MDVSA-2009:058 -- Mandriva wireshark
|ID: oval:org.secpod.oval:def:300958||Date: (C)2012-01-07 (M)2017-10-04|
|Class: PATCH||Family: unix|
Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote attackers to cause a denial of service via a malformed NetScreen snoop file. Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service via a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly one frame. Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service via format string specifiers in the HOME environment variable. This update provides Wireshark 1.0.6, which is not vulnerable to these issues.
|Mandriva Linux 2009.0|
|Mandriva Linux 2008.1|