wireshark - several vulnerabilities

2010-08-3100:00:00

Google

osv.dev

JSON

Several implementation errors in the dissector of the Wireshark network
traffic analyzer for the ASN.1 BER protocol and in the SigComp Universal
Decompressor Virtual Machine may lead to the execution of arbitrary code.

For the stable distribution (lenny), these problems have been fixed in
version 1.0.2-3+lenny10.

For the unstable distribution (sid), these problems have been fixed in
version 1.2.10-1.

We recommend that you upgrade your wireshark packages.

CPENameOperatorVersion
wiresharkeq1.0.2-3+lenny3
wiresharkeq1.0.2-3+lenny4
wiresharkeq1.0.2-3+lenny5
wiresharkeq1.0.2-3+lenny6
wiresharkeq1.0.2-3+lenny7
wiresharkeq1.0.2-3+lenny8
wiresharkeq1.0.2-3+lenny9

Name	Operator	Version
wireshark	eq	1.0.2-3+lenny3
wireshark	eq	1.0.2-3+lenny4
wireshark	eq	1.0.2-3+lenny5
wireshark	eq	1.0.2-3+lenny6
wireshark	eq	1.0.2-3+lenny7
wireshark	eq	1.0.2-3+lenny8
wireshark	eq	1.0.2-3+lenny9

References

www.debian.org/security/2010/dsa-2101

JSON