Joined: 12 May 2004
|Posted: Sun Oct 16, 2011 12:26 pm Post subject: [ GLSA 201110-02 ] Wireshark: Multiple vulnerabilities
|Gentoo Linux Security Advisory
Title: Wireshark: Multiple vulnerabilities (GLSA 201110-02)
Exploitable: local, remote
Date: October 09, 2011
Bug(s): #323859, #330479, #339401, #346191, #350551, #354197, #357237, #363895, #369683, #373961, #381551, #383823, #386179
Multiple vulnerabilities in Wireshark allow for the remote
execution of arbitrary code, or a Denial of Service condition.
Wireshark is a versatile network protocol analyzer.
Vulnerable: < 1.4.9
Unaffected: >= 1.4.9
Architectures: All supported architectures
Multiple vulnerabilities have been discovered in Wireshark. Please
review the CVE identifiers referenced below for details.
A remote attacker could send specially crafted packets on a network
being monitored by Wireshark, entice a user to open a malformed packet
trace file using Wireshark, or deploy a specially crafted Lua script for
use by Wireshark, possibly resulting in the execution of arbitrary code,
or a Denial of Service condition.
There is no known workaround at this time.
All Wireshark users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-1.4.9"
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum