MDVSA-2009:058 -- Mandriva wiresharkID: oval:org.secpod.oval:def:300958 | Date: (C)2012-01-07 (M)2022-11-04 |
Class: PATCH | Family: unix |
Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote attackers to cause a denial of service via a malformed NetScreen snoop file. Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service via a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly one frame. Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service via format string specifiers in the HOME environment variable. This update provides Wireshark 1.0.6, which is not vulnerable to these issues.
Platform: |
Mandriva Linux 2009.0 |
Mandriva Linux 2008.1 |