[SECURITY] [DSA 2144-1] Security update for wireshark

2011-01-1500:42:02

lists.debian.org

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.917 High

EPSS

Percentile

98.9%

JSON

Debian Security Advisory DSA-2144-1 [email protected]
http://www.debian.org/security/ Moritz Muehlenhoff
January 15, 2011 http://www.debian.org/security/faq

Package : wireshark
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE ID : CVE-2010-4538

It was discovered that a buffer overflow in the ENTTEC dissector may
lead to the execution of arbitrary code.

For the stable distribution (lenny), this problem has been fixed in
version 1.0.2-3+lenny12.

For the testing distribution (squeeze), this problem has been fixed in
version 1.2.11-6.

For the unstable distribution (sid), this problem has been fixed in
version 1.2.11-6.

We recommend that you upgrade your wireshark packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian5i386tshark< 1.0.2-3+lenny12tshark_1.0.2-3+lenny12_i386.deb
Debian5mipswireshark< 1.0.2-3+lenny12wireshark_1.0.2-3+lenny12_mips.deb
Debian5armelwireshark-common< 1.0.2-3+lenny12wireshark-common_1.0.2-3+lenny12_armel.deb
Debian5mipstshark< 1.0.2-3+lenny12tshark_1.0.2-3+lenny12_mips.deb
Debian5mipseltshark< 1.0.2-3+lenny12tshark_1.0.2-3+lenny12_mipsel.deb
Debian5amd64wireshark-dev< 1.0.2-3+lenny12wireshark-dev_1.0.2-3+lenny12_amd64.deb
Debian5hppawireshark< 1.0.2-3+lenny12wireshark_1.0.2-3+lenny12_hppa.deb
Debian5s390tshark< 1.0.2-3+lenny12tshark_1.0.2-3+lenny12_s390.deb
Debian5sparcwireshark-common< 1.0.2-3+lenny12wireshark-common_1.0.2-3+lenny12_sparc.deb
Debian5ia64wireshark< 1.0.2-3+lenny12wireshark_1.0.2-3+lenny12_ia64.deb

OS	Version	Architecture	Package	Version	Filename
Debian	5	i386	tshark	< 1.0.2-3+lenny12	tshark_1.0.2-3+lenny12_i386.deb
Debian	5	mips	wireshark	< 1.0.2-3+lenny12	wireshark_1.0.2-3+lenny12_mips.deb
Debian	5	armel	wireshark-common	< 1.0.2-3+lenny12	wireshark-common_1.0.2-3+lenny12_armel.deb
Debian	5	mips	tshark	< 1.0.2-3+lenny12	tshark_1.0.2-3+lenny12_mips.deb
Debian	5	mipsel	tshark	< 1.0.2-3+lenny12	tshark_1.0.2-3+lenny12_mipsel.deb
Debian	5	amd64	wireshark-dev	< 1.0.2-3+lenny12	wireshark-dev_1.0.2-3+lenny12_amd64.deb
Debian	5	hppa	wireshark	< 1.0.2-3+lenny12	wireshark_1.0.2-3+lenny12_hppa.deb
Debian	5	s390	tshark	< 1.0.2-3+lenny12	tshark_1.0.2-3+lenny12_s390.deb
Debian	5	sparc	wireshark-common	< 1.0.2-3+lenny12	wireshark-common_1.0.2-3+lenny12_sparc.deb
Debian	5	ia64	wireshark	< 1.0.2-3+lenny12	wireshark_1.0.2-3+lenny12_ia64.deb