdv2009.1.x86_64.rpm
3e445d801ec43cec961207ed015ab18b 2009.1/SRPMS/wireshark-1.0.14-0.1mdv2009.1.src.rpm

Mandriva Linux 2010.0:
957483b67e3a59c962f68682681a9353 2010.0/i586/dumpcap-1.2.9-0.1mdv2010.0.i586.rpm
307f4c51e60f12266a6249847eb3084c 2010.0/i586/libwireshark0-1.2.9-0.1mdv2010.0.i586.rpm
783bb6328cddb6d67ca78903de21fd78
2010.0/i586/libwireshark-devel-1.2.9-0.1mdv2010.0.i586.rpm
e8263e71c5535834050e2545fda00269 2010.0/i586/rawshark-1.2.9-0.1mdv2010.0.i586.rpm
8fd5540508424a4efb961846fc6effcf 2010.0/i586/tshark-1.2.9-0.1mdv2010.0.i586.rpm
24d88246de24678efe207b514dc921c0 2010.0/i586/wireshark-1.2.9-0.1mdv2010.0.i586.rpm
eed336910fa875e328b4bae15e393c6d
2010.0/i586/wireshark-tools-1.2.9-0.1mdv2010.0.i586.rpm
ff08f1c116a92a85482d9a7add3048c2 2010.0/SRPMS/wireshark-1.2.9-0.1mdv2010.0.src.rpm

Mandriva Linux 2010.0/X86_64:
e0a17c636356a9e98712844f1cbfc1d4 2010.0/x86_64/dumpcap-1.2.9-0.1mdv2010.0.x86_64.rpm
b4b393e753cb7faa7d0772e04f491635
2010.0/x86_64/lib64wireshark0-1.2.9-0.1mdv2010.0.x86_64.rpm
76a874fa3d61dc9b1f02e8bb5f8a3b37
2010.0/x86_64/lib64wireshark-devel-1.2.9-0.1mdv2010.0.x86_64.rpm
9e55b4d27b3c9ec612118f444c0d466c 2010.0/x86_64/rawshark-1.2.9-0.1mdv2010.0.x86_64.rpm
30b3f61b36ca7f5b3a3609097eb8243b 2010.0/x86_64/tshark-1.2.9-0.1mdv2010.0.x86_64.rpm
bac14f9558cd32fe67ad9e02c1d7f028 2010.0/x86_64/wireshark-1.2.9-0.1mdv2010.0.x86_64.rpm
29e8a3388febbd18408582d1c36bb461
2010.0/x86_64/wireshark-tools-1.2.9-0.1mdv2010.0.x86_64.rpm
ff08f1c116a92a85482d9a7add3048c2 2010.0/SRPMS/wireshark-1.2.9-0.1mdv2010.0.src.rpm

Corporate 4.0:
6dae354dc5bfb616c8e1b934ed7916a2
corporate/4.0/i586/dumpcap-1.0.14-0.1.20060mlcs4.i586.rpm
ebc9b7995eda40b26ba9e3b3ba961ebc
corporate/4.0/i586/libwireshark0-1.0.14-0.1.20060mlcs4.i586.rpm
74f01e8e41aadfa90c2f07780d113a9d
corporate/4.0/i586/libwireshark-devel-1.0.14-0.1.20060mlcs4.i586.rpm
0865efb6c3ec94de7a15f4ad1a16d16c
corporate/4.0/i586/rawshark-1.0.14-0.1.20060mlcs4.i586.rpm
f48013915dbb1876ca6853d5ababc3b0
corporate/4.0/i586/tshark-1.0.14-0.1.20060mlcs4.i586.rpm
4527afe77f80cf422ff2afad2af160df
corporate/4.0/i586/wireshark-1.0.14-0.1.20060mlcs4.i586.rpm
7e9363e0291f06f2b7026b1cf686e8fb
corporate/4.0/i586/wireshark-tools-1.0.14-0.1.20060mlcs4.i586.rpm
0d0b4bb69b5c512396237d9c2afd5e27
corporate/4.0/SRPMS/wireshark-1.0.14-0.1.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
ec6ca062956bc7cd85ed63b3126edd75
corporate/4.0/x86_64/dumpcap-1.0.14-0.1.20060mlcs4.x86_64.rpm
b028dba7a3521d06c5e14968ab098cfe
corporate/4.0/x86_64/lib64wireshark0-1.0.14-0.1.20060mlcs4.x86_64.rpm
9e2269ede036edfba058b6ab2f2fe909
corporate/4.0/x86_64/lib64wireshark-devel-1.0.14-0.1.20060mlcs4.x86_64.rpm
bc8ac5e38124410faa899547174caebe
corporate/4.0/x86_64/rawshark-1.0.14-0.1.20060mlcs4.x86_64.rpm
4375ffc2e790ff1d8ac65ca1e665eb63
corporate/4.0/x86_64/tshark-1.0.14-0.1.20060mlcs4.x86_64.rpm
32e8318c947e41fced9cdeb5b593abbc
corporate/4.0/x86_64/wireshark-1.0.14-0.1.20060mlcs4.x86_64.rpm
60721e6895f05f681157f3626449f978
corporate/4.0/x86_64/wireshark-tools-1.0.14-0.1.20060mlcs4.x86_64.rpm
0d0b4bb69b5c512396237d9c2afd5e27
corporate/4.0/SRPMS/wireshark-1.0.14-0.1.20060mlcs4.src.rpm

Mandriva Enterprise Server 5:
354ff88c7ea4fd41dbb9b8f35a841cbe mes5/i586/dumpcap-1.0.14-0.1mdvmes5.1.i586.rpm
19947807a4e394037b3ad41157ef9350 mes5/i586/libwireshark0-1.0.14-0.1mdvmes5.1.i586.rpm
aa0f85a08dc07104b19661d08d0016f6
mes5/i586/libwireshark-devel-1.0.14-0.1mdvmes5.1.i586.rpm
212b31fd0717217ae7490d5180e34ab7 mes5/i586/rawshark-1.0.14-0.1mdvmes5.1.i586.rpm
2bebf9603cda2d2c6e44f6f40f7bf5ae mes5/i586/tshark-1.0.14-0.1mdvmes5.1.i586.rpm
6b64f12e9746bc3c88215dfecf5eb9d1 mes5/i586/wireshark-1.0.14-0.1mdvmes5.1.i586.rpm
75aabd5c46660d4d2cd6f3fe57534dd9 mes5/i586/wireshark-tools-1.0.14-0.1mdvmes5.1.i586.rpm
81416ee15a5923e20aee9e523532b858 mes5/SRPMS/wireshark-1.0.14-0.1mdvmes5.1.src.rpm

Mandriva Enterprise Server 5/X86_64:
ec16a7c441c94c2e4586debf7ff75abf mes5/x86_64/dumpcap-1.0.14-0.1mdvmes5.1.x86_64.rpm
0438953d4c51ec7305260dfe8ac0ad6f
mes5/x86_64/lib64wireshark0-1.0.14-0.1mdvmes5.1.x86_64.rpm
3db1be26ffecf9ea0d3cb7f367bc98da
mes5/x86_64/lib64wireshark-devel-1.0.14-0.1mdvmes5.1.x86_64.rpm
63fdc2852f2000a22616da7775fbb6b3 mes5/x86_64/rawshark-1.0.14-0.1mdvmes5.1.x86_64.rpm
379fff2c113e2a4625b4765b1f81fe82 mes5/x86_64/tshark-1.0.14-0.1mdvmes5.1.x86_64.rpm
33e8bea5e675c4ecc2f141812773048a mes5/x86_64/wireshark-1.0.14-0.1mdvmes5.1.x86_64.rpm
34cd72cad36e3fae9fcf3006cf19c22d
mes5/x86_64/wireshark-tools-1.0.14-0.1mdvmes5.1.x86_64.rpm
81416ee15a5923e20aee9e523532b858 mes5/SRPMS/wireshark-1.0.14-0.1mdvmes5.1.src.rpm


To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFMEO/VmqjQ0CJFipgRAlOZAKCba74KIgu9DrU/RJ5cQcon7ZToagCg9oFU
21Eb/3qaIyEdQG3lXWrKMpg=
=4Cqr
-----END PGP SIGNATURE-----