[SECURITY] [DSA 2792-1] wireshark security update

2013-11-0417:50:36

lists.debian.org

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.5%

JSON

Debian Security Advisory DSA-2792-1 [email protected]
http://www.debian.org/security/ Salvatore Bonaccorso
November 04, 2013 http://www.debian.org/security/faq

Package : wireshark
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-6336 CVE-2013-6337 CVE-2013-6338 CVE-2013-6340

Multiple vulnerabilities were discovered in the dissectors for IEEE
802.15.4, NBAP, SIP and TCP, which could result in denial of service.

The oldstable distribution (squeeze) is only affected by CVE-2013-6340.
This problem has been fixed in version 1.2.11-6+squeeze13.

For the stable distribution (wheezy), these problems have been fixed in
version 1.8.2-5wheezy7.

For the unstable distribution (sid), these problems have been fixed in
version 1.10.3-1.

We recommend that you upgrade your wireshark packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian6sparctshark< 1.2.11-6+squeeze13tshark_1.2.11-6+squeeze13_sparc.deb
Debian7amd64wireshark< 1.8.2-5wheezy7wireshark_1.8.2-5wheezy7_amd64.deb
Debian7amd64wireshark-common< 1.8.2-5wheezy7wireshark-common_1.8.2-5wheezy7_amd64.deb
Debian7i386libwireshark-dev< 1.8.2-5wheezy7libwireshark-dev_1.8.2-5wheezy7_i386.deb
Debian7mipsellibwireshark-dev< 1.8.2-5wheezy7libwireshark-dev_1.8.2-5wheezy7_mipsel.deb
Debian7sparclibwiretap2< 1.8.2-5wheezy7libwiretap2_1.8.2-5wheezy7_sparc.deb
Debian7amd64libwireshark2< 1.8.2-5wheezy7libwireshark2_1.8.2-5wheezy7_amd64.deb
Debian7armhflibwsutil2< 1.8.2-5wheezy7libwsutil2_1.8.2-5wheezy7_armhf.deb
Debian7i386wireshark-common< 1.8.2-5wheezy7wireshark-common_1.8.2-5wheezy7_i386.deb
Debian7mipselwireshark-common< 1.8.2-5wheezy7wireshark-common_1.8.2-5wheezy7_mipsel.deb

OS	Version	Architecture	Package	Version	Filename
Debian	6	sparc	tshark	< 1.2.11-6+squeeze13	tshark_1.2.11-6+squeeze13_sparc.deb
Debian	7	amd64	wireshark	< 1.8.2-5wheezy7	wireshark_1.8.2-5wheezy7_amd64.deb
Debian	7	amd64	wireshark-common	< 1.8.2-5wheezy7	wireshark-common_1.8.2-5wheezy7_amd64.deb
Debian	7	i386	libwireshark-dev	< 1.8.2-5wheezy7	libwireshark-dev_1.8.2-5wheezy7_i386.deb
Debian	7	mipsel	libwireshark-dev	< 1.8.2-5wheezy7	libwireshark-dev_1.8.2-5wheezy7_mipsel.deb
Debian	7	sparc	libwiretap2	< 1.8.2-5wheezy7	libwiretap2_1.8.2-5wheezy7_sparc.deb
Debian	7	amd64	libwireshark2	< 1.8.2-5wheezy7	libwireshark2_1.8.2-5wheezy7_amd64.deb
Debian	7	armhf	libwsutil2	< 1.8.2-5wheezy7	libwsutil2_1.8.2-5wheezy7_armhf.deb
Debian	7	i386	wireshark-common	< 1.8.2-5wheezy7	wireshark-common_1.8.2-5wheezy7_i386.deb
Debian	7	mipsel	wireshark-common	< 1.8.2-5wheezy7	wireshark-common_1.8.2-5wheezy7_mipsel.deb