MDVSA-2013:296 -- Mandriva wiresharkID: oval:org.secpod.oval:def:1300256 | Date: (C)2014-01-17 (M)2023-12-07 |
Class: PATCH | Family: unix |
Multiple vulnerabilities was found and corrected in Wireshark: The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service via a crafted packet . Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote attackers to cause a denial of service via a long domain name in a packet . This advisory provides the latest version of Wireshark which is not vulnerable to these issues.
Platform: |
Mandriva Enterprise Server 5.2 |