Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Red Hat Enterprise Linux 4: RHSA-2007:0709-02 Low: Wireshark DoS Fix

red hat
Calendar Grey November 15, 2007
Dist Redhat Esm H88
The latest Wireshark release for Red Hat resolves minor vulnerabilities and malfunctions triggered by incorrectly formatted packets in multiple communication protocols.
New Wireshark packages that fix various security vulnerabilities and functionality bugs are now available for Red Hat Enterprise Linux 4. Wireshark was previously known as Ethere...

Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at

5. Bug IDs fixed (http://bugzilla.redhat.com/):

245796 - CVE-2007-3389 Wireshark crashes when inspecting HTTP traffic 245797 - CVE-2007-3391 Wireshark loops infinitely when inspecting DCP ETSI traffic 245798 - CVE-2007-3392 Wireshark loops infinitely when inspecting SSL traffic 246221 - CVE-2007-3393 Wireshark corrupts the stack when inspecting BOOTP traffic 246225 - CVE-2007-3390 Wireshark crashes when inspecting iSeries traffic 246229 - CVE-2007-3392 Wireshark crashes when inspecting MMS traffic

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS: 2d8ad27725033ac2bbadd5a385b6ae76 wireshark-0.99.6-EL4.1.src.rpm

i386: 3c6c77126ea4b1999f75a18a283d6499 wireshark-0.99.6-EL4.1.i386.rpm 8ac66efd8177234af75cf8af1bed2706 wireshark-debuginfo-0.99.6-EL4.1.i386.rpm ce5d1420de890fab97bb8c84617d1f25 wireshark-gnome-0.99.6-EL4.1.i386.rpm

ia64: 1db9e6a01562b42162772472433ec40c wireshark-0.99.6-EL4.1.ia64.rpm 4602cc3474ca776e4b8a3340664fa308 wireshark-debuginfo-0.99.6-EL4.1.ia64.rpm 2be1f400717544434423277057fb8a6a wireshark-gnome-0.99.6-EL4.1.ia64.rpm

ppc: 851e28e735d2cca81f036e84c10592de wireshark-0.99.6-EL4.1.ppc.rpm c1aa1b3e309e1246d2b2067811b759fe wireshark-debuginfo-0.99.6-EL4.1.ppc.rpm ca38499152427371121737fcfe545a1a wireshark-gnome-0.99.6-EL4.1.ppc.rpm

s390: deaa06304c3926eed158bed8a15b2e2b wireshark-0.99.6-EL4.1.s390.rpm c63f46b2598583595ca4d4d38d7e44b0 wireshark-debuginfo-0.99.6-EL4.1.s390.rpm 2020932bacbcdbbad055735ac0b0100e wireshark-gnome-0.99.6-EL4.1.s390.rpm

s390x: dc81c1505a3040328ab53cd449b388cd wireshark-0.99.6-EL4.1.s390x.rpm a22957a9c7bdf4976edcd2f6d7c0c5d2 wireshark-debuginfo-0.99.6-EL4.1.s390x.rpm 88a5ef4d0cf176f18fcf0381c8e80d2e wireshark-gnome-0.99.6-EL4.1.s390x.rpm

x86_64: a42ab0969e973cdab74c439427e21cfe wireshark-0.99.6-EL4.1.x86_64.rpm 6d12a229024b47a7ad5b6efcf71cb1d7 wireshark-debuginfo-0.99.6-EL4.1.x86_64.rpm 0c41fb92a893e0e031be4be98d54db3d wireshark-gnome-0.99.6-EL4.1.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS: 2d8ad27725033ac2bbadd5a385b6ae76 wireshark-0.99.6-EL4.1.src.rpm

i386: 3c6c77126ea4b1999f75a18a283d6499 wireshark-0.99.6-EL4.1.i386.rpm 8ac66efd8177234af75cf8af1bed2706 wireshark-debuginfo-0.99.6-EL4.1.i386.rpm ce5d1420de890fab97bb8c84617d1f25 wireshark-gnome-0.99.6-EL4.1.i386.rpm

x86_64: a42ab0969e973cdab74c439427e21cfe wireshark-0.99.6-EL4.1.x86_64.rpm 6d12a229024b47a7ad5b6efcf71cb1d7 wireshark-debuginfo-0.99.6-EL4.1.x86_64.rpm 0c41fb92a893e0e031be4be98d54db3d wireshark-gnome-0.99.6-EL4.1.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS: 2d8ad27725033ac2bbadd5a385b6ae76 wireshark-0.99.6-EL4.1.src.rpm

i386: 3c6c77126ea4b1999f75a18a283d6499 wireshark-0.99.6-EL4.1.i386.rpm 8ac66efd8177234af75cf8af1bed2706 wireshark-debuginfo-0.99.6-EL4.1.i386.rpm ce5d1420de890fab97bb8c84617d1f25 wireshark-gnome-0.99.6-EL4.1.i386.rpm

ia64: 1db9e6a01562b42162772472433ec40c wireshark-0.99.6-EL4.1.ia64.rpm 4602cc3474ca776e4b8a3340664fa308 wireshark-debuginfo-0.99.6-EL4.1.ia64.rpm 2be1f400717544434423277057fb8a6a wireshark-gnome-0.99.6-EL4.1.ia64.rpm

x86_64: a42ab0969e973cdab74c439427e21cfe wireshark-0.99.6-EL4.1.x86_64.rpm 6d12a229024b47a7ad5b6efcf71cb1d7 wireshark-debuginfo-0.99.6-EL4.1.x86_64.rpm 0c41fb92a893e0e031be4be98d54db3d wireshark-gnome-0.99.6-EL4.1.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS: 2d8ad27725033ac2bbadd5a385b6ae76 wireshark-0.99.6-EL4.1.src.rpm

i386: 3c6c77126ea4b1999f75a18a283d6499 wireshark-0.99.6-EL4.1.i386.rpm 8ac66efd8177234af75cf8af1bed2706 wireshark-debuginfo-0.99.6-EL4.1.i386.rpm ce5d1420de890fab97bb8c84617d1f25 wireshark-gnome-0.99.6-EL4.1.i386.rpm

ia64: 1db9e6a01562b42162772472433ec40c wireshark-0.99.6-EL4.1.ia64.rpm 4602cc3474ca776e4b8a3340664fa308 wireshark-debuginfo-0.99.6-EL4.1.ia64.rpm 2be1f400717544434423277057fb8a6a wireshark-gnome-0.99.6-EL4.1.ia64.rpm

x86_64: a42ab0969e973cdab74c439427e21cfe wireshark-0.99.6-EL4.1.x86_64.rpm 6d12a229024b47a7ad5b6efcf71cb1d7 wireshark-debuginfo-0.99.6-EL4.1.x86_64.rpm 0c41fb92a893e0e031be4be98d54db3d wireshark-gnome-0.99.6-EL4.1.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package

Summary

References

https://www.cve.org/CVERecord?id=CVE-2007-3389 https://www.cve.org/CVERecord?id=CVE-2007-3390 https://www.cve.org/CVERecord?id=CVE-2007-3391 https://www.cve.org/CVERecord?id=CVE-2007-3392 https://www.cve.org/CVERecord?id=CVE-2007-3393 https://www.wireshark.org/docs/relnotes/wireshark-0.99.6.html https://access.redhat.com/security/updates/classification#low

Package List


Severity
low
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2007:0709-02
Issue date: 2007-11-15
Updated on: 2007-11-15
Product: Red Hat Enterprise Linux
Keywords: HTTP iSeries DCP ETSI SSL MMS DHCP BOOTP crash loop DoS IPMI

Topic

Relevant Releases Architectures

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64

Red Hat Enterprise Linux Desktop version 4 - i386, x86_64

Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here