(RHSA-2011:0013) Moderate: wireshark security update

2011-01-10T05:00:00
ID RHSA-2011:0013
Type redhat
Reporter RedHat
Modified 2018-06-06T20:24:32

Description

Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal.

An array index error, leading to a stack-based buffer overflow, was found in the Wireshark ENTTEC dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2010-4538)

Users of Wireshark should upgrade to these updated packages, which contain a backported patch to correct this issue. All running instances of Wireshark must be restarted for the update to take effect.