Lucene search

K
amazonAmazonALAS-2012-071
HistoryApr 30, 2012 - 4:16 p.m.

Medium: wireshark

2012-04-3016:16:00
alas.aws.amazon.com
12

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.009 Low

EPSS

Percentile

82.1%

Issue Overview:

Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark.

Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file.

Affected Packages:

wireshark

Issue Correction:
Run yum update wireshark to update your system.

New Packages:

i686:  
    wireshark-devel-1.2.15-2.10.amzn1.i686  
    wireshark-1.2.15-2.10.amzn1.i686  
    wireshark-debuginfo-1.2.15-2.10.amzn1.i686  
  
src:  
    wireshark-1.2.15-2.10.amzn1.src  
  
x86_64:  
    wireshark-debuginfo-1.2.15-2.10.amzn1.x86_64  
    wireshark-devel-1.2.15-2.10.amzn1.x86_64  
    wireshark-1.2.15-2.10.amzn1.x86_64  

Additional References

Red Hat: CVE-2011-1143, CVE-2011-1590

Mitre: CVE-2011-1143, CVE-2011-1590

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.009 Low

EPSS

Percentile

82.1%

Related for ALAS-2012-071