MDVSA-2011:164

Package name

wireshark

Date

2011-11-02

Advisory ID

MDVSA-2011:164

Affected versions

2011 i586 , 2011 x86_64

Problem description

This advisory updates wireshark to the latest version (1.6.3), fixing
several security issues:

An uninitialized variable in the CSN.1 dissector could cause a crash
(CVE-2011-4100).

Huzaifa Sidhpurwala of Red Hat Security Response Team discovered
that the Infiniband dissector could dereference a NULL pointer
(CVE-2011-4101).

Huzaifa Sidhpurwala of Red Hat Security Response Team discovered a
buffer overflow in the ERF file reader (CVE-2011-4102).

The updated packages have been upgraded to the latest 1.6.x version
(1.6.3) which is not vulnerable to these issues.

Updated packages

2011 i586

 0b5ac9722ad8eab01e3806d308c3e5be  2011/i586/dumpcap-1.6.3-0.1-mdv2011.0.i586.rpm
 6e19c82aa19d8f3538454e791efda914  2011/i586/libwireshark1-1.6.3-0.1-mdv2011.0.i586.rpm
 a65286ff617109423a548d3af675ce25  2011/i586/libwireshark-devel-1.6.3-0.1-mdv2011.0.i586.rpm
 a1a8effdebd29e525f4069e22d689599  2011/i586/rawshark-1.6.3-0.1-mdv2011.0.i586.rpm
 1eae86f6dc50df492f9da0098eb889ae  2011/i586/tshark-1.6.3-0.1-mdv2011.0.i586.rpm
 a3a78552342edfb562c9019dbf223cca  2011/i586/wireshark-1.6.3-0.1-mdv2011.0.i586.rpm
 77e7f551ef26d0bc667118091c77059e  2011/i586/wireshark-tools-1.6.3-0.1-mdv2011.0.i586.rpm 
 62f46aea01740a89b0cd31baf9ac82a1  2011/SRPMS/wireshark-1.6.3-0.1.src.rpm

2011 x86_64

 200c7fce5888bbd88badb78a757692df  2011/x86_64/dumpcap-1.6.3-0.1-mdv2011.0.x86_64.rpm
 2bbb9dd050ee7c7abf4022d67d886d41  2011/x86_64/lib64wireshark1-1.6.3-0.1-mdv2011.0.x86_64.rpm
 0fb9974d9a755593f5ec8977c22f25ac  2011/x86_64/lib64wireshark-devel-1.6.3-0.1-mdv2011.0.x86_64.rpm
 a16851c1d3f6444c6c8a2b0c56ad5570  2011/x86_64/rawshark-1.6.3-0.1-mdv2011.0.x86_64.rpm
 14565aa0dbc8261a969b983f0a93aea3  2011/x86_64/tshark-1.6.3-0.1-mdv2011.0.x86_64.rpm
 7257cfd3572e2fef8ee166abd3e7471f  2011/x86_64/wireshark-1.6.3-0.1-mdv2011.0.x86_64.rpm
 b06e4710c4d0e21bcd367a67cc7f1fb4  2011/x86_64/wireshark-tools-1.6.3-0.1-mdv2011.0.x86_64.rpm 
 62f46aea01740a89b0cd31baf9ac82a1  2011/SRPMS/wireshark-1.6.3-0.1.src.rpm

References

• http://www.wireshark.org/security/wnpa-sec-2011-18.html
• http://www.wireshark.org/security/wnpa-sec-2011-17.html
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4102
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4100
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4101
• http://www.wireshark.org/security/wnpa-sec-2011-19.html