MDVSA-2008:215

Package name

wireshark

Date

2008-10-27

Advisory ID

MDVSA-2008:215

Affected versions

2009.0 x86_64 , 2009.0 i586 , CS4.0 i586 , CS4.0 x86_64 , 2008.1 x86_64 , 2008.1 i586

Problem description

A number of vulnerabilities were discovered in Wireshark that could
cause it to crash or abort while processing malicious packets
(CVE-2008-4680, CVE-2008-4681, CVE-2008-4682, CVE-2008-4683,
CVE-2008-4684, CVE-2008-4685).

This update provides Wireshark 1.0.4, which is not vulnerable to
these issues.

Updated packages

2009.0 x86_64

 6b1f9c880d3fb896b38952b6b1e22806  2009.0/x86_64/dumpcap-1.0.4-0.1mdv2009.0.x86_64.rpm
 afb5bc614f48a7ee4c3ca20c5177a0d6  2009.0/x86_64/lib64wireshark0-1.0.4-0.1mdv2009.0.x86_64.rpm
 d1caa4d49f1a596c55052670c257aae4  2009.0/x86_64/lib64wireshark-devel-1.0.4-0.1mdv2009.0.x86_64.rpm
 8800985eba2fc5d4a780ad296293af43  2009.0/x86_64/rawshark-1.0.4-0.1mdv2009.0.x86_64.rpm
 99ef5b9b5398beeed94cf799d9d28f4a  2009.0/x86_64/tshark-1.0.4-0.1mdv2009.0.x86_64.rpm
 cb8f15f3e06620afb245ce8b8246173a  2009.0/x86_64/wireshark-1.0.4-0.1mdv2009.0.x86_64.rpm
 ea3b906fa428008dfd1f9520cc71ec33  2009.0/x86_64/wireshark-tools-1.0.4-0.1mdv2009.0.x86_64.rpm 
 61c74b35d70f00511165ac521a98dde7  2009.0/SRPMS/wireshark-1.0.4-0.1mdv2009.0.src.rpm

2009.0 i586

 3b078025b09b85e872b053abd37e4654  2009.0/i586/dumpcap-1.0.4-0.1mdv2009.0.i586.rpm
 05a76f279cc0bf7fec5cae98ce610cf3  2009.0/i586/libwireshark0-1.0.4-0.1mdv2009.0.i586.rpm
 cf4d8be7e83dbfb07658196665f74b3a  2009.0/i586/libwireshark-devel-1.0.4-0.1mdv2009.0.i586.rpm
 19934b524aafb76b52a6c00301e9741f  2009.0/i586/rawshark-1.0.4-0.1mdv2009.0.i586.rpm
 9e7884192ee091b83473ecc325609673  2009.0/i586/tshark-1.0.4-0.1mdv2009.0.i586.rpm
 dc47e7d526ee28f790f47b48058f741a  2009.0/i586/wireshark-1.0.4-0.1mdv2009.0.i586.rpm
 34d43760e4b896326792e4c9cab890a8  2009.0/i586/wireshark-tools-1.0.4-0.1mdv2009.0.i586.rpm 
 61c74b35d70f00511165ac521a98dde7  2009.0/SRPMS/wireshark-1.0.4-0.1mdv2009.0.src.rpm

CS4.0 i586

 fe3c0ee6cec002478c8ddd3818df8f58  corporate/4.0/i586/dumpcap-1.0.4-0.1.20060mlcs4.i586.rpm
 aa1101fdb86ee3b9785dfd1ee36b49db  corporate/4.0/i586/libwireshark0-1.0.4-0.1.20060mlcs4.i586.rpm
 37767e7e662d8e4179fb7df3ba9df363  corporate/4.0/i586/libwireshark-devel-1.0.4-0.1.20060mlcs4.i586.rpm
 33dc56d2f00eb1a9635c48b0006e2667  corporate/4.0/i586/rawshark-1.0.4-0.1.20060mlcs4.i586.rpm
 a2b4933ad53086ab8cb330451b651794  corporate/4.0/i586/tshark-1.0.4-0.1.20060mlcs4.i586.rpm
 64b2d0fdd6d11dc5e47c302668417d93  corporate/4.0/i586/wireshark-1.0.4-0.1.20060mlcs4.i586.rpm
 bf55b9c94bbfa483176f2c0e32cf0081  corporate/4.0/i586/wireshark-tools-1.0.4-0.1.20060mlcs4.i586.rpm 
 0114242086297b135360297a51cb8ada  corporate/4.0/SRPMS/wireshark-1.0.4-0.1.20060mlcs4.src.rpm

CS4.0 x86_64

 2327502106d5c8c11d8801f65502f708  corporate/4.0/x86_64/dumpcap-1.0.4-0.1.20060mlcs4.x86_64.rpm
 b2e80b25d44b2e7b9dc91a43978393f1  corporate/4.0/x86_64/lib64wireshark0-1.0.4-0.1.20060mlcs4.x86_64.rpm
 804d41d8e9a551126f5ac9b80228da97  corporate/4.0/x86_64/lib64wireshark-devel-1.0.4-0.1.20060mlcs4.x86_64.rpm
 75daf8f97a3ea9466bba86477aeb429b  corporate/4.0/x86_64/rawshark-1.0.4-0.1.20060mlcs4.x86_64.rpm
 ef5b5422c855fea0c41d3f81bd0f2f60  corporate/4.0/x86_64/tshark-1.0.4-0.1.20060mlcs4.x86_64.rpm
 37621c9c2bf74767574fb47f9695318e  corporate/4.0/x86_64/wireshark-1.0.4-0.1.20060mlcs4.x86_64.rpm
 ad5f8bc8ac1ece328b86df0bdb60f44d  corporate/4.0/x86_64/wireshark-tools-1.0.4-0.1.20060mlcs4.x86_64.rpm 
 0114242086297b135360297a51cb8ada  corporate/4.0/SRPMS/wireshark-1.0.4-0.1.20060mlcs4.src.rpm

2008.1 x86_64

 01df6ee846ede6e7af2b14146121d002  2008.1/x86_64/dumpcap-1.0.4-0.1mdv2008.1.x86_64.rpm
 4a81377783d769b5fb27a4d12b0e8540  2008.1/x86_64/lib64wireshark0-1.0.4-0.1mdv2008.1.x86_64.rpm
 61458349625f3efa4e0b4512c0689881  2008.1/x86_64/lib64wireshark-devel-1.0.4-0.1mdv2008.1.x86_64.rpm
 de60e75c930e59358a578956d6624c05  2008.1/x86_64/rawshark-1.0.4-0.1mdv2008.1.x86_64.rpm
 4cf0a2b2b7eeaf3edffa7e6362bbb3e3  2008.1/x86_64/tshark-1.0.4-0.1mdv2008.1.x86_64.rpm
 3d085016598ac39425b4f2f54059256e  2008.1/x86_64/wireshark-1.0.4-0.1mdv2008.1.x86_64.rpm
 f277d73cd161359c1ebd2fecfac17dde  2008.1/x86_64/wireshark-tools-1.0.4-0.1mdv2008.1.x86_64.rpm 
 5447226b9e6b32d7a6699782fd789508  2008.1/SRPMS/wireshark-1.0.4-0.1mdv2008.1.src.rpm

2008.1 i586

 e22f4724405ce826d30052d6e052fe80  2008.1/i586/dumpcap-1.0.4-0.1mdv2008.1.i586.rpm
 f786b038c9d6a116fc6510db3b336ae2  2008.1/i586/libwireshark0-1.0.4-0.1mdv2008.1.i586.rpm
 2f14262ab9cfb94f9f8b8896dba61cc7  2008.1/i586/libwireshark-devel-1.0.4-0.1mdv2008.1.i586.rpm
 e56d7c558854a2e1ef2ea91766b6be90  2008.1/i586/rawshark-1.0.4-0.1mdv2008.1.i586.rpm
 09f56860799e124a5a242059ce5e3906  2008.1/i586/tshark-1.0.4-0.1mdv2008.1.i586.rpm
 c9cf1d4ca54215e17e8d7cdf1685ad17  2008.1/i586/wireshark-1.0.4-0.1mdv2008.1.i586.rpm
 c70dce2212f9aea72985778558146e10  2008.1/i586/wireshark-tools-1.0.4-0.1mdv2008.1.i586.rpm 
 5447226b9e6b32d7a6699782fd789508  2008.1/SRPMS/wireshark-1.0.4-0.1mdv2008.1.src.rpm

References

• http://www.wireshark.org/security/wnpa-sec-2008-06.html
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4685
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4684
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4683
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4682
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4680
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4681