GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Tue Jun 01, 2010 8:26 pm Post subject: [ GLSA 201006-05 ] Wireshark: Multiple vulnerabilities |
 |
|
Gentoo Linux Security Advisory
Title: Wireshark: Multiple vulnerabilities (GLSA 201006-05)
Severity: normal
Exploitable: remote
Date: June 01, 2010
Bug(s): #297388, #318935
ID: 201006-05
Synopsis
Multiple vulnerabilities were found in Wireshark.
Background
Wireshark is a versatile network protocol analyzer.
Affected Packages
Package: net-analyzer/wireshark
Vulnerable: < 1.2.8-r1
Unaffected: >= 1.2.8-r1
Architectures: All supported architectures
Description
Multiple vulnerabilities were found in the Daintree SNA file parser,
the SMB, SMB2, IPMI, and DOCSIS dissectors. For further information
please consult the CVE entries referenced below.
Impact
A remote attacker could cause a Denial of Service and possibly execute
arbitrary code via crafted packets or malformed packet trace files.
Workaround
There is no known workaround at this time.
Resolution
All Wireshark users should upgrade to the latest version:
| Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-1.2.8-r1" |
References
CVE-2009-4376
CVE-2009-4377
CVE-2009-4378
CVE-2010-1455 |
|
News & Announcements
