SciLinux SL4 SL5: 2011-03-21 Moderate: Wireshark Buffer Overflow & DoS

Date: Tue, 22 Mar 2011 14:24:36 -0500
Reply-To: Troy Dawson 
Sender: Security Errata for Scientific Linux
 
From: Troy Dawson 
Subject: Security ERRATA Moderate: wireshark on SL4.x, SL5.x i386/x86_64
Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it."
 
MIME-Version: 1.0

Synopsis:	Moderate: wireshark security update
Issue date:	2011-03-21
CVE Names:	CVE-2010-3445 CVE-2011-0024 CVE-2011-0538
 CVE-2011-1139 CVE-2011-1140 CVE-2011-1141
 CVE-2011-1143

A heap-based buffer overflow flaw was found in Wireshark. If Wireshark
opened a specially-crafted capture file, it could crash or, possibly,
execute arbitrary code as the user running Wireshark. (CVE-2011-0024)

Several denial of service flaws were found in Wireshark. Wireshark could
crash or stop responding if it read a malformed packet off a network, or
opened a malicious dump file. (CVE-2010-3445, CVE-2011-0538,
CVE-2011-1139, CVE-2011-1140, CVE-2011-1141, CVE-2011-1143)

All running instances of Wireshark must be restarted for the update to
take effect.

SL 4.x

 SRPMS:
wireshark-1.0.15-2.el4.src.rpm
 i386:
wireshark-1.0.15-2.el4.i386.rpm
wireshark-gnome-1.0.15-2.el4.i386.rpm
 x86_64:
wireshark-1.0.15-2.el4.x86_64.rpm
wireshark-gnome-1.0.15-2.el4.x86_64.rpm

SL 5.x

 SRPMS:
wireshark-1.0.15-1.el5_6.4.src.rpm
 i386:
wireshark-1.0.15-1.el5_6.4.i386.rpm
wireshark-gnome-1.0.15-1.el5_6.4.i386.rpm
 x86_64:
wireshark-1.0.15-1.el5_6.4.x86_64.rpm
wireshark-gnome-1.0.15-1.el5_6.4.x86_64.rpm

-Connie Sieh
-Troy Dawson