Paketname
wireshark
Datum
2010-11-28
Advisory ID
MDVSA-2010:242
Betroffene Versionen
2010.1 x86_64 , 2010.1 i586 , 2010.0 x86_64 , 2010.0 i586

Problembeschreibung

This advisory updates wireshark to the latest version (1.2.13),
fixing one security issue:

Heap-based buffer overflow in the dissect_ldss_transfer function
(epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark
1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers
to cause a denial of service (crash) and possibly execute arbitrary
code via an LDSS packet with a long digest line that triggers memory
corruption (CVE-2010-4300).

Aktualisierte Pakete

2010.1 x86_64

 0074d272580ecb14470957bbcf309fdb  2010.1/x86_64/dumpcap-1.2.13-0.1mdv2010.1.x86_64.rpm
 b2d0893308118c39624a68ee37fd4fea  2010.1/x86_64/lib64wireshark0-1.2.13-0.1mdv2010.1.x86_64.rpm
 65bd3c621d996e1c2bf62e41040ca8e9  2010.1/x86_64/lib64wireshark-devel-1.2.13-0.1mdv2010.1.x86_64.rpm
 f04eede134a4b7b1ce261d453ef7df15  2010.1/x86_64/rawshark-1.2.13-0.1mdv2010.1.x86_64.rpm
 93bd66519850417ce7cd79c6537f2773  2010.1/x86_64/tshark-1.2.13-0.1mdv2010.1.x86_64.rpm
 6ed7bbd6da344b881d043687a4b1bf64  2010.1/x86_64/wireshark-1.2.13-0.1mdv2010.1.x86_64.rpm
 ba599f0e8845fb95dfc4364d8a45a871  2010.1/x86_64/wireshark-tools-1.2.13-0.1mdv2010.1.x86_64.rpm 
 d86b28ee505b3b824a4a76e2e41b95cc  2010.1/SRPMS/wireshark-1.2.13-0.1mdv2010.1.src.rpm

2010.1 i586

 25347584b6703f4c5646d4276115c81b  2010.1/i586/dumpcap-1.2.13-0.1mdv2010.1.i586.rpm
 0a5537d1d1c4677a09f47e73062e0414  2010.1/i586/libwireshark0-1.2.13-0.1mdv2010.1.i586.rpm
 3da7c3cf521db4859d8b36bd2b1c2e1a  2010.1/i586/libwireshark-devel-1.2.13-0.1mdv2010.1.i586.rpm
 32f2251a14cab4a5dc3712546083ebde  2010.1/i586/rawshark-1.2.13-0.1mdv2010.1.i586.rpm
 186c631e5551ba551cc706d34067edfe  2010.1/i586/tshark-1.2.13-0.1mdv2010.1.i586.rpm
 7d7a26327249ef39840cde5de056be7b  2010.1/i586/wireshark-1.2.13-0.1mdv2010.1.i586.rpm
 a612e1d9317342ee88a5b209c10b8541  2010.1/i586/wireshark-tools-1.2.13-0.1mdv2010.1.i586.rpm 
 d86b28ee505b3b824a4a76e2e41b95cc  2010.1/SRPMS/wireshark-1.2.13-0.1mdv2010.1.src.rpm

2010.0 x86_64

 982fbf234e764e943193938feb5b90f0  2010.0/x86_64/dumpcap-1.2.13-0.1mdv2010.0.x86_64.rpm
 a956ba2da8a343fdaf6b8f49451e3ec2  2010.0/x86_64/lib64wireshark0-1.2.13-0.1mdv2010.0.x86_64.rpm
 cb439afb7607433c4c5fff9dfbf2870b  2010.0/x86_64/lib64wireshark-devel-1.2.13-0.1mdv2010.0.x86_64.rpm
 fa3263c92ed9021b8025272c1346b25a  2010.0/x86_64/rawshark-1.2.13-0.1mdv2010.0.x86_64.rpm
 7c391f9841576e31885e60fb803ef2ff  2010.0/x86_64/tshark-1.2.13-0.1mdv2010.0.x86_64.rpm
 c6a0fee28f065fbb3bbc90f080e0b744  2010.0/x86_64/wireshark-1.2.13-0.1mdv2010.0.x86_64.rpm
 71220add0439ae3a08638bccd39f6e01  2010.0/x86_64/wireshark-tools-1.2.13-0.1mdv2010.0.x86_64.rpm 
 aaee58cb0ffdff477f29bacf15b9c9dc  2010.0/SRPMS/wireshark-1.2.13-0.1mdv2010.0.src.rpm

2010.0 i586

 bdbb1b214e59d74f0075ae893819a9f8  2010.0/i586/dumpcap-1.2.13-0.1mdv2010.0.i586.rpm
 0f29708089267e7a8188aaf0b9a05287  2010.0/i586/libwireshark0-1.2.13-0.1mdv2010.0.i586.rpm
 df661a6868115051c71d80879810a813  2010.0/i586/libwireshark-devel-1.2.13-0.1mdv2010.0.i586.rpm
 a5bc877e16d9dc7bf219890d1f1df33f  2010.0/i586/rawshark-1.2.13-0.1mdv2010.0.i586.rpm
 6bf1731d7a69578df7c4e8af3ffcdaba  2010.0/i586/tshark-1.2.13-0.1mdv2010.0.i586.rpm
 2b8e8bd07009381685a242563bd72886  2010.0/i586/wireshark-1.2.13-0.1mdv2010.0.i586.rpm
 82772246e673d725b76df96a98c8e94a  2010.0/i586/wireshark-tools-1.2.13-0.1mdv2010.0.i586.rpm 
 aaee58cb0ffdff477f29bacf15b9c9dc  2010.0/SRPMS/wireshark-1.2.13-0.1mdv2010.0.src.rpm

Referenzen