(RHSA-2009:0313) Moderate: wireshark security update

2009-03-0400:00:00

access.redhat.com

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.015 Low

EPSS

Percentile

85.3%

JSON

Wireshark is a program for monitoring network traffic. Wireshark was
previously known as Ethereal.

Multiple buffer overflow flaws were found in Wireshark. If Wireshark read
a malformed packet off a network or opened a malformed dump file, it could
crash or, possibly, execute arbitrary code as the user running Wireshark.
(CVE-2008-4683, CVE-2009-0599)

Several denial of service flaws were found in Wireshark. Wireshark could
crash or stop responding if it read a malformed packet off a network, or
opened a malformed dump file. (CVE-2008-4680, CVE-2008-4681, CVE-2008-4682,
CVE-2008-4684, CVE-2008-4685, CVE-2008-5285, CVE-2009-0600)

Users of wireshark should upgrade to these updated packages, which contain
Wireshark version 1.0.6, and resolve these issues. All running instances of
Wireshark must be restarted for the update to take effect.

OSVersionArchitecturePackageVersionFilename
RedHat5x86_64wireshark< 1.0.6-2.el5_3wireshark-1.0.6-2.el5_3.x86_64.rpm
RedHat4s390wireshark-gnome< 1.0.6-2.el4_7wireshark-gnome-1.0.6-2.el4_7.s390.rpm
RedHat5ia64wireshark< 1.0.6-2.el5_3wireshark-1.0.6-2.el5_3.ia64.rpm
RedHat5s390xwireshark< 1.0.6-2.el5_3wireshark-1.0.6-2.el5_3.s390x.rpm
RedHat5x86_64wireshark-gnome< 1.0.6-2.el5_3wireshark-gnome-1.0.6-2.el5_3.x86_64.rpm
RedHat4i386wireshark-gnome< 1.0.6-2.el4_7wireshark-gnome-1.0.6-2.el4_7.i386.rpm
RedHat5ppcwireshark< 1.0.6-2.el5_3wireshark-1.0.6-2.el5_3.ppc.rpm
RedHat4i386wireshark< 1.0.6-2.el4_7wireshark-1.0.6-2.el4_7.i386.rpm
RedHat5ia64wireshark-gnome< 1.0.6-2.el5_3wireshark-gnome-1.0.6-2.el5_3.ia64.rpm
RedHat5i386wireshark< 1.0.6-2.el5_3wireshark-1.0.6-2.el5_3.i386.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	5	x86_64	wireshark	< 1.0.6-2.el5_3	wireshark-1.0.6-2.el5_3.x86_64.rpm
RedHat	4	s390	wireshark-gnome	< 1.0.6-2.el4_7	wireshark-gnome-1.0.6-2.el4_7.s390.rpm
RedHat	5	ia64	wireshark	< 1.0.6-2.el5_3	wireshark-1.0.6-2.el5_3.ia64.rpm
RedHat	5	s390x	wireshark	< 1.0.6-2.el5_3	wireshark-1.0.6-2.el5_3.s390x.rpm
RedHat	5	x86_64	wireshark-gnome	< 1.0.6-2.el5_3	wireshark-gnome-1.0.6-2.el5_3.x86_64.rpm
RedHat	4	i386	wireshark-gnome	< 1.0.6-2.el4_7	wireshark-gnome-1.0.6-2.el4_7.i386.rpm
RedHat	5	ppc	wireshark	< 1.0.6-2.el5_3	wireshark-1.0.6-2.el5_3.ppc.rpm
RedHat	4	i386	wireshark	< 1.0.6-2.el4_7	wireshark-1.0.6-2.el4_7.i386.rpm
RedHat	5	ia64	wireshark-gnome	< 1.0.6-2.el5_3	wireshark-gnome-1.0.6-2.el5_3.ia64.rpm
RedHat	5	i386	wireshark	< 1.0.6-2.el5_3	wireshark-1.0.6-2.el5_3.i386.rpm