MDVSA-2009:292

Nom du paquet

wireshark

Date

2009-11-03

Advisory ID

MDVSA-2009:292

Affected versions

MES5 i586 , 2009.1 i586 , 2009.1 x86_64 , CS4.0 i586 , CS4.0 x86_64 , MES5 x86_64

Problem description

Vulnerabilities have been discovered and corrected in wireshark,
affecting DCERPC/NT dissector, which allows remote attackers to cause
a denial of service (NULL pointer dereference and application crash)
via a file that records a malformed packet trace (CVE-2009-3550); and
in wiretap/erf.c which allows remote attackers to execute arbitrary
code or cause a denial of service (application crash) via a crafted
erf file (CVE-2009-3829).

The wireshark package has been updated to fix these vulnerabilities.

Updated packages

MES5 i586

 acb7f0ef708faabc4f8a0107413581ba  mes5/i586/dumpcap-1.0.10-0.1mdvmes5.i586.rpm
 89771916a201d1877a4e6b3979c9382a  mes5/i586/libwireshark0-1.0.10-0.1mdvmes5.i586.rpm
 441055d1c582709fe952c66b0cf0bb3e  mes5/i586/libwireshark-devel-1.0.10-0.1mdvmes5.i586.rpm
 8fcc2774a57fe38b3d93ca2be71d485a  mes5/i586/rawshark-1.0.10-0.1mdvmes5.i586.rpm
 c2c3e70bffbb284c180d38e59ed78647  mes5/i586/tshark-1.0.10-0.1mdvmes5.i586.rpm
 a27530dc435f220afad5a0fa66477210  mes5/i586/wireshark-1.0.10-0.1mdvmes5.i586.rpm
 3f9f26f368c18086672e723566960fd1  mes5/i586/wireshark-tools-1.0.10-0.1mdvmes5.i586.rpm 
 8161692312392406d4105dc57fc5e2b6  mes5/SRPMS/wireshark-1.0.10-0.1mdvmes5.src.rpm

2009.1 i586

 9776a5ff48251ff4014a284803f8eedb  2009.1/i586/dumpcap-1.0.10-0.1mdv2009.1.i586.rpm
 5763243f9b6de3e0eb998683eb157e37  2009.1/i586/libwireshark0-1.0.10-0.1mdv2009.1.i586.rpm
 615c1f912fcae0f63c14046c7292305e  2009.1/i586/libwireshark-devel-1.0.10-0.1mdv2009.1.i586.rpm
 fc8c67f248b0039c0006220456f7d0dc  2009.1/i586/rawshark-1.0.10-0.1mdv2009.1.i586.rpm
 be03c1c1e06412b5603dc65f1632b18a  2009.1/i586/tshark-1.0.10-0.1mdv2009.1.i586.rpm
 4da9966e690a238eecbe215bfce9fe8a  2009.1/i586/wireshark-1.0.10-0.1mdv2009.1.i586.rpm
 5ce93f8c9af2127d3255a87c0ea8503b  2009.1/i586/wireshark-tools-1.0.10-0.1mdv2009.1.i586.rpm 
 d705f70a10051311f0ccfc14e5a587af  2009.1/SRPMS/wireshark-1.0.10-0.1mdv2009.1.src.rpm

2009.1 x86_64

 ab53926e26b33237cd48aedacd0f6260  2009.1/x86_64/dumpcap-1.0.10-0.1mdv2009.1.x86_64.rpm
 4d167d0401af7c55904fd0e4bf4d5a09  2009.1/x86_64/lib64wireshark0-1.0.10-0.1mdv2009.1.x86_64.rpm
 38c8c81a64a488965f397ac55aca4f0d  2009.1/x86_64/lib64wireshark-devel-1.0.10-0.1mdv2009.1.x86_64.rpm
 0dd651556a433aae58a1d3311dbeacf4  2009.1/x86_64/rawshark-1.0.10-0.1mdv2009.1.x86_64.rpm
 4e3b3d843fc38637fb5fcb505516a444  2009.1/x86_64/tshark-1.0.10-0.1mdv2009.1.x86_64.rpm
 f5d7864ae57e97d98abfd1d0da2c601b  2009.1/x86_64/wireshark-1.0.10-0.1mdv2009.1.x86_64.rpm
 e241a5747541de4b35cb884a3a2a2e09  2009.1/x86_64/wireshark-tools-1.0.10-0.1mdv2009.1.x86_64.rpm 
 d705f70a10051311f0ccfc14e5a587af  2009.1/SRPMS/wireshark-1.0.10-0.1mdv2009.1.src.rpm

CS4.0 i586

 00f7f312ecb50337a61e8aa226351f0f  corporate/4.0/i586/dumpcap-1.0.10-0.1.20060mlcs4.i586.rpm
 397831075a172aa09914b851978764c0  corporate/4.0/i586/libwireshark0-1.0.10-0.1.20060mlcs4.i586.rpm
 38c43d3e4c53be9afdf63e25f81022cd  corporate/4.0/i586/libwireshark-devel-1.0.10-0.1.20060mlcs4.i586.rpm
 7fb8b1da94b58a405fc248c91a46710a  corporate/4.0/i586/rawshark-1.0.10-0.1.20060mlcs4.i586.rpm
 275f67bd5a9c81d2fa681802b17ff148  corporate/4.0/i586/tshark-1.0.10-0.1.20060mlcs4.i586.rpm
 6512854ec097ba7abd54f8fa216f6e47  corporate/4.0/i586/wireshark-1.0.10-0.1.20060mlcs4.i586.rpm
 0de613b7620d731af50e2f952311e0d4  corporate/4.0/i586/wireshark-tools-1.0.10-0.1.20060mlcs4.i586.rpm 
 29284ce6df7107031ab98a27eca0a1c5  corporate/4.0/SRPMS/wireshark-1.0.10-0.1.20060mlcs4.src.rpm

CS4.0 x86_64

 22ef3658492b8bf0222b00a213b33ddb  corporate/4.0/x86_64/dumpcap-1.0.10-0.1.20060mlcs4.x86_64.rpm
 c907ebb1ffd142898a65e4df8c4b98ae  corporate/4.0/x86_64/lib64wireshark0-1.0.10-0.1.20060mlcs4.x86_64.rpm
 a61af49a91c9313aa48911240f11b878  corporate/4.0/x86_64/lib64wireshark-devel-1.0.10-0.1.20060mlcs4.x86_64.rpm
 c7c476849dd061df9caa056ee435486c  corporate/4.0/x86_64/rawshark-1.0.10-0.1.20060mlcs4.x86_64.rpm
 06ea86736d32c321e0f6db14c71eec31  corporate/4.0/x86_64/tshark-1.0.10-0.1.20060mlcs4.x86_64.rpm
 1a866f965de14960eec591b4ef91fdb3  corporate/4.0/x86_64/wireshark-1.0.10-0.1.20060mlcs4.x86_64.rpm
 619b8cd611129692d4b6948121311336  corporate/4.0/x86_64/wireshark-tools-1.0.10-0.1.20060mlcs4.x86_64.rpm 
 29284ce6df7107031ab98a27eca0a1c5  corporate/4.0/SRPMS/wireshark-1.0.10-0.1.20060mlcs4.src.rpm

MES5 x86_64

 98dfad4d56c40915a2d2b5dd35f21962  mes5/x86_64/dumpcap-1.0.10-0.1mdvmes5.x86_64.rpm
 337bda567ca9396d3efdcf80d2b816fb  mes5/x86_64/lib64wireshark0-1.0.10-0.1mdvmes5.x86_64.rpm
 f46f021b8985694bef66063606f7b6f1  mes5/x86_64/lib64wireshark-devel-1.0.10-0.1mdvmes5.x86_64.rpm
 4858f505a59f1fc0f6cf328dc7079c37  mes5/x86_64/rawshark-1.0.10-0.1mdvmes5.x86_64.rpm
 b78c0346f33b1a5d365be74b7b7613c6  mes5/x86_64/tshark-1.0.10-0.1mdvmes5.x86_64.rpm
 7e0257e5e30b86c2adc8963d750971d6  mes5/x86_64/wireshark-1.0.10-0.1mdvmes5.x86_64.rpm
 ee4107ff89ccf88aed9228869bfc2080  mes5/x86_64/wireshark-tools-1.0.10-0.1mdvmes5.x86_64.rpm 
 8161692312392406d4105dc57fc5e2b6  mes5/SRPMS/wireshark-1.0.10-0.1mdvmes5.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3829
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3550