(RHSA-2008:0059) Moderate: wireshark security update

2008-01-2100:00:00

access.redhat.com

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.03 Low

EPSS

Percentile

89.9%

JSON

Wireshark is a program for monitoring network traffic. Wireshark was
previously known as Ethereal.

Several flaws were found in Wireshark. Wireshark could crash or possibly
execute arbitrary code as the user running Wireshark if it read a malformed
packet off the network. (CVE-2007-6114, CVE-2007-6115, CVE-2007-6117)

Several denial of service bugs were found in Wireshark. Wireshark could
crash or stop responding if it read a malformed packet off the network.
(CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392, CVE-2007-3392,
CVE-2007-3393, CVE-2007-6113, CVE-2007-6118, CVE-2007-6120, CVE-2007-6121,
CVE-2007-6450, CVE-2007-6451)

As well, Wireshark switched from using net-snmp to libsmi, which is
included in this errata.

Users of wireshark should upgrade to these updated packages, which contain
Wireshark version 0.99.7, and resolve these issues.

OSVersionArchitecturePackageVersionFilename
RedHatanyppcwireshark-gnome< 0.99.7-EL3.1wireshark-gnome-0.99.7-EL3.1.ppc.rpm
RedHat3ppclibsmi-devel< 0.4.5-3.el3libsmi-devel-0.4.5-3.el3.ppc.rpm
RedHatanyppcwireshark< 0.99.7-EL3.1wireshark-0.99.7-EL3.1.ppc.rpm
RedHat3ppclibsmi< 0.4.5-3.el3libsmi-0.4.5-3.el3.ppc.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	ppc	wireshark-gnome	< 0.99.7-EL3.1	wireshark-gnome-0.99.7-EL3.1.ppc.rpm
RedHat	3	ppc	libsmi-devel	< 0.4.5-3.el3	libsmi-devel-0.4.5-3.el3.ppc.rpm
RedHat	any	ppc	wireshark	< 0.99.7-EL3.1	wireshark-0.99.7-EL3.1.ppc.rpm
RedHat	3	ppc	libsmi	< 0.4.5-3.el3	libsmi-0.4.5-3.el3.ppc.rpm