(RHSA-2010:0360) Moderate: wireshark security update

2010-04-2000:00:00

access.redhat.com

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.937 High

EPSS

Percentile

98.9%

JSON

Wireshark is a program for monitoring network traffic. Wireshark was
previously known as Ethereal.

An invalid pointer dereference flaw was found in the Wireshark SMB and SMB2
dissectors. If Wireshark read a malformed packet off a network or opened a
malicious dump file, it could crash or, possibly, execute arbitrary code as
the user running Wireshark. (CVE-2009-4377)

Several buffer overflow flaws were found in the Wireshark LWRES dissector.
If Wireshark read a malformed packet off a network or opened a malicious
dump file, it could crash or, possibly, execute arbitrary code as the user
running Wireshark. (CVE-2010-0304)

Several denial of service flaws were found in Wireshark. Wireshark could
crash or stop responding if it read a malformed packet off a network, or
opened a malicious dump file. (CVE-2009-2560, CVE-2009-2562, CVE-2009-2563,
CVE-2009-3550, CVE-2009-3829)

Users of Wireshark should upgrade to these updated packages, which contain
Wireshark version 1.0.11, and resolve these issues. All running instances
of Wireshark must be restarted for the update to take effect.

OSVersionArchitecturePackageVersionFilename
RedHat5s390xwireshark< 1.0.11-1.el5_5.5wireshark-1.0.11-1.el5_5.5.s390x.rpm
RedHat4s390xwireshark-gnome< 1.0.11-1.el4_8.5wireshark-gnome-1.0.11-1.el4_8.5.s390x.rpm
RedHat5s390xwireshark-gnome< 1.0.11-1.el5_5.5wireshark-gnome-1.0.11-1.el5_5.5.s390x.rpm
RedHat4ia64wireshark< 1.0.11-1.el4_8.5wireshark-1.0.11-1.el4_8.5.ia64.rpm
RedHat4x86_64wireshark< 1.0.11-1.el4_8.5wireshark-1.0.11-1.el4_8.5.x86_64.rpm
RedHat5ppcwireshark-gnome< 1.0.11-1.el5_5.5wireshark-gnome-1.0.11-1.el5_5.5.ppc.rpm
RedHat4x86_64wireshark-gnome< 1.0.11-1.el4_8.5wireshark-gnome-1.0.11-1.el4_8.5.x86_64.rpm
RedHat5ia64wireshark-gnome< 1.0.11-1.el5_5.5wireshark-gnome-1.0.11-1.el5_5.5.ia64.rpm
RedHat5ia64wireshark< 1.0.11-1.el5_5.5wireshark-1.0.11-1.el5_5.5.ia64.rpm
RedHat4ppcwireshark-gnome< 1.0.11-1.el4_8.5wireshark-gnome-1.0.11-1.el4_8.5.ppc.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	5	s390x	wireshark	< 1.0.11-1.el5_5.5	wireshark-1.0.11-1.el5_5.5.s390x.rpm
RedHat	4	s390x	wireshark-gnome	< 1.0.11-1.el4_8.5	wireshark-gnome-1.0.11-1.el4_8.5.s390x.rpm
RedHat	5	s390x	wireshark-gnome	< 1.0.11-1.el5_5.5	wireshark-gnome-1.0.11-1.el5_5.5.s390x.rpm
RedHat	4	ia64	wireshark	< 1.0.11-1.el4_8.5	wireshark-1.0.11-1.el4_8.5.ia64.rpm
RedHat	4	x86_64	wireshark	< 1.0.11-1.el4_8.5	wireshark-1.0.11-1.el4_8.5.x86_64.rpm
RedHat	5	ppc	wireshark-gnome	< 1.0.11-1.el5_5.5	wireshark-gnome-1.0.11-1.el5_5.5.ppc.rpm
RedHat	4	x86_64	wireshark-gnome	< 1.0.11-1.el4_8.5	wireshark-gnome-1.0.11-1.el4_8.5.x86_64.rpm
RedHat	5	ia64	wireshark-gnome	< 1.0.11-1.el5_5.5	wireshark-gnome-1.0.11-1.el5_5.5.ia64.rpm
RedHat	5	ia64	wireshark	< 1.0.11-1.el5_5.5	wireshark-1.0.11-1.el5_5.5.ia64.rpm
RedHat	4	ppc	wireshark-gnome	< 1.0.11-1.el4_8.5	wireshark-gnome-1.0.11-1.el4_8.5.ppc.rpm