Package name
wireshark
Date
2012-08-16
Advisory ID
MDVSA-2012:134
Affected versions
2011 i586 , 2011 x86_64

Problem description

Multiple vulnerabilities was found and corrected in Wireshark:

The DCP ETSI dissector could trigger a zero division (CVE-2012-4285).

The MongoDB dissector could go into a large loop (CVE-2012-4287).

The XTP dissector could go into an infinite loop (CVE-2012-4288).

The AFP dissector could go into a large loop (CVE-2012-4289).

The RTPS2 dissector could overflow a buffer (CVE-2012-4296).

The GSM RLC MAC dissector could overflow a buffer (CVE-2012-4297).

The CIP dissector could exhaust system memory (CVE-2012-4291).

The STUN dissector could crash (CVE-2012-4292).

The EtherCAT Mailbox dissector could abort (CVE-2012-4293).

The CTDB dissector could go into a large loop (CVE-2012-4290).

This advisory provides the latest version of Wireshark (1.6.10)
which is not vulnerable to these issues.

Updated packages

2011 i586

 7f9b50d728f3677d600e2b3c5cf9e143  2011/i586/dumpcap-1.6.10-0.1-mdv2011.0.i586.rpm
 41abd4e3174bc66135b63c3ce413cd8b  2011/i586/libwireshark1-1.6.10-0.1-mdv2011.0.i586.rpm
 a4bf1c8d7782a041943931e03b9ec697  2011/i586/libwireshark-devel-1.6.10-0.1-mdv2011.0.i586.rpm
 4dbd471403d5fa43f773d451026927f3  2011/i586/rawshark-1.6.10-0.1-mdv2011.0.i586.rpm
 df238ceb7fce4e998831115aba7cb198  2011/i586/tshark-1.6.10-0.1-mdv2011.0.i586.rpm
 15ee012ac6dcbc61c98e1e6cf9f81f33  2011/i586/wireshark-1.6.10-0.1-mdv2011.0.i586.rpm
 3eb9c08e21a8d18c8fe2053112244260  2011/i586/wireshark-tools-1.6.10-0.1-mdv2011.0.i586.rpm 
 47f4c354b2c73e325e99d1f699d9b8c8  2011/SRPMS/wireshark-1.6.10-0.1.src.rpm

2011 x86_64

 0b3d330fc5721e9fe162d458aca0eb90  2011/x86_64/dumpcap-1.6.10-0.1-mdv2011.0.x86_64.rpm
 e2e642f3864a217f26d2f07ac0dc473a  2011/x86_64/lib64wireshark1-1.6.10-0.1-mdv2011.0.x86_64.rpm
 c73e6a0704ec32b2b10b2ec1dad3fa0b  2011/x86_64/lib64wireshark-devel-1.6.10-0.1-mdv2011.0.x86_64.rpm
 bdffe67b6ecf6a09035b74ba703def73  2011/x86_64/rawshark-1.6.10-0.1-mdv2011.0.x86_64.rpm
 9bedf4907301f42a94c7c9ab9114a9c2  2011/x86_64/tshark-1.6.10-0.1-mdv2011.0.x86_64.rpm
 9ea44005e04b88cbabe97d2ed75f2ed5  2011/x86_64/wireshark-1.6.10-0.1-mdv2011.0.x86_64.rpm
 506b0f9a80fdc7482b185c543669e331  2011/x86_64/wireshark-tools-1.6.10-0.1-mdv2011.0.x86_64.rpm 
 47f4c354b2c73e325e99d1f699d9b8c8  2011/SRPMS/wireshark-1.6.10-0.1.src.rpm

References