[ MDVSA-2008:199 ] wireshark

2008-09-20T00:00:00
ID SECURITYVULNS:DOC:20550
Type securityvulns
Reporter Securityvulns
Modified 2008-09-20T00:00:00

Description

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


Mandriva Linux Security Advisory MDVSA-2008:199 http://www.mandriva.com/security/


Package : wireshark Date : September 19, 2008 Affected: 2008.0, 2008.1, Corporate 4.0


Problem Description:

A number of vulnerabilities were discovered in Wireshark that could cause it to crash while processing malicious packets (CVE-2008-3146, CVE-2008-3932, CVE-2008-3933, CVE-2008-3934).

This update provides Wireshark 1.0.3, which is not vulnerable to these issues.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3932 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3933 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3934 http://www.wireshark.org/security/wnpa-sec-2008-05.html


Updated Packages:

Mandriva Linux 2008.0: 052d8ebe59721965be4e1abc3d26aa4f 2008.0/i586/dumpcap-1.0.3-0.1mdv2008.0.i586.rpm 6e1ff488246d3e61dd86adf22db10157 2008.0/i586/libwireshark0-1.0.3-0.1mdv2008.0.i586.rpm 4a3380a50b95b4b47280d31051f03733 2008.0/i586/libwireshark-devel-1.0.3-0.1mdv2008.0.i586.rpm 47e77c47f5433386e134590e902d97fa 2008.0/i586/rawshark-1.0.3-0.1mdv2008.0.i586.rpm f19bb7a5f07b2e14d13bbb80a063e9c2 2008.0/i586/tshark-1.0.3-0.1mdv2008.0.i586.rpm 59bd1fe60ddc1aef03c43f1e244d310f 2008.0/i586/wireshark-1.0.3-0.1mdv2008.0.i586.rpm 7537a0e613adbd9a33f8506eff4b79dc 2008.0/i586/wireshark-tools-1.0.3-0.1mdv2008.0.i586.rpm 695458967bc7120dc18c0e021c21ef98 2008.0/SRPMS/wireshark-1.0.3-0.1mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64: 4579cf82a33b706a8332fb9da25bb714 2008.0/x86_64/dumpcap-1.0.3-0.1mdv2008.0.x86_64.rpm e2dc5b80e269394968a732d340584c50 2008.0/x86_64/lib64wireshark0-1.0.3-0.1mdv2008.0.x86_64.rpm 179c3d0406afacadeae37dabeb950ca9 2008.0/x86_64/lib64wireshark-devel-1.0.3-0.1mdv2008.0.x86_64.rpm c6460878e3237026fb2dcc31314a2e86 2008.0/x86_64/rawshark-1.0.3-0.1mdv2008.0.x86_64.rpm 61060d1d41bee4101c58780ea9acbde3 2008.0/x86_64/tshark-1.0.3-0.1mdv2008.0.x86_64.rpm afcda73f3b39721f2f9131d83b51518e 2008.0/x86_64/wireshark-1.0.3-0.1mdv2008.0.x86_64.rpm 593a07cded73079f4c744f4f774ea0da 2008.0/x86_64/wireshark-tools-1.0.3-0.1mdv2008.0.x86_64.rpm 695458967bc7120dc18c0e021c21ef98 2008.0/SRPMS/wireshark-1.0.3-0.1mdv2008.0.src.rpm

Mandriva Linux 2008.1: 325f81f7981ec1b0bb7af6ef00ea77b3 2008.1/i586/dumpcap-1.0.3-0.1mdv2008.1.i586.rpm b1374e0f57b9ddc67d138489a61514eb 2008.1/i586/libwireshark0-1.0.3-0.1mdv2008.1.i586.rpm b56d0679bc1889ce274d0331f809b4a4 2008.1/i586/libwireshark-devel-1.0.3-0.1mdv2008.1.i586.rpm 7cab501287ca8cb9b9e6c4c19c08e890 2008.1/i586/rawshark-1.0.3-0.1mdv2008.1.i586.rpm 7e40fab1043159337cc1108f7be86f4b 2008.1/i586/tshark-1.0.3-0.1mdv2008.1.i586.rpm b47879b7e4ed639ec7a2c0b721225b01 2008.1/i586/wireshark-1.0.3-0.1mdv2008.1.i586.rpm 871afd4c2295bf2f7b743e0adac825fa 2008.1/i586/wireshark-tools-1.0.3-0.1mdv2008.1.i586.rpm 4959379f906f32983e1d95c38dc01f3c 2008.1/SRPMS/wireshark-1.0.3-0.1mdv2008.1.src.rpm

Mandriva Linux 2008.1/X86_64: a903d45a26f4e4c324dbdecb51729f6f 2008.1/x86_64/dumpcap-1.0.3-0.1mdv2008.1.x86_64.rpm a85194ad83eb2833191cf8924fd68468 2008.1/x86_64/lib64wireshark0-1.0.3-0.1mdv2008.1.x86_64.rpm 966f0182801ae6e1d84c6736a796afca 2008.1/x86_64/lib64wireshark-devel-1.0.3-0.1mdv2008.1.x86_64.rpm 2e5035d90d7549a0c11b25be8050081c 2008.1/x86_64/rawshark-1.0.3-0.1mdv2008.1.x86_64.rpm 1d5e478b7149920d684a4c4e9f7e4b9f 2008.1/x86_64/tshark-1.0.3-0.1mdv2008.1.x86_64.rpm 0b8adf3d5c2412c282da2c5273a1d502 2008.1/x86_64/wireshark-1.0.3-0.1mdv2008.1.x86_64.rpm ebd622e02eb614171990b9cd5194ddbb 2008.1/x86_64/wireshark-tools-1.0.3-0.1mdv2008.1.x86_64.rpm 4959379f906f32983e1d95c38dc01f3c 2008.1/SRPMS/wireshark-1.0.3-0.1mdv2008.1.src.rpm

Corporate 4.0: 9aec40405f83f4102135e4af7234dc45 corporate/4.0/i586/dumpcap-1.0.3-0.1.20060mlcs4.i586.rpm 5846034eaf54cac8aaa5001cd05c8a23 corporate/4.0/i586/libwireshark0-1.0.3-0.1.20060mlcs4.i586.rpm 61c8775b586e3c3ff0ef26c5453a40de corporate/4.0/i586/libwireshark-devel-1.0.3-0.1.20060mlcs4.i586.rpm fb5a51694ac720ebb02fdc2006e827cc corporate/4.0/i586/rawshark-1.0.3-0.1.20060mlcs4.i586.rpm 04d4bcd97fc137d904bade0ff71d6d8a corporate/4.0/i586/tshark-1.0.3-0.1.20060mlcs4.i586.rpm a817d8255ab4224cbe8b29fb5d9f7d6e corporate/4.0/i586/wireshark-1.0.3-0.1.20060mlcs4.i586.rpm 74d39fc12f1d82d6b5b944001a99c6e0 corporate/4.0/i586/wireshark-tools-1.0.3-0.1.20060mlcs4.i586.rpm 6a321e896cb17afea59981b2c20c6f9d corporate/4.0/SRPMS/wireshark-1.0.3-0.1.20060mlcs4.src.rpm

Corporate 4.0/X86_64: 327f1445af63d045abd689286a13cfb7 corporate/4.0/x86_64/dumpcap-1.0.3-0.1.20060mlcs4.x86_64.rpm 5e57899fa206ba15425a643b0f5395ab corporate/4.0/x86_64/lib64wireshark0-1.0.3-0.1.20060mlcs4.x86_64.rpm ecae0b5846ff684524d0b6fd6f082fca corporate/4.0/x86_64/lib64wireshark-devel-1.0.3-0.1.20060mlcs4.x86_64.rpm f649de4fd1cb4663d51d1befd688000a corporate/4.0/x86_64/rawshark-1.0.3-0.1.20060mlcs4.x86_64.rpm b41496a881a1644c6a376c89fd25aa32 corporate/4.0/x86_64/tshark-1.0.3-0.1.20060mlcs4.x86_64.rpm 219e77ae2a975e781c45344c62e2f4b8 corporate/4.0/x86_64/wireshark-1.0.3-0.1.20060mlcs4.x86_64.rpm bc7397b7fce20c989668b71afbfa3ad4 corporate/4.0/x86_64/wireshark-tools-1.0.3-0.1.20060mlcs4.x86_64.rpm 6a321e896cb17afea59981b2c20c6f9d corporate/4.0/SRPMS/wireshark-1.0.3-0.1.20060mlcs4.src.rpm


To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFI09/QmqjQ0CJFipgRAozLAKDaaK7z4VDoXNJ345Loi4s8bkSPVQCgnm97 wN51WJRipenpVo9BIHwvAaM= =2zXb -----END PGP SIGNATURE-----