[ MDVSA-2009:058 ] wireshark

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: [ MDVSA-2009:058 ] wireshark
From: security@xxxxxxxxxxxx
Date: Fri, 27 Feb 2009 02:46:00 +0100
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Reply-to: <xsecurity@xxxxxxxxxxxx>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2009:058
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : wireshark
 Date    : February 26, 2009
 Affected: 2008.1, 2009.0, Corporate 4.0
 _______________________________________________________________________

 Problem Description:

 Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through
 1.0.5 allows user-assisted remote attackers to cause a denial
 of service (application crash) via a malformed NetScreen snoop
 file. (CVE-2009-0599)
 
 Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to
 cause a denial of service (application crash) via a crafted Tektronix
 K12 text capture file, as demonstrated by a file with exactly one
 frame. (CVE-2009-0600)
 
 Format string vulnerability in Wireshark 0.99.8 through 1.0.5
 on non-Windows platforms allows local users to cause a denial of
 service (application crash) via format string specifiers in the HOME
 environment variable. (CVE-2009-0601)
 
 This update provides Wireshark 1.0.6, which is not vulnerable to
 these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0599
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0600
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0601
 http://www.wireshark.org/security/wnpa-sec-2009-01.html
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2008.1:
 2d591a5772317d3587434424b8dc4a1d  
2008.1/i586/dumpcap-1.0.6-0.1mdv2008.1.i586.rpm
 bf65e163112b4dc5db4041c552823bcb  
2008.1/i586/libwireshark0-1.0.6-0.1mdv2008.1.i586.rpm
 80056b13d9146428645d6e67cb2ed8ea  
2008.1/i586/libwireshark-devel-1.0.6-0.1mdv2008.1.i586.rpm
 7923294ad925674ef116b6273835d8ef  
2008.1/i586/rawshark-1.0.6-0.1mdv2008.1.i586.rpm
 bd5a15d402a367058d61fd8dd6a2dcf9  
2008.1/i586/tshark-1.0.6-0.1mdv2008.1.i586.rpm
 5c7b0422b12d2eade1ce997de3766c6c  
2008.1/i586/wireshark-1.0.6-0.1mdv2008.1.i586.rpm
 d116f95d212119516dbca4bf1d353cf5  
2008.1/i586/wireshark-tools-1.0.6-0.1mdv2008.1.i586.rpm 
 2a31aab490fe670da93830f464154a48  
2008.1/SRPMS/wireshark-1.0.6-0.1mdv2008.1.src.rpm

 Mandriva Linux 2008.1/X86_64:
 b7213fd4bf53ad0cb41b5cc5ab1057df  
2008.1/x86_64/dumpcap-1.0.6-0.1mdv2008.1.x86_64.rpm
 4e3f14a549d66f199171d6f91aa28c68  
2008.1/x86_64/lib64wireshark0-1.0.6-0.1mdv2008.1.x86_64.rpm
 aa39e29909ed34d5df2f0c85ac560c8f  
2008.1/x86_64/lib64wireshark-devel-1.0.6-0.1mdv2008.1.x86_64.rpm
 ef92c97f74a2811daf7d874755dd7777  
2008.1/x86_64/rawshark-1.0.6-0.1mdv2008.1.x86_64.rpm
 ea555917cd20aba1f0b4114730ad9924  
2008.1/x86_64/tshark-1.0.6-0.1mdv2008.1.x86_64.rpm
 c74402d6323f6a72188f214d2d002ef2  
2008.1/x86_64/wireshark-1.0.6-0.1mdv2008.1.x86_64.rpm
 fa5e55f0a5934c2bae263e9151a40b16  
2008.1/x86_64/wireshark-tools-1.0.6-0.1mdv2008.1.x86_64.rpm 
 2a31aab490fe670da93830f464154a48  
2008.1/SRPMS/wireshark-1.0.6-0.1mdv2008.1.src.rpm

 Mandriva Linux 2009.0:
 c661639631224e605d41a2985af43c93  
2009.0/i586/dumpcap-1.0.6-0.1mdv2009.0.i586.rpm
 bb633c409ddb95d2e6f6826b6fd2be3d  
2009.0/i586/libwireshark0-1.0.6-0.1mdv2009.0.i586.rpm
 5d2f7434a1dd322259907d14caf90e11  
2009.0/i586/libwireshark-devel-1.0.6-0.1mdv2009.0.i586.rpm
 d32a3de9e13b83d991a2d6c8577f50c2  
2009.0/i586/rawshark-1.0.6-0.1mdv2009.0.i586.rpm
 bcdf64d0e05d0bb964c946c83bdd5353  
2009.0/i586/tshark-1.0.6-0.1mdv2009.0.i586.rpm
 3537cea11294e8d1dff87c15b933c622  
2009.0/i586/wireshark-1.0.6-0.1mdv2009.0.i586.rpm
 c5ef95f5eb5255e10ccc12bcb0c6d77a  
2009.0/i586/wireshark-tools-1.0.6-0.1mdv2009.0.i586.rpm 
 3efca295d42d9e1686b46ca1c020f8a2  
2009.0/SRPMS/wireshark-1.0.6-0.1mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 90cffab44fe29d55f527ab4b76b0a0d6  
2009.0/x86_64/dumpcap-1.0.6-0.1mdv2009.0.x86_64.rpm
 838159ecdc95655df014d17d04434297  
2009.0/x86_64/lib64wireshark0-1.0.6-0.1mdv2009.0.x86_64.rpm
 d3dba0b501696a634627540517693b62  
2009.0/x86_64/lib64wireshark-devel-1.0.6-0.1mdv2009.0.x86_64.rpm
 bf51f59064d3ce3dd2dafd6aaaa889df  
2009.0/x86_64/rawshark-1.0.6-0.1mdv2009.0.x86_64.rpm
 3e33480b37b90293e1fd77c33934b9d2  
2009.0/x86_64/tshark-1.0.6-0.1mdv2009.0.x86_64.rpm
 6a22be605ea9e2357c8c5f38a1d6cc78  
2009.0/x86_64/wireshark-1.0.6-0.1mdv2009.0.x86_64.rpm
 a73dd1ee57fee0b886beb0542bdd3baa  
2009.0/x86_64/wireshark-tools-1.0.6-0.1mdv2009.0.x86_64.rpm 
 3efca295d42d9e1686b46ca1c020f8a2  
2009.0/SRPMS/wireshark-1.0.6-0.1mdv2009.0.src.rpm

 Corporate 4.0:
 cd40c4762bd0c4b5ffafc5023809ac04  
corporate/4.0/i586/dumpcap-1.0.6-0.1.20060mlcs4.i586.rpm
 629aa56a60730449858656e1ea062b84  
corporate/4.0/i586/libwireshark0-1.0.6-0.1.20060mlcs4.i586.rpm
 e7674da06cff0db774a65d40c8407ce1  
corporate/4.0/i586/libwireshark-devel-1.0.6-0.1.20060mlcs4.i586.rpm
 76530bd71bb120b5325f9a09c39a2929  
corporate/4.0/i586/rawshark-1.0.6-0.1.20060mlcs4.i586.rpm
 baa49a07548d639f2cb19a73c5e0df2f  
corporate/4.0/i586/tshark-1.0.6-0.1.20060mlcs4.i586.rpm
 c08beac1b46a39cbc0a46f0d360ccc40  
corporate/4.0/i586/wireshark-1.0.6-0.1.20060mlcs4.i586.rpm
 9e1170ca14c27d0a9b9279eb317743ad  
corporate/4.0/i586/wireshark-tools-1.0.6-0.1.20060mlcs4.i586.rpm 
 dccd63a7f0c24d1ccbf5adac0374a460  
corporate/4.0/SRPMS/wireshark-1.0.6-0.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 7d416c1d4b061a7af12eb8ddff174685  
corporate/4.0/x86_64/dumpcap-1.0.6-0.1.20060mlcs4.x86_64.rpm
 2c08582bff18197181d7021f471235cc  
corporate/4.0/x86_64/lib64wireshark0-1.0.6-0.1.20060mlcs4.x86_64.rpm
 7128168a02a6dd0065d051a23992cdbe  
corporate/4.0/x86_64/lib64wireshark-devel-1.0.6-0.1.20060mlcs4.x86_64.rpm
 fee1072986b3bbbcacbe84a5def3513d  
corporate/4.0/x86_64/rawshark-1.0.6-0.1.20060mlcs4.x86_64.rpm
 c5a1394098d7c20613c51948b613ea2c  
corporate/4.0/x86_64/tshark-1.0.6-0.1.20060mlcs4.x86_64.rpm
 279ada1e7a929b5df0a2e0813ee37d38  
corporate/4.0/x86_64/wireshark-1.0.6-0.1.20060mlcs4.x86_64.rpm
 f28beac01c20e5d108d3390c07583918  
corporate/4.0/x86_64/wireshark-tools-1.0.6-0.1.20060mlcs4.x86_64.rpm 
 dccd63a7f0c24d1ccbf5adac0374a460  
corporate/4.0/SRPMS/wireshark-1.0.6-0.1.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFJpxmTmqjQ0CJFipgRAvn+AKDefbliY7WKwLriDdVzrbgoh3FkFQCfUqov
/+8NwA5cFnOJqNNg+MVuADw=
=fAWE
-----END PGP SIGNATURE-----

Prev by Date: djbdns misformats some long response packets; patch and example attack
Next by Date: VMSA-2009-0003 ESX 2.5.5 patch 12 updates service console package ed
Previous by thread: Re: djbdns misformats some long response packets; patch and example attack
Next by thread: VMSA-2009-0003 ESX 2.5.5 patch 12 updates service console package ed
Index(es):
- Date
- Thread