Package name
wireshark
Date
2012-08-06
Advisory ID
MDVSA-2012:125
Affected versions
MES5 i586 , 2011 i586 , MES5 x86_64 , 2011 x86_64

Problem description

Multiple vulnerabilities was found and corrected in Wireshark:

It may be possible to make Wireshark crash by injecting a malformed
packet onto the wire or by convincing someone to read a malformed
packet trace file (CVE-2012-4048).

It may be possible to make Wireshark consume excessive CPU resources
by injecting a malformed packet onto the wire or by convincing someone
to read a malformed packet trace file (CVE-2012-4049).

This advisory provides the latest versiona of Wireshark (1.4.14,
1.6.8) which is not vulnerable to these issues.

Updated packages

MES5 i586

 16739c56347a27bc2ec7aabb2be8bd0f  mes5/i586/dumpcap-1.4.14-0.1mdvmes5.2.i586.rpm
 2e2b32f8a0353d40a845305a6d4358a6  mes5/i586/libwireshark0-1.4.14-0.1mdvmes5.2.i586.rpm
 f45141ca30f2a5e3eab17e2be47db83f  mes5/i586/libwireshark-devel-1.4.14-0.1mdvmes5.2.i586.rpm
 8687707fa691ecc28820a9530b999e7b  mes5/i586/rawshark-1.4.14-0.1mdvmes5.2.i586.rpm
 74f48956f17a1d8c2ae979e16266d192  mes5/i586/tshark-1.4.14-0.1mdvmes5.2.i586.rpm
 d67c8fe15fb4cb1adfe382ec1de560ed  mes5/i586/wireshark-1.4.14-0.1mdvmes5.2.i586.rpm
 b30607a3a748fd366b9b4e0633c9b73e  mes5/i586/wireshark-tools-1.4.14-0.1mdvmes5.2.i586.rpm 
 392f5a6307f5b89f4c76778e55b70ba6  mes5/SRPMS/wireshark-1.4.14-0.1mdvmes5.2.src.rpm

2011 i586

 f3ffccbd9181351dae1d2c0b758cbf37  2011/i586/dumpcap-1.6.9-0.1-mdv2011.0.i586.rpm
 2e4f9f20e5700174f5fca72fe971e7f4  2011/i586/libwireshark1-1.6.9-0.1-mdv2011.0.i586.rpm
 4cfcdf10019b8acd1c31463bdd197e23  2011/i586/libwireshark-devel-1.6.9-0.1-mdv2011.0.i586.rpm
 07fcde7006fe2e37a5750f9315ec3d2c  2011/i586/rawshark-1.6.9-0.1-mdv2011.0.i586.rpm
 959a554376c637f102c9554857f8e6d8  2011/i586/tshark-1.6.9-0.1-mdv2011.0.i586.rpm
 3268efef55ceeec0c7bd92fa6cc88aff  2011/i586/wireshark-1.6.9-0.1-mdv2011.0.i586.rpm
 bab97929a14abe2ad00304666ec8b245  2011/i586/wireshark-tools-1.6.9-0.1-mdv2011.0.i586.rpm 
 1030bf8c8d4d1cbcc94311783ef024ed  2011/SRPMS/wireshark-1.6.9-0.1.src.rpm

MES5 x86_64

 4ebd9a744ae2b266acb47151f99fb5e3  mes5/x86_64/dumpcap-1.4.14-0.1mdvmes5.2.x86_64.rpm
 5db432a062c8a779db4b91ca0936afca  mes5/x86_64/lib64wireshark0-1.4.14-0.1mdvmes5.2.x86_64.rpm
 abd972eb433c6953ffde0f729d3db2d4  mes5/x86_64/lib64wireshark-devel-1.4.14-0.1mdvmes5.2.x86_64.rpm
 dcd1f95845241b0185881b4dc3c03926  mes5/x86_64/rawshark-1.4.14-0.1mdvmes5.2.x86_64.rpm
 1f6e17dca6e5341abbcb023ccfcd2279  mes5/x86_64/tshark-1.4.14-0.1mdvmes5.2.x86_64.rpm
 fbdadf4ffd48a6b0a9055180a9b29f08  mes5/x86_64/wireshark-1.4.14-0.1mdvmes5.2.x86_64.rpm
 00854c699d93b24b7a6e1d884e8c534a  mes5/x86_64/wireshark-tools-1.4.14-0.1mdvmes5.2.x86_64.rpm 
 392f5a6307f5b89f4c76778e55b70ba6  mes5/SRPMS/wireshark-1.4.14-0.1mdvmes5.2.src.rpm

2011 x86_64

 55643125eac0aa52d7aefc3c79865aca  2011/x86_64/dumpcap-1.6.9-0.1-mdv2011.0.x86_64.rpm
 de6d050196f470c2957b7f029f244fa0  2011/x86_64/lib64wireshark1-1.6.9-0.1-mdv2011.0.x86_64.rpm
 7a118e7b16666246e012925f82089a3a  2011/x86_64/lib64wireshark-devel-1.6.9-0.1-mdv2011.0.x86_64.rpm
 8a1e82c5eeb39601b4bc1a84b2e7b3dc  2011/x86_64/rawshark-1.6.9-0.1-mdv2011.0.x86_64.rpm
 ecf48e205ae56a633ebba9aee42c2652  2011/x86_64/tshark-1.6.9-0.1-mdv2011.0.x86_64.rpm
 769dbbba44184f7688d65c7796c9a09a  2011/x86_64/wireshark-1.6.9-0.1-mdv2011.0.x86_64.rpm
 874c594675dd32c845b4ca2f7906ebf6  2011/x86_64/wireshark-tools-1.6.9-0.1-mdv2011.0.x86_64.rpm 
 1030bf8c8d4d1cbcc94311783ef024ed  2011/SRPMS/wireshark-1.6.9-0.1.src.rpm

References