[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

MDVSA-2011:044 -- Mandriva wireshark

ID: oval:org.secpod.oval:def:300424Date: (C)2012-01-07   (M)2023-12-26
Class: PATCHFamily: unix




This advisory updates wireshark to the latest version , fixing several security issues: Wireshark 1.5.0, 1.4.3, and earlier frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a malformed file . Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file . wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service via a pcap-ng file that contains a large packet-length field . Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service via a crafted SMB or Connection-less LDAP packet . epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service via a long LDAP filter string or an LDAP filter string containing many elements . Stack consumption vulnerability in the dissect_ber_choice function in the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through 1.4.4 might allow remote attackers to cause a denial of service via vectors involving self-referential ASN.1 CHOICE values . The updated packages have been upgraded to the latest 1.2.x version and patched to correct these issues.

Platform:
Mandriva Linux 2010.0
Mandriva Linux 2010.1
Product:
wireshark
Reference:
MDVSA-2011:044
CVE-2011-1143
CVE-2011-1142
CVE-2011-1141
CVE-2011-1140
CVE-2011-1139
CVE-2011-0538
CVE-2011-0713
CVE    7
CVE-2011-1139
CVE-2011-0538
CVE-2011-0713
CVE-2011-1143
...
CPE    2
cpe:/o:mandriva:linux:2010.1
cpe:/o:mandriva:linux:2010.0

© SecPod Technologies