MDVSA-2011:083

Package name

wireshark

Date

2011-05-12

Advisory ID

MDVSA-2011:083

Affected versions

MES5 i586 , 2010.0 x86_64 , 2010.1 i586 , 2010.0 i586 , CS4.0 i586 , CS4.0 x86_64 , MES5 x86_64 , 2010.1 x86_64

Problem description

This advisory updates wireshark to the latest version (1.2.16),
fixing several security issues:

The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x
before 1.4.5 does not properly initialize certain global variables,
which allows remote attackers to cause a denial of service (application
crash) via a crafted .pcap file (CVE-2011-1590).

Stack-based buffer overflow in the DECT dissector in
epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows
remote attackers to execute arbitrary code via a crafted .pcap file
(CVE-2011-1591).

The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x
before 1.4.5 on Windows uses an incorrect integer data type during
decoding of SETCLIENTID calls, which allows remote attackers to cause
a denial of service (application crash) via a crafted .pcap file
(CVE-2011-1592).

The updated packages have been upgraded to the latest 1.2.x version
(1.2.16) which is not vulnerable to these issues.

Updated packages

MES5 i586

 e63b833575fa0433d323b5f793c4baac  mes5/i586/dumpcap-1.2.16-0.1mdvmes5.2.i586.rpm
 04dab36a3b05dd35622ceea2c7e163e6  mes5/i586/libwireshark0-1.2.16-0.1mdvmes5.2.i586.rpm
 c44f0bc075b6581a86e0b32c947b08b0  mes5/i586/libwireshark-devel-1.2.16-0.1mdvmes5.2.i586.rpm
 54c4fa786efdc086da2036dd2b179141  mes5/i586/rawshark-1.2.16-0.1mdvmes5.2.i586.rpm
 5e561f4430612f841e9a144ff97db32e  mes5/i586/tshark-1.2.16-0.1mdvmes5.2.i586.rpm
 1633ab89f96cdf58d76ec66c26e6ea3a  mes5/i586/wireshark-1.2.16-0.1mdvmes5.2.i586.rpm
 8d20bd293e3770f1740b965147fe73ab  mes5/i586/wireshark-tools-1.2.16-0.1mdvmes5.2.i586.rpm 
 e484e78f2d63a5c018c9e3afbba88ba2  mes5/SRPMS/wireshark-1.2.16-0.1mdvmes5.2.src.rpm

2010.0 x86_64

 6e8d8eb2c0902544079d3ead62d58678  2010.0/x86_64/dumpcap-1.2.16-0.1mdv2010.0.x86_64.rpm
 07ee55185a1dc8862aec25fed869485f  2010.0/x86_64/lib64wireshark0-1.2.16-0.1mdv2010.0.x86_64.rpm
 cac74e47a0f8b2e8f2a58515efb0aef7  2010.0/x86_64/lib64wireshark-devel-1.2.16-0.1mdv2010.0.x86_64.rpm
 4af3e8be251fd245166c9c164e62497f  2010.0/x86_64/rawshark-1.2.16-0.1mdv2010.0.x86_64.rpm
 31b5df98c2618af1659d81ee6b3589fc  2010.0/x86_64/tshark-1.2.16-0.1mdv2010.0.x86_64.rpm
 eea20f5ae3fe65b71dfd7379c780515c  2010.0/x86_64/wireshark-1.2.16-0.1mdv2010.0.x86_64.rpm
 6c97841450b5bd1e1038b0e867a73008  2010.0/x86_64/wireshark-tools-1.2.16-0.1mdv2010.0.x86_64.rpm 
 9267be0104600200a1ac7b8dcf6672f5  2010.0/SRPMS/wireshark-1.2.16-0.1mdv2010.0.src.rpm

2010.1 i586

 343907ede3e21d5787be8824d6edcc80  2010.1/i586/dumpcap-1.2.16-0.1mdv2010.2.i586.rpm
 90c2fc8cddd4ef897a6e6e5b3ef2c066  2010.1/i586/libwireshark0-1.2.16-0.1mdv2010.2.i586.rpm
 1f6fc405ab5ae97b89cbd632059b48e5  2010.1/i586/libwireshark-devel-1.2.16-0.1mdv2010.2.i586.rpm
 426f850b66a0298066cda626ca1cd432  2010.1/i586/rawshark-1.2.16-0.1mdv2010.2.i586.rpm
 056227eb81a5e506dcde5b95923cd341  2010.1/i586/tshark-1.2.16-0.1mdv2010.2.i586.rpm
 86fb33388710ed3d08967c514c8ab25d  2010.1/i586/wireshark-1.2.16-0.1mdv2010.2.i586.rpm
 7dea3da2061f08eb9510ee713e41d26f  2010.1/i586/wireshark-tools-1.2.16-0.1mdv2010.2.i586.rpm 
 64f8b99b3eb288f4553c55469ccf6edf  2010.1/SRPMS/wireshark-1.2.16-0.1mdv2010.2.src.rpm

2010.0 i586

 ce52dd0e89fe2e385a659825460edca9  2010.0/i586/dumpcap-1.2.16-0.1mdv2010.0.i586.rpm
 91ffe9960b24b0d66ab4c7967aea0da8  2010.0/i586/libwireshark0-1.2.16-0.1mdv2010.0.i586.rpm
 7660240ac8dfdcf06090835d43a20328  2010.0/i586/libwireshark-devel-1.2.16-0.1mdv2010.0.i586.rpm
 6a6a6f06b1a658bded5854b9dc5abfce  2010.0/i586/rawshark-1.2.16-0.1mdv2010.0.i586.rpm
 b4449efd8f0aa2bc4efa2d6c0ed567f2  2010.0/i586/tshark-1.2.16-0.1mdv2010.0.i586.rpm
 b33adf3885df69a642ee9790a4cb52ff  2010.0/i586/wireshark-1.2.16-0.1mdv2010.0.i586.rpm
 c02d4845b02d0ea52cf6f6dcba9d4db4  2010.0/i586/wireshark-tools-1.2.16-0.1mdv2010.0.i586.rpm 
 9267be0104600200a1ac7b8dcf6672f5  2010.0/SRPMS/wireshark-1.2.16-0.1mdv2010.0.src.rpm

CS4.0 i586

 a69827ff3c21384f271cd731412c4430  corporate/4.0/i586/dumpcap-1.2.16-0.1.20060mlcs4.i586.rpm
 4ecdcbf70587de75f592a03ca761e7dd  corporate/4.0/i586/libwireshark0-1.2.16-0.1.20060mlcs4.i586.rpm
 ed2aa89f2a2aab3653967deb506db887  corporate/4.0/i586/libwireshark-devel-1.2.16-0.1.20060mlcs4.i586.rpm
 0898a45c9d84ae350b2d1459bf138202  corporate/4.0/i586/rawshark-1.2.16-0.1.20060mlcs4.i586.rpm
 3e84772e55704d394938366dd84ec893  corporate/4.0/i586/tshark-1.2.16-0.1.20060mlcs4.i586.rpm
 3f965ee985c45d0260ac5c68ccd02e8d  corporate/4.0/i586/wireshark-1.2.16-0.1.20060mlcs4.i586.rpm
 68ca555b3318b7f0535302eda1d15677  corporate/4.0/i586/wireshark-tools-1.2.16-0.1.20060mlcs4.i586.rpm 
 398fb02a99f6403ec5544cd67202fada  corporate/4.0/SRPMS/wireshark-1.2.16-0.1.20060mlcs4.src.rpm

CS4.0 x86_64

 b954d225ad5c758763cf58f214fa6a3d  corporate/4.0/x86_64/dumpcap-1.2.16-0.1.20060mlcs4.x86_64.rpm
 c4a34e696ad75d13a654b2fb12fe2d8c  corporate/4.0/x86_64/lib64wireshark0-1.2.16-0.1.20060mlcs4.x86_64.rpm
 84363d6f92b894a9d8b7017fad5f34c0  corporate/4.0/x86_64/lib64wireshark-devel-1.2.16-0.1.20060mlcs4.x86_64.rpm
 410d24c1ebcc2756a5bed5f0398d0fa5  corporate/4.0/x86_64/rawshark-1.2.16-0.1.20060mlcs4.x86_64.rpm
 c858c8141c49cb5f24958285aa95248d  corporate/4.0/x86_64/tshark-1.2.16-0.1.20060mlcs4.x86_64.rpm
 9cfdba3bc24c4cd3fc165340eb3a3970  corporate/4.0/x86_64/wireshark-1.2.16-0.1.20060mlcs4.x86_64.rpm
 82c157eb0ba46931b7a79d24dd87b414  corporate/4.0/x86_64/wireshark-tools-1.2.16-0.1.20060mlcs4.x86_64.rpm 
 398fb02a99f6403ec5544cd67202fada  corporate/4.0/SRPMS/wireshark-1.2.16-0.1.20060mlcs4.src.rpm

MES5 x86_64

 f21561b6ad51f07d80f2329eb9d3c9b6  mes5/x86_64/dumpcap-1.2.16-0.1mdvmes5.2.x86_64.rpm
 014afb1b8188a15048f1dc70012d296f  mes5/x86_64/lib64wireshark0-1.2.16-0.1mdvmes5.2.x86_64.rpm
 8b539d0361dc0b0a2ddfb10a369f26d1  mes5/x86_64/lib64wireshark-devel-1.2.16-0.1mdvmes5.2.x86_64.rpm
 6f3e9f63fd1eca753720d37c232f7c6d  mes5/x86_64/rawshark-1.2.16-0.1mdvmes5.2.x86_64.rpm
 de70d4dc7dfa466d80ad79b9114046c8  mes5/x86_64/tshark-1.2.16-0.1mdvmes5.2.x86_64.rpm
 d4e1a9453effbb5324fafd6a9ca8dcd1  mes5/x86_64/wireshark-1.2.16-0.1mdvmes5.2.x86_64.rpm
 03d0d4fa8407616e53759c4f842c3061  mes5/x86_64/wireshark-tools-1.2.16-0.1mdvmes5.2.x86_64.rpm 
 e484e78f2d63a5c018c9e3afbba88ba2  mes5/SRPMS/wireshark-1.2.16-0.1mdvmes5.2.src.rpm

2010.1 x86_64

 52e98d93947ec39bb36997baf7d95e3f  2010.1/x86_64/dumpcap-1.2.16-0.1mdv2010.2.x86_64.rpm
 f86e42d466f72559510182ec49d1ca04  2010.1/x86_64/lib64wireshark0-1.2.16-0.1mdv2010.2.x86_64.rpm
 17bf8cf149d8639e2acef12633b3ae5e  2010.1/x86_64/lib64wireshark-devel-1.2.16-0.1mdv2010.2.x86_64.rpm
 5d7f97b0186213d477e51efda39d5c3e  2010.1/x86_64/rawshark-1.2.16-0.1mdv2010.2.x86_64.rpm
 056ca1af6fff8f56fad1caae33c67691  2010.1/x86_64/tshark-1.2.16-0.1mdv2010.2.x86_64.rpm
 a49f98d9310bf9a6353a084a47f92b66  2010.1/x86_64/wireshark-1.2.16-0.1mdv2010.2.x86_64.rpm
 fe2fe64671b0ec435edbbb28bae5adaf  2010.1/x86_64/wireshark-tools-1.2.16-0.1mdv2010.2.x86_64.rpm 
 64f8b99b3eb288f4553c55469ccf6edf  2010.1/SRPMS/wireshark-1.2.16-0.1mdv2010.2.src.rpm

References

• http://www.wireshark.org/docs/relnotes/wireshark-1.2.16.html
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1592
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1590
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1591