Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 11 Critical Update: Wireshark 1.2.2 DoS Issues Resolved

fedora
Calendar Grey November 4, 2009
Dist Fedora Esm H88
Wireshark 1.2.2 release for Fedora 11 resolves several vulnerabilities. Update advised for enhanced security and functionality.
Update to Wireshark 1.2.2 fixing multiple security issues: https://www.wireshark.org/docs/relnotes/wireshark-1.2.2.html https://www.wireshark.org/security/wnpa-sec-2009-06.html ...

Summary

Wireshark is a network traffic analyzer for Unix-ish operating systems.

This package lays base for libpcap, a packet capture and filtering

library, contains command-line utilities, contains plugins and

documentation for wireshark. A graphical user interface is packaged

separately to GTK+ package.

Update Information:

Update to Wireshark 1.2.2 fixing multiple security issues: https://www.wireshark.org/docs/relnotes/wireshark-1.2.2.html https://www.wireshark.org/security/wnpa-sec-2009-06.html * The OpcUa dissector could use excessive CPU and memory. (Bug 3986) Versions affected: 0.99.6 to 1.0.8, 1.2.0 to 1.2.1 * The GSM A RR dissector could crash. (Bug 3893) Versions affected: 1.2.0 to 1.2.1 * The TLS dissector could crash on some platforms. (Bug 4008) Versions affected: 1.2.0 to 1.2.1 https://www.wireshark.org/docs/relnotes/wireshark-1.2.1.html https://www.wireshark.org/security/wnpa-sec-2009-04.html * The AFS dissector could crash. (Bug 3564) Versions affected: 0.9.2 to 1.2.0 * The Infiniband dissector could crash on some platforms. Versions affected: 1.0.6 to 1.2.0 * The IPMI dissector could overrun a buffer. (Bug 3559) Versions affected: 1.2.0 * The Bluetooth L2CAP dissector could crash. (Bug 3572) Versions...

Topics%20covered

Topics Covered

security advisory update critical Fedora DoS memory issue Wireshark

Change Log

* Tue Sep 22 2009 Radek Vokal - 1.2.2 - upgrade to 1.2.2 - https://www.wireshark.org/docs/relnotes/wireshark-1.2.2.html * Thu Jul 23 2009 Radek Vokal - 1.2.1 - upgrade to 1.2.1 - https://www.wireshark.org/docs/relnotes/wireshark-1.2.1.html * Tue Jun 16 2009 Radek Vokal - 1.2.0 - upgrade to 1.2.0 - https://www.wireshark.org/docs/relnotes/wireshark-1.2.0.html

References


[ 1 ] Bug #512953 - CVE-2009-2559 Wireshark-1.2.0: DoS (crash) due array index error in IPMI dissector https://bugzilla.redhat.com/show_bug.cgi?id=512953 [ 2 ] Bug #513008 - CVE-2009-2560 Wireshark: Null-ptr dereference in the RADIUS dissector https://bugzilla.redhat.com/show_bug.cgi?id=513008 [ 3 ] Bug #513033 - CVE-2009-2561 Wireshark: Dos (excessive CPU and memory use) via large amount of tree items in the sFlow dissector https://bugzilla.redhat.com/show_bug.cgi?id=513033 [ 4 ] Bug #512987 - CVE-2009-2562 Wireshark: Integer overflow in the AFS dissector https://bugzilla.redhat.com/show_bug.cgi?id=512987 [ 5 ] Bug #512992 - CVE-2009-2563 Wireshark: Null-ptr dereference in the InfiniBand dissector https://bugzilla.redhat.com/show_bug.cgi?id=512992 [ 6 ] Bug #523987 - CVE-2009-3241 Wireshark: DoS (excessive CPU use) in OPCUA dissector https://bugzilla.redhat.com/show_bug.cgi?id=523987 [ 7 ] Bug #524001 - CVE-2009-3242 Wir...

Read the Full Advisory

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update wireshark' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: wireshark
Product: Fedora 11
Version: 1.2.2
Release: 1.fc11
URL: https://www.wireshark.org/
Summary: Network traffic analyzer

Topics%20covered

Topics Covered

security advisory update critical Fedora DoS memory issue Wireshark

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here