GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Wed Dec 25, 2013 11:08 am Post subject: [ GLSA 201312-13 ] Wireshark: Multiple vulnerabilities |
|
|
Gentoo Linux Security Advisory
Title: Wireshark: Multiple vulnerabilities (GLSA 201312-13)
Severity: normal
Exploitable: remote
Date: December 16, 2013
Bug(s): #484582, #490434
ID: 201312-13
Synopsis
Multiple vulnerabilities have been found in Wireshark, allowing
remote attackers to execute arbitrary code or cause Denial of Service.
Background
Wireshark is a versatile network protocol analyzer.
Affected Packages
Package: net-analyzer/wireshark
Vulnerable: < 1.10.3
Unaffected: >= 1.10.3
Unaffected: >= 1.8.11 < 1.8.12
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in Wireshark. Please
review the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the
privileges of the process or cause a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All Wireshark 1.10 users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-1.10.3"
| All Wireshark 1.8 users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-1.8.11"
|
References
CVE-2013-5717
CVE-2013-5718
CVE-2013-5719
CVE-2013-5720
CVE-2013-5721
CVE-2013-5722
CVE-2013-6336
CVE-2013-6337
CVE-2013-6338
CVE-2013-6339
CVE-2013-6340 |
|