Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2010:0625
HistoryAug 23, 2010 - 3:13 p.m.

wireshark security update

2010-08-2315:13:08
CentOS Project
lists.centos.org
39

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.516 Medium

EPSS

Percentile

97.5%

JSON

CentOS Errata and Security Advisory CESA-2010:0625

Wireshark is a program for monitoring network traffic. Wireshark was
previously known as Ethereal.

Multiple buffer overflow flaws were found in the Wireshark SigComp
Universal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read
a malformed packet off a network or opened a malicious dump file, it could
crash or, possibly, execute arbitrary code as the user running Wireshark.
(CVE-2010-2287, CVE-2010-2995)

Several denial of service flaws were found in Wireshark. Wireshark could
crash or stop responding if it read a malformed packet off a network, or
opened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284,
CVE-2010-2286)

Users of Wireshark should upgrade to these updated packages, which contain
Wireshark version 1.0.15, and resolve these issues. All running instances
of Wireshark must be restarted for the update to take effect.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2010-August/079094.html
https://lists.centos.org/pipermail/centos-announce/2010-August/079095.html
https://lists.centos.org/pipermail/centos-announce/2010-August/079118.html
https://lists.centos.org/pipermail/centos-announce/2010-August/079119.html

Affected packages:
wireshark
wireshark-gnome

Upstream details at:
https://access.redhat.com/errata/RHSA-2010:0625

Related

openvas 51
redhat 1
nessus 24
oraclelinux 1
fedora 7
securityvulns 4
debian 2
prion 8
debiancve 7
ubuntucve 7
cve 8
veracode 6
freebsd 1
checkpoint_advisories 2
gentoo 2
openvas
openvas
CentOS Update for wireshark CESA-2010:0625 centos4 i386
2010-08-30 00:00:00
CentOS Update for wireshark CESA-2010:0625 centos4 i386
2010-08-30 00:00:00
RedHat Update for wireshark RHSA-2010:0625-01
2010-08-13 00:00:00
redhat
redhat
(RHSA-2010:0625) Moderate: wireshark security update
2010-08-11 00:00:00
nessus
nessus
Scientific Linux Security Update : wireshark on SL3.x, SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
Oracle Linux 3 / 4 / 5 : wireshark (ELSA-2010-0625)
2013-07-12 00:00:00
RHEL 3 / 4 / 5 : wireshark (RHSA-2010:0625)
2010-08-12 00:00:00
oraclelinux
oraclelinux
wireshark security update
2010-08-11 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: wireshark-1.2.10-1.fc12
2010-09-02 20:47:13
[SECURITY] Fedora 13 Update: wireshark-1.2.13-2.fc13
2011-01-13 23:31:35
[SECURITY] Fedora 13 Update: wireshark-1.2.10-1.fc13
2010-09-02 20:45:30
securityvulns
securityvulns
Wireshark sniffer multiple security vulnerabilities
2010-09-14 00:00:00
Wireshark memory corruption
2010-05-21 00:00:00
[ MDVSA-2010:099 ] wireshark
2010-05-21 00:00:00
debian
debian
[SECURITY] [DSA 2066-1] New wireshark packages fix several vulnerabilities
2010-07-01 19:42:45
[SECURITY] [DSA 2101-1] New wireshark packages fix several vulnerabilities
2010-08-31 21:28:44
prion
prion
Buffer overflow
2010-08-13 18:43:00
Design/Logic Flaw
2010-05-12 11:46:00
Design/Logic Flaw
2010-06-15 14:04:00
debiancve
debiancve
CVE-2010-2995
2010-08-13 18:43:00
CVE-2010-1455
2010-05-12 11:46:00
CVE-2010-2287
2010-06-15 14:04:00
ubuntucve
ubuntucve
CVE-2010-2995
2010-08-13 00:00:00
CVE-2010-1455
2010-05-12 00:00:00
CVE-2010-2287
2010-06-15 00:00:00
cve
cve
CVE-2010-2995
2010-08-13 18:43:00
CVE-2010-1455
2010-05-12 11:46:00
CVE-2010-2284
2010-06-15 14:04:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:49:53
Denial Of Service (DoS)
2020-04-10 00:49:54
Denial Of Service (DoS)
2020-04-10 00:49:54
freebsd
freebsd
wireshark -- DOCSIS dissector denial of service
2010-05-05 00:00:00
checkpoint_advisories
checkpoint_advisories
Wireshark SigComp UDVM Dissector Remote Code Execution - Ver2 (CVE-2010-2287)
2015-03-26 00:00:00
Wireshark SigComp UDVM Dissector Remote Code Execution - Ver2 (CVE-2010-2287)
2015-03-26 00:00:00
gentoo
gentoo
Wireshark: Multiple vulnerabilities
2010-06-01 00:00:00
Wireshark: Multiple vulnerabilities
2011-10-09 00:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.516 Medium

EPSS

Percentile

97.5%

JSON
Related for CESA-2010:0625
openvas51redhat1nessus24oraclelinux1fedora7securityvulns4debian2prion8debiancve7ubuntucve7cve8veracode6freebsd1checkpoint_advisories2gentoo2