Package name
wireshark
Date
2013-12-20
Advisory ID
MDVSA-2013:296
Affected versions
MES5 i586 , MBS1 x86_64 , MES5 x86_64

Problem description

Multiple vulnerabilities was found and corrected in Wireshark:

The dissect_sip_common function in epan/dissectors/packet-sip.c in
the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before
1.10.4 does not check for empty lines, which allows remote attackers
to cause a denial of service (infinite loop) via a crafted packet
(CVE-2013-7112).

Multiple buffer overflows in the create_ntlmssp_v2_key function
in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in
Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote
attackers to cause a denial of service (application crash) via a long
domain name in a packet (CVE-2013-7114).

This advisory provides the latest version of Wireshark (1.8.12)
which is not vulnerable to these issues.

Updated packages

MES5 i586

 05f73378571d99273650b6774682fc8e  mes5/i586/dumpcap-1.8.12-0.1mdvmes5.2.i586.rpm
 d2aa2b554af6e1eb0c98a7dc96f1dd00  mes5/i586/libwireshark2-1.8.12-0.1mdvmes5.2.i586.rpm
 4ef7825b09b59ad81bb8be8a5c3486f1  mes5/i586/libwireshark-devel-1.8.12-0.1mdvmes5.2.i586.rpm
 b96d187a896962e2d318a8a9cf3e6e26  mes5/i586/rawshark-1.8.12-0.1mdvmes5.2.i586.rpm
 051e69463dfc3b881dd011c86730cdc5  mes5/i586/tshark-1.8.12-0.1mdvmes5.2.i586.rpm
 b2c7dd0593a2d496184bcbe78df8a151  mes5/i586/wireshark-1.8.12-0.1mdvmes5.2.i586.rpm
 4461a17599993a5305fc47fbb39a05d2  mes5/i586/wireshark-tools-1.8.12-0.1mdvmes5.2.i586.rpm 
 f8860655ea8d1114d9c9227599d26692  mes5/SRPMS/wireshark-1.8.12-0.1mdvmes5.2.src.rpm

MBS1 x86_64

 955e0a6249c135f9b6e3b96aea2ae806  mbs1/x86_64/dumpcap-1.8.12-1.mbs1.x86_64.rpm
 8c4e99d362feed33e3e95332e37a4810  mbs1/x86_64/lib64wireshark2-1.8.12-1.mbs1.x86_64.rpm
 08647aa2ec96939c83386d60513f4328  mbs1/x86_64/lib64wireshark-devel-1.8.12-1.mbs1.x86_64.rpm
 5edb13e8c2b09cb814057b8465bc4289  mbs1/x86_64/rawshark-1.8.12-1.mbs1.x86_64.rpm
 40cd9f258b064205b1362a13c379fc37  mbs1/x86_64/tshark-1.8.12-1.mbs1.x86_64.rpm
 3cca3507e5094fcf5fc190623ec1dea7  mbs1/x86_64/wireshark-1.8.12-1.mbs1.x86_64.rpm
 9bc0a2917bee5c2121789436a30654b1  mbs1/x86_64/wireshark-tools-1.8.12-1.mbs1.x86_64.rpm 
 367f97086f4e04b3cbaeb1e59c4749eb  mbs1/SRPMS/wireshark-1.8.12-1.mbs1.src.rpm

MES5 x86_64

 b9f1a1c7d98e15784b5fadf35f64b6f1  mes5/x86_64/dumpcap-1.8.12-0.1mdvmes5.2.x86_64.rpm
 eb6f8b1be3dabf8803048a09be29d960  mes5/x86_64/lib64wireshark2-1.8.12-0.1mdvmes5.2.x86_64.rpm
 32158c9f5e6bd64b2f907f62d9740261  mes5/x86_64/lib64wireshark-devel-1.8.12-0.1mdvmes5.2.x86_64.rpm
 4b5fbfca3a918dab1083471e8371b402  mes5/x86_64/rawshark-1.8.12-0.1mdvmes5.2.x86_64.rpm
 60329cc2a6d1eba976e418efe45f34e8  mes5/x86_64/tshark-1.8.12-0.1mdvmes5.2.x86_64.rpm
 a51cc8861bc84d65c9d9d7314fd7940a  mes5/x86_64/wireshark-1.8.12-0.1mdvmes5.2.x86_64.rpm
 7d821ad8b4eb42b38e54b4a3b50c653a  mes5/x86_64/wireshark-tools-1.8.12-0.1mdvmes5.2.x86_64.rpm 
 f8860655ea8d1114d9c9227599d26692  mes5/SRPMS/wireshark-1.8.12-0.1mdvmes5.2.src.rpm

References