Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:26372
HistoryMay 16, 2011 - 12:00 a.m.

[ MDVSA-2011:083 ] wireshark

2011-05-1600:00:00
vulners.com
7
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mandriva Linux Security Advisory MDVSA-2011:083
http://www.mandriva.com/security/

Package : wireshark
Date : May 12, 2011
Affected: 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0

Problem Description:

This advisory updates wireshark to the latest version (1.2.16),
fixing several security issues:

The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x
before 1.4.5 does not properly initialize certain global variables,
which allows remote attackers to cause a denial of service (application
crash) via a crafted .pcap file (CVE-2011-1590).

Stack-based buffer overflow in the DECT dissector in
epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows
remote attackers to execute arbitrary code via a crafted .pcap file
(CVE-2011-1591).

The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x
before 1.4.5 on Windows uses an incorrect integer data type during
decoding of SETCLIENTID calls, which allows remote attackers to cause
a denial of service (application crash) via a crafted .pcap file
(CVE-2011-1592).

The updated packages have been upgraded to the latest 1.2.x version
(1.2.16) which is not vulnerable to these issues.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1590
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1591
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1592
http://www.wireshark.org/docs/relnotes/wireshark-1.2.16.html

Updated Packages:

Mandriva Linux 2010.0:
ce52dd0e89fe2e385a659825460edca9 2010.0/i586/dumpcap-1.2.16-0.1mdv2010.0.i586.rpm
91ffe9960b24b0d66ab4c7967aea0da8 2010.0/i586/libwireshark0-1.2.16-0.1mdv2010.0.i586.rpm
7660240ac8dfdcf06090835d43a20328 2010.0/i586/libwireshark-devel-1.2.16-0.1mdv2010.0.i586.rpm
6a6a6f06b1a658bded5854b9dc5abfce 2010.0/i586/rawshark-1.2.16-0.1mdv2010.0.i586.rpm
b4449efd8f0aa2bc4efa2d6c0ed567f2 2010.0/i586/tshark-1.2.16-0.1mdv2010.0.i586.rpm
b33adf3885df69a642ee9790a4cb52ff 2010.0/i586/wireshark-1.2.16-0.1mdv2010.0.i586.rpm
c02d4845b02d0ea52cf6f6dcba9d4db4 2010.0/i586/wireshark-tools-1.2.16-0.1mdv2010.0.i586.rpm
9267be0104600200a1ac7b8dcf6672f5 2010.0/SRPMS/wireshark-1.2.16-0.1mdv2010.0.src.rpm

Mandriva Linux 2010.0/X86_64:
6e8d8eb2c0902544079d3ead62d58678 2010.0/x86_64/dumpcap-1.2.16-0.1mdv2010.0.x86_64.rpm
07ee55185a1dc8862aec25fed869485f 2010.0/x86_64/lib64wireshark0-1.2.16-0.1mdv2010.0.x86_64.rpm
cac74e47a0f8b2e8f2a58515efb0aef7
2010.0/x86_64/lib64wireshark-devel-1.2.16-0.1mdv2010.0.x86_64.rpm
4af3e8be251fd245166c9c164e62497f 2010.0/x86_64/rawshark-1.2.16-0.1mdv2010.0.x86_64.rpm
31b5df98c2618af1659d81ee6b3589fc 2010.0/x86_64/tshark-1.2.16-0.1mdv2010.0.x86_64.rpm
eea20f5ae3fe65b71dfd7379c780515c 2010.0/x86_64/wireshark-1.2.16-0.1mdv2010.0.x86_64.rpm
6c97841450b5bd1e1038b0e867a73008
2010.0/x86_64/wireshark-tools-1.2.16-0.1mdv2010.0.x86_64.rpm
9267be0104600200a1ac7b8dcf6672f5 2010.0/SRPMS/wireshark-1.2.16-0.1mdv2010.0.src.rpm

Mandriva Linux 2010.1:
343907ede3e21d5787be8824d6edcc80 2010.1/i586/dumpcap-1.2.16-0.1mdv2010.2.i586.rpm
90c2fc8cddd4ef897a6e6e5b3ef2c066 2010.1/i586/libwireshark0-1.2.16-0.1mdv2010.2.i586.rpm
1f6fc405ab5ae97b89cbd632059b48e5 2010.1/i586/libwireshark-devel-1.2.16-0.1mdv2010.2.i586.rpm
426f850b66a0298066cda626ca1cd432 2010.1/i586/rawshark-1.2.16-0.1mdv2010.2.i586.rpm
056227eb81a5e506dcde5b95923cd341 2010.1/i586/tshark-1.2.16-0.1mdv2010.2.i586.rpm
86fb33388710ed3d08967c514c8ab25d 2010.1/i586/wireshark-1.2.16-0.1mdv2010.2.i586.rpm
7dea3da2061f08eb9510ee713e41d26f 2010.1/i586/wireshark-tools-1.2.16-0.1mdv2010.2.i586.rpm
64f8b99b3eb288f4553c55469ccf6edf 2010.1/SRPMS/wireshark-1.2.16-0.1mdv2010.2.src.rpm

Mandriva Linux 2010.1/X86_64:
52e98d93947ec39bb36997baf7d95e3f 2010.1/x86_64/dumpcap-1.2.16-0.1mdv2010.2.x86_64.rpm
f86e42d466f72559510182ec49d1ca04 2010.1/x86_64/lib64wireshark0-1.2.16-0.1mdv2010.2.x86_64.rpm
17bf8cf149d8639e2acef12633b3ae5e
2010.1/x86_64/lib64wireshark-devel-1.2.16-0.1mdv2010.2.x86_64.rpm
5d7f97b0186213d477e51efda39d5c3e 2010.1/x86_64/rawshark-1.2.16-0.1mdv2010.2.x86_64.rpm
056ca1af6fff8f56fad1caae33c67691 2010.1/x86_64/tshark-1.2.16-0.1mdv2010.2.x86_64.rpm
a49f98d9310bf9a6353a084a47f92b66 2010.1/x86_64/wireshark-1.2.16-0.1mdv2010.2.x86_64.rpm
fe2fe64671b0ec435edbbb28bae5adaf
2010.1/x86_64/wireshark-tools-1.2.16-0.1mdv2010.2.x86_64.rpm
64f8b99b3eb288f4553c55469ccf6edf 2010.1/SRPMS/wireshark-1.2.16-0.1mdv2010.2.src.rpm

Corporate 4.0:
a69827ff3c21384f271cd731412c4430 corporate/4.0/i586/dumpcap-1.2.16-0.1.20060mlcs4.i586.rpm
4ecdcbf70587de75f592a03ca761e7dd
corporate/4.0/i586/libwireshark0-1.2.16-0.1.20060mlcs4.i586.rpm
ed2aa89f2a2aab3653967deb506db887
corporate/4.0/i586/libwireshark-devel-1.2.16-0.1.20060mlcs4.i586.rpm
0898a45c9d84ae350b2d1459bf138202 corporate/4.0/i586/rawshark-1.2.16-0.1.20060mlcs4.i586.rpm
3e84772e55704d394938366dd84ec893 corporate/4.0/i586/tshark-1.2.16-0.1.20060mlcs4.i586.rpm
3f965ee985c45d0260ac5c68ccd02e8d corporate/4.0/i586/wireshark-1.2.16-0.1.20060mlcs4.i586.rpm
68ca555b3318b7f0535302eda1d15677
corporate/4.0/i586/wireshark-tools-1.2.16-0.1.20060mlcs4.i586.rpm
398fb02a99f6403ec5544cd67202fada corporate/4.0/SRPMS/wireshark-1.2.16-0.1.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
b954d225ad5c758763cf58f214fa6a3d
corporate/4.0/x86_64/dumpcap-1.2.16-0.1.20060mlcs4.x86_64.rpm
c4a34e696ad75d13a654b2fb12fe2d8c
corporate/4.0/x86_64/lib64wireshark0-1.2.16-0.1.20060mlcs4.x86_64.rpm
84363d6f92b894a9d8b7017fad5f34c0
corporate/4.0/x86_64/lib64wireshark-devel-1.2.16-0.1.20060mlcs4.x86_64.rpm
410d24c1ebcc2756a5bed5f0398d0fa5
corporate/4.0/x86_64/rawshark-1.2.16-0.1.20060mlcs4.x86_64.rpm
c858c8141c49cb5f24958285aa95248d corporate/4.0/x86_64/tshark-1.2.16-0.1.20060mlcs4.x86_64.rpm
9cfdba3bc24c4cd3fc165340eb3a3970
corporate/4.0/x86_64/wireshark-1.2.16-0.1.20060mlcs4.x86_64.rpm
82c157eb0ba46931b7a79d24dd87b414
corporate/4.0/x86_64/wireshark-tools-1.2.16-0.1.20060mlcs4.x86_64.rpm
398fb02a99f6403ec5544cd67202fada corporate/4.0/SRPMS/wireshark-1.2.16-0.1.20060mlcs4.src.rpm

Mandriva Enterprise Server 5:
e63b833575fa0433d323b5f793c4baac mes5/i586/dumpcap-1.2.16-0.1mdvmes5.2.i586.rpm
04dab36a3b05dd35622ceea2c7e163e6 mes5/i586/libwireshark0-1.2.16-0.1mdvmes5.2.i586.rpm
c44f0bc075b6581a86e0b32c947b08b0 mes5/i586/libwireshark-devel-1.2.16-0.1mdvmes5.2.i586.rpm
54c4fa786efdc086da2036dd2b179141 mes5/i586/rawshark-1.2.16-0.1mdvmes5.2.i586.rpm
5e561f4430612f841e9a144ff97db32e mes5/i586/tshark-1.2.16-0.1mdvmes5.2.i586.rpm
1633ab89f96cdf58d76ec66c26e6ea3a mes5/i586/wireshark-1.2.16-0.1mdvmes5.2.i586.rpm
8d20bd293e3770f1740b965147fe73ab mes5/i586/wireshark-tools-1.2.16-0.1mdvmes5.2.i586.rpm
e484e78f2d63a5c018c9e3afbba88ba2 mes5/SRPMS/wireshark-1.2.16-0.1mdvmes5.2.src.rpm

Mandriva Enterprise Server 5/X86_64:
f21561b6ad51f07d80f2329eb9d3c9b6 mes5/x86_64/dumpcap-1.2.16-0.1mdvmes5.2.x86_64.rpm
014afb1b8188a15048f1dc70012d296f mes5/x86_64/lib64wireshark0-1.2.16-0.1mdvmes5.2.x86_64.rpm
8b539d0361dc0b0a2ddfb10a369f26d1
mes5/x86_64/lib64wireshark-devel-1.2.16-0.1mdvmes5.2.x86_64.rpm
6f3e9f63fd1eca753720d37c232f7c6d mes5/x86_64/rawshark-1.2.16-0.1mdvmes5.2.x86_64.rpm
de70d4dc7dfa466d80ad79b9114046c8 mes5/x86_64/tshark-1.2.16-0.1mdvmes5.2.x86_64.rpm
d4e1a9453effbb5324fafd6a9ca8dcd1 mes5/x86_64/wireshark-1.2.16-0.1mdvmes5.2.x86_64.rpm
03d0d4fa8407616e53759c4f842c3061 mes5/x86_64/wireshark-tools-1.2.16-0.1mdvmes5.2.x86_64.rpm
e484e78f2d63a5c018c9e3afbba88ba2 mes5/SRPMS/wireshark-1.2.16-0.1mdvmes5.2.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFNzB5nmqjQ0CJFipgRAt9xAKC2QfPw8pvrkptvxl082UcKMKKduwCdHDFr
bnghMK+643rsoMXOWgWLP9Q=
=gvBt
-----END PGP SIGNATURE-----

Related

nessus 18
securityvulns 1
openvas 25
fedora 3
saint 8
canvas 1
cve 3
checkpoint_advisories 2
prion 3
packetstorm 4
cert 1
ubuntucve 3
debiancve 3
veracode 1
amazon 1
debian 1
gentoo 1
centos 1
oraclelinux 2
redhat 1
nessus
nessus
SuSE 10 Security Update : wireshark (ZYPP Patch Number 7500)
2011-12-13 00:00:00
openSUSE Security Update : wireshark (openSUSE-SU-2011:0599-1)
2014-06-13 00:00:00
SuSE 10 Security Update : wireshark (ZYPP Patch Number 7501)
2011-06-08 00:00:00
securityvulns
securityvulns
Wireshark multiple security vulnerabilities
2011-06-02 00:00:00
openvas
openvas
Mandriva Update for wireshark MDVSA-2011:083 (wireshark)
2011-05-17 00:00:00
Mandriva Update for wireshark MDVSA-2011:083 (wireshark)
2011-05-17 00:00:00
Fedora Update for wireshark FEDORA-2011-5569
2011-05-05 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: wireshark-1.4.6-1.fc15
2011-04-26 16:01:49
[SECURITY] Fedora 14 Update: wireshark-1.4.6-1.fc14
2011-04-26 21:51:38
[SECURITY] Fedora 13 Update: wireshark-1.2.16-1.fc13
2011-04-26 21:52:59
saint
saint
Wireshark DECT Dissector Remote Stack Buffer Overflow
2011-10-19 00:00:00
Wireshark DECT Dissector PCAP File Processing Overflow
2011-10-11 00:00:00
Wireshark DECT Dissector Remote Stack Buffer Overflow
2011-10-19 00:00:00
canvas
canvas
Immunity Canvas: WIRESHARK_DECT
2011-04-29 22:55:00
cve
cve
CVE-2011-1591
2011-04-29 22:55:00
CVE-2011-1590
2011-04-29 22:55:00
CVE-2011-1592
2011-04-29 22:55:00
checkpoint_advisories
checkpoint_advisories
Wireshark DECT Dissector Stack Buffer Overflow (CVE-2011-1591)
2012-11-25 00:00:00
Wireshark DECT Dissector Stack Buffer Overflow - Ver2 (CVE-2011-1591)
2014-03-03 00:00:00
prion
prion
Stack overflow
2011-04-29 22:55:00
Code injection
2011-04-29 22:55:00
Integer overflow
2011-04-29 22:55:00
packetstorm
packetstorm
Wireshark 1.4.4 packet-dect.c Stack Buffer Overflow
2011-04-19 00:00:00
Wireshark 1.4.4 Remote Stack Buffer Overflow
2012-02-02 00:00:00
Wireshark 1.4.4 Local Stack Buffer Overflow
2012-02-02 00:00:00
cert
cert
Wireshark DECT dissector vulnerability
2011-04-18 00:00:00
ubuntucve
ubuntucve
CVE-2011-1591
2011-04-29 00:00:00
CVE-2011-1590
2011-04-29 00:00:00
CVE-2011-1592
2011-04-29 00:00:00
debiancve
debiancve
CVE-2011-1591
2011-04-29 22:55:00
CVE-2011-1592
2011-04-29 22:55:00
CVE-2011-1590
2011-04-29 22:55:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:12:45
amazon
amazon
Medium: wireshark
2012-04-30 16:16:00
debian
debian
[SECURITY] [DSA 2274-1] wireshark security update
2011-07-07 19:00:37
gentoo
gentoo
Wireshark: Multiple vulnerabilities
2011-10-09 00:00:00
centos
centos
wireshark security update
2012-04-24 14:27:48
oraclelinux
oraclelinux
wireshark security update
2012-04-23 00:00:00
wireshark security, bug fix, and enhancement update
2013-11-25 00:00:00
redhat
redhat
(RHSA-2012:0509) Moderate: wireshark security update
2012-04-23 00:00:00
JSON
Related for SECURITYVULNS:DOC:26372
nessus18securityvulns1openvas25fedora3saint8canvas1cve3checkpoint_advisories2prion3packetstorm4cert1ubuntucve3debiancve3veracode1amazon1debian1gentoo1centos1oraclelinux2redhat1