Paketname
wireshark
Datum
2013-11-22
Advisory ID
MDVSA-2013:279
Betroffene Versionen
MES5 i586 , MBS1 x86_64 , MES5 x86_64

Problembeschreibung

Multiple vulnerabilities was found and corrected in Wireshark:

The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c
in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and
1.10.x before 1.10.3 uses an incorrect pointer chain, which allows
remote attackers to cause a denial of service (application crash)
via a crafted packet (CVE-2013-6336).

Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x
before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to
cause a denial of service (application crash) via a crafted packet
(CVE-2013-6337).

The dissect_sip_common function in epan/dissectors/packet-sip.c in
the SIP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before
1.10.3 does not properly initialize a data structure, which allows
remote attackers to cause a denial of service (application crash)
via a crafted packet (CVE-2013-6338).

The dissect_openwire_type function in epan/dissectors/packet-openwire.c
in the OpenWire dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x
before 1.10.3 allows remote attackers to cause a denial of service
(loop) via a crafted packet (CVE-2013-6339).

epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x
before 1.8.11 and 1.10.x before 1.10.3 does not properly determine
the amount of remaining data, which allows remote attackers to
cause a denial of service (application crash) via a crafted packet
(CVE-2013-6340).

This advisory provides the latest version of Wireshark (1.8.11)
which is not vulnerable to these issues.

Aktualisierte Pakete

MES5 i586

 98622a741ae96ed668e16bf24aa4ef64  mes5/i586/dumpcap-1.8.11-0.1mdvmes5.2.i586.rpm
 36024f4ec5485280e563970cdcee89fd  mes5/i586/libwireshark2-1.8.11-0.1mdvmes5.2.i586.rpm
 59f36043ed7344118122f0bed1565dc3  mes5/i586/libwireshark-devel-1.8.11-0.1mdvmes5.2.i586.rpm
 e225e58ddee938c705e9194975b0080f  mes5/i586/rawshark-1.8.11-0.1mdvmes5.2.i586.rpm
 1df5cc14b1e2b3d52e4150628c419ed5  mes5/i586/tshark-1.8.11-0.1mdvmes5.2.i586.rpm
 12af77a39bf1da00682cc9a5422f9a83  mes5/i586/wireshark-1.8.11-0.1mdvmes5.2.i586.rpm
 a60aebf5a710486af5ead2757e4cb00e  mes5/i586/wireshark-tools-1.8.11-0.1mdvmes5.2.i586.rpm 
 cc5d3cf48b81a553024a04b420409c00  mes5/SRPMS/wireshark-1.8.11-0.1mdvmes5.2.src.rpm

MBS1 x86_64

 6851004c2f60cc4ace2e3ec56bf2070c  mbs1/x86_64/dumpcap-1.8.11-1.mbs1.x86_64.rpm
 5f5c14e2b731e0475fccd4b96e46c1d0  mbs1/x86_64/lib64wireshark2-1.8.11-1.mbs1.x86_64.rpm
 f02a9a607a72ef4c65ab07ed18455d4c  mbs1/x86_64/lib64wireshark-devel-1.8.11-1.mbs1.x86_64.rpm
 508439ff59df401944dbfded4295d3bb  mbs1/x86_64/rawshark-1.8.11-1.mbs1.x86_64.rpm
 0dda2898e3172b3da4bb72b14b20902b  mbs1/x86_64/tshark-1.8.11-1.mbs1.x86_64.rpm
 7b9071dbb6865f43ba9f92f1daa71350  mbs1/x86_64/wireshark-1.8.11-1.mbs1.x86_64.rpm
 ee4776739e0beec45e4ded40950997bf  mbs1/x86_64/wireshark-tools-1.8.11-1.mbs1.x86_64.rpm 
 f5fd232229de242f4296be74c6b96971  mbs1/SRPMS/wireshark-1.8.11-1.mbs1.src.rpm

MES5 x86_64

 fbe25f6fbe17b81a210ef9a551f5bc1a  mes5/x86_64/dumpcap-1.8.11-0.1mdvmes5.2.x86_64.rpm
 8a8ba865849970c9475c92e54c5cb865  mes5/x86_64/lib64wireshark2-1.8.11-0.1mdvmes5.2.x86_64.rpm
 c972d562e547260397debae20d461dca  mes5/x86_64/lib64wireshark-devel-1.8.11-0.1mdvmes5.2.x86_64.rpm
 7499880e5b12fc890f85fcd9b68546ba  mes5/x86_64/rawshark-1.8.11-0.1mdvmes5.2.x86_64.rpm
 1e53cff4211fd4f2fcc831d9d98a5ff8  mes5/x86_64/tshark-1.8.11-0.1mdvmes5.2.x86_64.rpm
 a314aea4c972bc2981e6094cf600ca38  mes5/x86_64/wireshark-1.8.11-0.1mdvmes5.2.x86_64.rpm
 c22427e8caf94ac9da34e82180837ba5  mes5/x86_64/wireshark-tools-1.8.11-0.1mdvmes5.2.x86_64.rpm 
 cc5d3cf48b81a553024a04b420409c00  mes5/SRPMS/wireshark-1.8.11-0.1mdvmes5.2.src.rpm

Referenzen