[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1MArBN-00028m-1p@titan.mandriva.com>
Date: Sun, 31 May 2009 21:59:00 +0200
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2009:125 ] wireshark
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2009:125
http://www.mandriva.com/security/
_______________________________________________________________________
Package : wireshark
Date : May 31, 2009
Affected: 2008.1, 2009.0, 2009.1, Corporate 4.0
_______________________________________________________________________
Problem Description:
A vulnerability has been identified and corrected in wireshark:
o Unspecified vulnerability in the PCNFSD dissector in Wireshark
0.8.20 through 1.0.7 allows remote attackers to cause a denial of
service (crash) via crafted PCNFSD packets (CVE-2009-1829).
This update provides Wireshark 1.0.8, which is not vulnerable to
this issue.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1829
http://www.wireshark.org/security/wnpa-sec-2009-03.html
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2008.1:
a0d083f369bffd3dfa46aa1df793ced1 2008.1/i586/dumpcap-1.0.8-3.1mdv2008.1.i586.rpm
556318aacdfd7d48ad44a7191092acd6 2008.1/i586/libwireshark0-1.0.8-3.1mdv2008.1.i586.rpm
861b059fa767f485833ad7192ac5ca2c 2008.1/i586/libwireshark-devel-1.0.8-3.1mdv2008.1.i586.rpm
8c2b35c5dfd76a22eb346e42bbb34155 2008.1/i586/rawshark-1.0.8-3.1mdv2008.1.i586.rpm
348c0c15f2e855b4c7a0348d34ea09fe 2008.1/i586/tshark-1.0.8-3.1mdv2008.1.i586.rpm
6cdb4bcd35b66c7e7a22015335dd292f 2008.1/i586/wireshark-1.0.8-3.1mdv2008.1.i586.rpm
13b1982a9621bdc39d4d97afc45b8cd5 2008.1/i586/wireshark-tools-1.0.8-3.1mdv2008.1.i586.rpm
764d085469658662ac2911fa64ff3ddd 2008.1/SRPMS/wireshark-1.0.8-3.1mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64:
f81a7484841903392600faaf424c9b0f 2008.1/x86_64/dumpcap-1.0.8-3.1mdv2008.1.x86_64.rpm
4f702d98ddc5c0c856737c3c8218120a 2008.1/x86_64/lib64wireshark0-1.0.8-3.1mdv2008.1.x86_64.rpm
ba6fb67f3106d9e11d28c29c925bb79a 2008.1/x86_64/lib64wireshark-devel-1.0.8-3.1mdv2008.1.x86_64.rpm
b5017da51fd24e944f30753ff799a7dd 2008.1/x86_64/rawshark-1.0.8-3.1mdv2008.1.x86_64.rpm
5ea24ffef5972d5080cb986d0b7f8aa7 2008.1/x86_64/tshark-1.0.8-3.1mdv2008.1.x86_64.rpm
83d8494632a64f4184cad21f0ff2070a 2008.1/x86_64/wireshark-1.0.8-3.1mdv2008.1.x86_64.rpm
e446d9a365b467d17b829f156f88bcad 2008.1/x86_64/wireshark-tools-1.0.8-3.1mdv2008.1.x86_64.rpm
764d085469658662ac2911fa64ff3ddd 2008.1/SRPMS/wireshark-1.0.8-3.1mdv2008.1.src.rpm
Mandriva Linux 2009.0:
c601d5a72e97b879878a3d94d6b07682 2009.0/i586/dumpcap-1.0.8-3.1mdv2009.0.i586.rpm
cbc6e9bfe4055a4e3a486ad7d9d5d1d6 2009.0/i586/libwireshark0-1.0.8-3.1mdv2009.0.i586.rpm
7e15d3c389aec169bba4cbc3ca3e743e 2009.0/i586/libwireshark-devel-1.0.8-3.1mdv2009.0.i586.rpm
8b54b7755dc4c23d5c5aabce2cc8c93b 2009.0/i586/rawshark-1.0.8-3.1mdv2009.0.i586.rpm
4747a553908057b86c042759f78976ea 2009.0/i586/tshark-1.0.8-3.1mdv2009.0.i586.rpm
736173032c8f0dc38f358196f092429b 2009.0/i586/wireshark-1.0.8-3.1mdv2009.0.i586.rpm
e8aa27a3ca2cf82599fc4c84044ff5ba 2009.0/i586/wireshark-tools-1.0.8-3.1mdv2009.0.i586.rpm
2bae0ecb6b260cfe69f81afbcfe7ecb3 2009.0/SRPMS/wireshark-1.0.8-3.1mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64:
7878ec348dd2a4543d6704acf6847bf1 2009.0/x86_64/dumpcap-1.0.8-3.1mdv2009.0.x86_64.rpm
5bf724ce33c315dda9d419132cb5c3f7 2009.0/x86_64/lib64wireshark0-1.0.8-3.1mdv2009.0.x86_64.rpm
003c4fc644bbd55a5387a5840f071c2d 2009.0/x86_64/lib64wireshark-devel-1.0.8-3.1mdv2009.0.x86_64.rpm
bfe8072577a4ec90e189bdcf9c595347 2009.0/x86_64/rawshark-1.0.8-3.1mdv2009.0.x86_64.rpm
bdc71f63874e7d26bb38d2c0bb9e3704 2009.0/x86_64/tshark-1.0.8-3.1mdv2009.0.x86_64.rpm
ebeff9070be842e8f76d197fcd9ab63d 2009.0/x86_64/wireshark-1.0.8-3.1mdv2009.0.x86_64.rpm
87471e79b554ed396eafc35e38018cfe 2009.0/x86_64/wireshark-tools-1.0.8-3.1mdv2009.0.x86_64.rpm
2bae0ecb6b260cfe69f81afbcfe7ecb3 2009.0/SRPMS/wireshark-1.0.8-3.1mdv2009.0.src.rpm
Mandriva Linux 2009.1:
e78195d23cfe382e968c7d2c06640c0d 2009.1/i586/dumpcap-1.0.8-3mdv2009.1.i586.rpm
28f331ffb584965eaf6007c5e7cf1256 2009.1/i586/libwireshark0-1.0.8-3mdv2009.1.i586.rpm
d274ad81b779b568d29935701123c5fd 2009.1/i586/libwireshark-devel-1.0.8-3mdv2009.1.i586.rpm
dab42aa9f71d2f6f0027cd535a88212b 2009.1/i586/rawshark-1.0.8-3mdv2009.1.i586.rpm
7ed28537628436176c78efb085e83629 2009.1/i586/tshark-1.0.8-3mdv2009.1.i586.rpm
b493d446f0167ccd9c1aed81f64b14c7 2009.1/i586/wireshark-1.0.8-3mdv2009.1.i586.rpm
9edec3502b5a361ecbcdd03000d14689 2009.1/i586/wireshark-tools-1.0.8-3mdv2009.1.i586.rpm
461b4a5ca1fd68d46e6d9456284c39e7 2009.1/SRPMS/wireshark-1.0.8-3mdv2009.1.src.rpm
Mandriva Linux 2009.1/X86_64:
02025763727e6c694ea55db8c3fd754d 2009.1/x86_64/dumpcap-1.0.8-3mdv2009.1.x86_64.rpm
b33f175e526d24e581cbeffc1ece9371 2009.1/x86_64/lib64wireshark0-1.0.8-3mdv2009.1.x86_64.rpm
2fb1389b07e21d055527ee684bc263fe 2009.1/x86_64/lib64wireshark-devel-1.0.8-3mdv2009.1.x86_64.rpm
85b34b626b4c5a0be8a6c944965ac3e0 2009.1/x86_64/rawshark-1.0.8-3mdv2009.1.x86_64.rpm
ffe117f860faead25ad347ed5d336b98 2009.1/x86_64/tshark-1.0.8-3mdv2009.1.x86_64.rpm
e67dbdf2748bbfc4b0dbe91d3b8bbff1 2009.1/x86_64/wireshark-1.0.8-3mdv2009.1.x86_64.rpm
7c2f637c8a273e753c272f25ef440148 2009.1/x86_64/wireshark-tools-1.0.8-3mdv2009.1.x86_64.rpm
461b4a5ca1fd68d46e6d9456284c39e7 2009.1/SRPMS/wireshark-1.0.8-3mdv2009.1.src.rpm
Corporate 4.0:
46c96026ad73300946f6d7c256160191 corporate/4.0/i586/dumpcap-1.0.8-0.1.20060mlcs4.i586.rpm
8095cd428e357efe67e9aecf5eff3bb5 corporate/4.0/i586/libwireshark0-1.0.8-0.1.20060mlcs4.i586.rpm
851e5e1c57105d43cd5f2e7659cce886 corporate/4.0/i586/libwireshark-devel-1.0.8-0.1.20060mlcs4.i586.rpm
c39421d007b4a397cb5c04626fccef8a corporate/4.0/i586/rawshark-1.0.8-0.1.20060mlcs4.i586.rpm
21572778f06be23fbd859d7e752a450d corporate/4.0/i586/tshark-1.0.8-0.1.20060mlcs4.i586.rpm
7d6afaf2dcbdec6a0c749238cadd422b corporate/4.0/i586/wireshark-1.0.8-0.1.20060mlcs4.i586.rpm
fd6e04679d2563ae518e559349748ea9 corporate/4.0/i586/wireshark-tools-1.0.8-0.1.20060mlcs4.i586.rpm
b5caa7e71a222b9d003bd66101ff5d32 corporate/4.0/SRPMS/wireshark-1.0.8-0.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
357cb4dd412b86749cb1105703259065 corporate/4.0/x86_64/dumpcap-1.0.8-0.1.20060mlcs4.x86_64.rpm
93360b7b8ad11aa244088f794d0b17a0 corporate/4.0/x86_64/lib64wireshark0-1.0.8-0.1.20060mlcs4.x86_64.rpm
14dab007969de8318bc27ded09571863 corporate/4.0/x86_64/lib64wireshark-devel-1.0.8-0.1.20060mlcs4.x86_64.rpm
64fb873b96d4e67282783eecf010d3c9 corporate/4.0/x86_64/rawshark-1.0.8-0.1.20060mlcs4.x86_64.rpm
288acb4e17fb0796cc138399b6df73cf corporate/4.0/x86_64/tshark-1.0.8-0.1.20060mlcs4.x86_64.rpm
f6d2f4a3c693f6e2ff028eea0a3a452d corporate/4.0/x86_64/wireshark-1.0.8-0.1.20060mlcs4.x86_64.rpm
1387dcf8f2a7529f65fa1aeea949267f corporate/4.0/x86_64/wireshark-tools-1.0.8-0.1.20060mlcs4.x86_64.rpm
b5caa7e71a222b9d003bd66101ff5d32 corporate/4.0/SRPMS/wireshark-1.0.8-0.1.20060mlcs4.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFKIrTYmqjQ0CJFipgRAnzUAJ0aht7CM5phMz5Wun/sCLNOgVmTTACbBLiG
WSNu7y/3y/2EjyBTWm5bTK0=
=lOfV
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists