Paketname
wireshark
Datum
2013-03-08
Advisory ID
MDVSA-2013:020
Betroffene Versionen
MES5 i586 , MES5 x86_64

Problembeschreibung

Multiple vulnerabilities was found and corrected in Wireshark:

* DRDA dissector infinite loop (CVE-2012-5239).
* USB dissector infinite loop
* ISAKMP dissector crash
* iSCSI dissector infinite loop
* WTP dissector infinite loop
* RTCP dissector inifinte loop
* ICMPv6 dissector infinite loop
* Infinite and large loops in several dissectors (CVE-2013-1572,
CVE-2013-1573, CVE-2013-1574, CVE-2013-1575, CVE-2013-1576,
CVE-2013-1577, CVE-2013-1578, CVE-2013-1579, CVE-2013-1580,
CVE-2013-1581).
* CLNP dissector crash (CVE-2013-1582).
* DTN dissector crash (CVE-2013-1583, CVE-2013-1584).
* MS-MMC dissector crash (CVE-2013-1585).
* DTLS dissector crash (CVE-2013-1586).
* DCP-ETSI dissector crash (CVE-2013-1588).
* Wireshark dissection engine crash (CVE-2013-1589).
* NTLMSSP dissector overflow (CVE-2013-1590).
* MS-MMS dissector crash (CVE-2013-2478).
* RTPS and RTPS2 dissector crash (CVE-2013-2480).
* Mount dissector crash (CVE-2013-2481).
* AMPQ dissector infinite loop (CVE-2013-2482).
* ACN dissector divide by zero (CVE-2013-2483).
* CIMD dissector crash (CVE-2013-2484).
* FCSP dissector infinite loop (CVE-2013-2485).
* DTLS dissector crash (CVE-2013-2488).

This advisory provides the latest version of Wireshark (1.6.14)
which is not vulnerable to these issues.

Aktualisierte Pakete

MES5 i586

 a22beeba6fa41e24c7cfac34d5df7cce  mes5/i586/dumpcap-1.6.14-0.1mdvmes5.2.i586.rpm
 14d093a7435774afd18f24a2abb41b1f  mes5/i586/libwireshark1-1.6.14-0.1mdvmes5.2.i586.rpm
 36654a282d83b0105a8c9df3a97eee97  mes5/i586/libwireshark-devel-1.6.14-0.1mdvmes5.2.i586.rpm
 a82e66bd38a63cca2c0727ca1d38e3fb  mes5/i586/rawshark-1.6.14-0.1mdvmes5.2.i586.rpm
 0986f3ddb45fc6bd3d1659951ab47816  mes5/i586/tshark-1.6.14-0.1mdvmes5.2.i586.rpm
 b58996993509b52a43395458fbc290ba  mes5/i586/wireshark-1.6.14-0.1mdvmes5.2.i586.rpm
 2eab9f9ecf9f622a5f06b36d71183ffb  mes5/i586/wireshark-tools-1.6.14-0.1mdvmes5.2.i586.rpm 
 6288f0cf8b88de7fb206c2b0dba2fe0c  mes5/SRPMS/wireshark-1.6.14-0.1mdvmes5.2.src.rpm

MES5 x86_64

 dbe7f9af81fc6dee15f1af6b8f57513e  mes5/x86_64/dumpcap-1.6.14-0.1mdvmes5.2.x86_64.rpm
 2755728f4fbd11eab89648f4ced5816f  mes5/x86_64/lib64wireshark1-1.6.14-0.1mdvmes5.2.x86_64.rpm
 7499190e0f8cee43b68228126764a674  mes5/x86_64/lib64wireshark-devel-1.6.14-0.1mdvmes5.2.x86_64.rpm
 0b885069ea9380aff5f0a6bdc858dc6c  mes5/x86_64/rawshark-1.6.14-0.1mdvmes5.2.x86_64.rpm
 bc7a38103a6a72370f0c24b956cadc47  mes5/x86_64/tshark-1.6.14-0.1mdvmes5.2.x86_64.rpm
 a515e67149dc0f1a35bc6769c8fa31ac  mes5/x86_64/wireshark-1.6.14-0.1mdvmes5.2.x86_64.rpm
 ae4e61b2418693acebb9778c3a9eb165  mes5/x86_64/wireshark-tools-1.6.14-0.1mdvmes5.2.x86_64.rpm 
 6288f0cf8b88de7fb206c2b0dba2fe0c  mes5/SRPMS/wireshark-1.6.14-0.1mdvmes5.2.src.rpm

Referenzen