Linux Security
Linux Security
Linux Security

Debian: New wireshark packages fix several vulnerabilities

Date 29 Nov 2008
Posted By LinuxSecurity Advisories
Several remote vulnerabilities have been discovered network traffic analyzer Wireshark. The Common Vulnerabilities and Exposures project identifies the following problems: The GSM SMS dissector is vulnerable to denial of service.
- ------------------------------------------------------------------------
Debian Security Advisory DSA-1673-1                  This email address is being protected from spambots. You need JavaScript enabled to view it.                       Moritz Muehlenhoff
November 29, 2008           
- ------------------------------------------------------------------------

Package        : wireshark
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2008-3137 CVE-2008-3138 CVE-2008-3141 CVE-2008-3145 CVE-2008-3933 CVE-2008-4683 CVE-2008-4684 CVE-2008-4685

Several remote vulnerabilities have been discovered network traffic
analyzer Wireshark. The Common Vulnerabilities and Exposures project
identifies the following problems:


    The GSM SMS dissector is vulnerable to denial of service.


    The PANA and KISMET dissectors are vulnerable to denial of service.


    The RMI dissector could disclose system memory.


    The packet reassembling module is vulnerable to denial of service.


    The zlib uncompression module is vulnerable to denial of service.


    The Bluetooth ACL dissector is vulnerable to denial of service.


    The PRP and MATE dissectors are vulnerable to denial of service.


    The Q931 dissector is vulnerable to denial of service.

For the stable distribution (etch), these problems have been fixed in
version 0.99.4-5.etch.3.

For the upcoming stable distribution (lenny), these problems have been
fixed in version 1.0.2-3+lenny2.

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your wireshark packages.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:
    Size/MD5 checksum: 13306790 2556a31d0d770dd1990bd67b98bd2f9b
    Size/MD5 checksum:     1066 ece7cc5dd8e70c0b5c13bfbf6e8c6eee
    Size/MD5 checksum:    48388 2918d72a79fafde4759afe72db727d6f

alpha architecture (DEC Alpha)
    Size/MD5 checksum:    22872 2ac3fe313364295340483294f1e9fb91
    Size/MD5 checksum:    22504 e67991e3aa09ce8bd8a44833fe7e3883
    Size/MD5 checksum:  9318436 d88e91f579849725048a4f5d9155871d
    Size/MD5 checksum:   181432 bd619bdb6fdc69e10dd31241268fac22
    Size/MD5 checksum:    22498 b6e13d7c505bceb09cd278c5f07c7c40
    Size/MD5 checksum:   674820 b6a532ff5292b77773e1aa4cfc2fd577
    Size/MD5 checksum:    22510 eafc125f4a6f9084880fdd2a557b9814
    Size/MD5 checksum:   117502 d829953f80e3402ea53f96b5a60010a4

amd64 architecture (AMD x86_64 (AMD64))
    Size/MD5 checksum:   181784 be30e7ac952ecec26ed7cf9d73cf07ca
    Size/MD5 checksum:   619708 b97e43ebf7fb339df7210c0fed2de92b
    Size/MD5 checksum:    22502 24d2101cd90f05f7206ed1b222cf2655
    Size/MD5 checksum:  9119506 67bc221048a9a1909e0780547e267956
    Size/MD5 checksum:   112146 24dad3e9789181bc32c555174ebc6331
    Size/MD5 checksum:    22516 fd918d886d3f43e85efc336267f8d3b1
    Size/MD5 checksum:    22504 e427825910c10ca825d6263d72f3231d
    Size/MD5 checksum:    22862 8b219977905e0ca92c11669b819a4d62

arm architecture (ARM)
    Size/MD5 checksum:  7739012 2393f419581304f9d1bc96b2e80a87b9
    Size/MD5 checksum:    22520 91159635ccf35f1d0fc51d80eb5af43d
    Size/MD5 checksum:   600564 6c9dc2dfc018156969644378f856521a
    Size/MD5 checksum:    22870 64f1146af6c9759d7fce864dc5f0d7d3
    Size/MD5 checksum:    22528 44b24f50cf31c9c8e734fbf5cb32603f
    Size/MD5 checksum:    22514 073d8b3cf84d186a28f1923b77825651
    Size/MD5 checksum:   182074 21f420a957afb36f416b743ea928344c
    Size/MD5 checksum:   107352 a57d347239ea877d9dc7944f025a357f

hppa architecture (HP PA RISC)
    Size/MD5 checksum:    22872 2ccd34d4f66efe4103e8bd6abefa9522
    Size/MD5 checksum:    22512 5969e22027936a31221f293be3ee9a07
    Size/MD5 checksum:    22506 c624bb7b41ceb11e497c09c231388f17
    Size/MD5 checksum:  9856512 1dc01e880f2cbc9ed221775bada95006
    Size/MD5 checksum:   109670 d4eea1ac706ac762a8ed8327438f4642
    Size/MD5 checksum:    22504 a738cb866d71bd90d6221655993db604
    Size/MD5 checksum:   634968 a399926534b08d75dc0858bebd83c9b5
    Size/MD5 checksum:   182054 cef379511143780007c649c3089ea1b2

i386 architecture (Intel ia32)
    Size/MD5 checksum:   182668 a1c8033946069020bf3c985ac15f3262
    Size/MD5 checksum:   564704 810e62b84fec47703eb3a123059b576b
    Size/MD5 checksum:    22492 e0730ad8b28f63b46e57dda4577009f2
    Size/MD5 checksum:  7502356 84707ff563a36e6dbdcafb47657b4260
    Size/MD5 checksum:    22860 34cc7a26d0416a35b9cbcd5dce2f875c
    Size/MD5 checksum:   102308 882325dfde6476fa6fef27435af1c9c7
    Size/MD5 checksum:    22498 a03f9bc9d8ce5f23bbab2280ab49798b
    Size/MD5 checksum:    22504 f2b77a28c0675c396652fcdc9c2c3803

ia64 architecture (Intel ia64)
    Size/MD5 checksum:    22846 3c2f1b3206af0c51ad92aef628d1296c
    Size/MD5 checksum:   145732 4f709746e604fd49e8500000c0c8b9fd
    Size/MD5 checksum:    22498 00c321e1542af1331ca18b0df70eee08
    Size/MD5 checksum: 10652434 5884462db3ab99cd180970b81bab92e1
    Size/MD5 checksum:    22484 4591898f96b98e28d183328a0e21dba4
    Size/MD5 checksum:   827582 c67bd7ddb1ab16764b7ebebbd5b1bb7c
    Size/MD5 checksum:    22498 45334f3ef44ae17bb9c8d4a95f6cf4e6
    Size/MD5 checksum:   182626 67cd7391e4c59b412ddc2e76c6fa6791

mips architecture (MIPS (Big Endian))
    Size/MD5 checksum:   104812 d3f86fe05592a3ac315047246c4dd26e
    Size/MD5 checksum:  8017676 583e585fb11a943ef5c0288016dffb43
    Size/MD5 checksum:   588850 2ea0a20be951ff4e8ab6ba6525dea911
    Size/MD5 checksum:    21856 8ad7420ab94abbaedd0a0283530f9bad
    Size/MD5 checksum:    22108 74e578c0a220a579e57830fe8031cc8b
    Size/MD5 checksum:    21844 7821c6a42d28f2c2833cf58b9ca033a5
    Size/MD5 checksum:   181530 cbdd1d6dd954ee7f1d7050ef3c9eba91
    Size/MD5 checksum:    21850 42ed2c8bc444299b2f6e4987e79ab666

mipsel architecture (MIPS (Little Endian))
    Size/MD5 checksum:   104602 79217e35d38b7a65b76c40f4e3cb9be1
    Size/MD5 checksum:    22492 f3005b052212919cdb4fcdb9b4fba65e
    Size/MD5 checksum:  7408744 4228174f1af0bf0b17f4d30de7cf7ea5
    Size/MD5 checksum:    22506 9b8bca5a067957146d32d0b92bb09117
    Size/MD5 checksum:    22506 250f509a57cee02c619151b65e6fd18e
    Size/MD5 checksum:   575840 750acb173d59b7936388b2a0d82dc796
    Size/MD5 checksum:   182672 766ee8b1ff019b03703ee93ebb76717f
    Size/MD5 checksum:    22856 9c5861628a2de7fd905f1924c0474332

powerpc architecture (PowerPC)
    Size/MD5 checksum:   182652 1dfdaa74d72de475b67c3256bf14b637
    Size/MD5 checksum:    22498 4ec636076c7587204842382f6729001d
    Size/MD5 checksum:    22850 cb065d5901a738e96c35dc534407d59e
    Size/MD5 checksum:    22504 2da403f29c784c2da2b65d34a4342517
    Size/MD5 checksum:   104242 fd8bac6c5986e895547a8cd2bd0e047a
    Size/MD5 checksum:  8606102 2f48dcbf4864fff90668b9c9fd0b1f65
    Size/MD5 checksum:   583590 c2d40168eec70056745aacac50a1b6cd
    Size/MD5 checksum:    22490 452169dd566fa6bbf2d2ca1c2d950a37

s390 architecture (IBM S/390)
    Size/MD5 checksum:    22848 02756b25f5eb8866a1c8281f088aba85
    Size/MD5 checksum:    22504 11c3d2072753d2f3a100e44c3d3fe33a
    Size/MD5 checksum:   115600 049e7e0f056196df2500e03c4d32a300
    Size/MD5 checksum:  9756694 e39b358505fa9cb7c7a8d0d6d898fd79
    Size/MD5 checksum:    22498 39c467d08525f96ce4900c9a26643477
    Size/MD5 checksum:    22488 23d2f294343796f2a7d44c3b5d93651e
    Size/MD5 checksum:   640960 539d3faeb8bebf6f945803a88f48f927
    Size/MD5 checksum:   182622 e0e7919335705d8062378606615675b7

sparc architecture (Sun SPARC/UltraSPARC)
    Size/MD5 checksum:    22520 fcded97d018614d9c009b7381af86c0c
    Size/MD5 checksum:    22508 08b5ee4324e7bf9c70e3dc64790c0b3a
    Size/MD5 checksum:   104122 5389c35fe323621a57e570eae09efa84
    Size/MD5 checksum:   586906 d32db40176c7a72e691d1015c1c399dc
    Size/MD5 checksum:   183182 db42ff4d1f6cb72b3fed705d72cd9334
    Size/MD5 checksum:    22866 880b204b5182202328541153989cf082
    Size/MD5 checksum:    22522 acf3820b48c050b01da592940dee07ad
    Size/MD5 checksum:  8679242 716f14e3d3ea4795e742fed07ebe2f44

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.

LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"50","type":"x","order":"1","pct":80.65,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"7","type":"x","order":"2","pct":11.29,"resources":[]},{"id":"181","title":"Hardly ever","votes":"5","type":"x","order":"3","pct":8.06,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.



bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.