exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2012-080

Mandriva Linux Security Advisory 2012-080
Posted May 24, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-080 - It may be possible to make Wireshark hang for long or indefinite periods by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.

tags | advisory
systems | linux, mandriva
SHA-256 | 10a172fbdd9a1956fcadc521595975f06bf508f0c5f7cc83e8e96be95744ada7

Mandriva Linux Security Advisory 2012-080

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2012:080
http://www.mandriva.com/security/
_______________________________________________________________________

Package : wireshark
Date : May 23, 2012
Affected: 2011.
_______________________________________________________________________

Problem Description:

Multiple vulnerabilities was found and corrected in Wireshark:

It may be possible to make Wireshark hang for long or indefinite
periods by injecting a malformed packet onto the wire or by convincing
someone to read a malformed packet trace file.

It may be possible to make Wireshark crash by injecting a malformed
packet onto the wire or by convincing someone to read a malformed
packet trace file.

This advisory provides the latest version of Wireshark (1.6.8) which
is not vulnerable to these issues.
_______________________________________________________________________

References:

http://www.wireshark.org/security/wnpa-sec-2012-08.html
http://www.wireshark.org/security/wnpa-sec-2012-09.html
http://www.wireshark.org/security/wnpa-sec-2012-10.html
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2011:
16a577c0711df7fc568696402109d6b4 2011/i586/dumpcap-1.6.8-0.1-mdv2011.0.i586.rpm
eada57c1d6f02e7ebf14fbb3789c5bbe 2011/i586/libwireshark1-1.6.8-0.1-mdv2011.0.i586.rpm
e9e98acba88c6ee3ab1d2e51536463aa 2011/i586/libwireshark-devel-1.6.8-0.1-mdv2011.0.i586.rpm
8017f3883e54db24eeee1e0f7b3c820f 2011/i586/rawshark-1.6.8-0.1-mdv2011.0.i586.rpm
bc33e60ea854669c81652090880c430b 2011/i586/tshark-1.6.8-0.1-mdv2011.0.i586.rpm
52cc8b37b569f8bc31800eacf347a7bd 2011/i586/wireshark-1.6.8-0.1-mdv2011.0.i586.rpm
b8cd1dca05b43e22accf8cd4a1517946 2011/i586/wireshark-tools-1.6.8-0.1-mdv2011.0.i586.rpm
c7678d090d491738155aa4bb6ae2b09d 2011/SRPMS/wireshark-1.6.8-0.1.src.rpm

Mandriva Linux 2011/X86_64:
25b79e5781f78e7c7a0f239406ad3a5a 2011/x86_64/dumpcap-1.6.8-0.1-mdv2011.0.x86_64.rpm
851832cf2439b688a491620ec43318ce 2011/x86_64/lib64wireshark1-1.6.8-0.1-mdv2011.0.x86_64.rpm
6c659fbff4840bc333d90e4d72a656eb 2011/x86_64/lib64wireshark-devel-1.6.8-0.1-mdv2011.0.x86_64.rpm
9b37711290f16de47b594397de980256 2011/x86_64/rawshark-1.6.8-0.1-mdv2011.0.x86_64.rpm
2aa4ab2ba5d5b4f914b91b7d0e608c15 2011/x86_64/tshark-1.6.8-0.1-mdv2011.0.x86_64.rpm
86cdbf15b98aaacb3d42bb43dfdf2c8f 2011/x86_64/wireshark-1.6.8-0.1-mdv2011.0.x86_64.rpm
d72665f272867ca3d4af106c1a751f91 2011/x86_64/wireshark-tools-1.6.8-0.1-mdv2011.0.x86_64.rpm
c7678d090d491738155aa4bb6ae2b09d 2011/SRPMS/wireshark-1.6.8-0.1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFPvM7pmqjQ0CJFipgRAgddAJ9vTgXP+6YXzxHaP3OflVdGXI5O6ACeKc+9
Q9lNj2Y7agvEy1+p9wOy+Nw=
=BGJY
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close