Debian 5.0 DSA-1785-1 Critical: Wireshark Remote Execution Risks
debian
May 1, 2009
Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to denial of service or the execution of arbitrary code
Summary
Several remote vulnerabilities have been discovered in the Wireshark
network traffic analyzer, which may lead to denial of service or the
execution of arbitrary code. The Common Vulnerabilities and Exposures
project identifies the following problems:
CVE-2009-1210
A format string vulnerability was discovered in the PROFINET
dissector.
CVE-2009-1268
The dissector for the Check Point High-Availability Protocol
could be forced to crash.
CVE-2009-1269
Malformed Tektronix files could lead to a crash.
The old stable distribution (etch), is only affected by the
CPHAP crash, which doesn't warrant an update on its own. The fix
will be queued up for an upcoming security update or a point release.
For the stable distribution (lenny), these problems have been fixed in
version 1.0.2-3+lenny5.
For the unstable distribution (sid), these problems have been fixed in
version 1.0.7-1.
We recommend that you upgrade your wireshark packages.
Upgrade instructions
- --------------------
wget url
will ...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: wireshark
CVE ID: CVE-2009-1210 CVE-2009-1268 CVE-2009-1269
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!