lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1MArBN-00028m-1p@titan.mandriva.com>
Date: Sun, 31 May 2009 21:59:00 +0200
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2009:125 ] wireshark


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2009:125
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : wireshark
 Date    : May 31, 2009
 Affected: 2008.1, 2009.0, 2009.1, Corporate 4.0
 _______________________________________________________________________

 Problem Description:

 A vulnerability has been identified and corrected in wireshark:
 
 o Unspecified vulnerability in the PCNFSD dissector in Wireshark
 0.8.20 through 1.0.7 allows remote attackers to cause a denial of
 service (crash) via crafted PCNFSD packets (CVE-2009-1829).
 
 This update provides Wireshark 1.0.8, which is not vulnerable to
 this issue.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1829
 http://www.wireshark.org/security/wnpa-sec-2009-03.html
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2008.1:
 a0d083f369bffd3dfa46aa1df793ced1  2008.1/i586/dumpcap-1.0.8-3.1mdv2008.1.i586.rpm
 556318aacdfd7d48ad44a7191092acd6  2008.1/i586/libwireshark0-1.0.8-3.1mdv2008.1.i586.rpm
 861b059fa767f485833ad7192ac5ca2c  2008.1/i586/libwireshark-devel-1.0.8-3.1mdv2008.1.i586.rpm
 8c2b35c5dfd76a22eb346e42bbb34155  2008.1/i586/rawshark-1.0.8-3.1mdv2008.1.i586.rpm
 348c0c15f2e855b4c7a0348d34ea09fe  2008.1/i586/tshark-1.0.8-3.1mdv2008.1.i586.rpm
 6cdb4bcd35b66c7e7a22015335dd292f  2008.1/i586/wireshark-1.0.8-3.1mdv2008.1.i586.rpm
 13b1982a9621bdc39d4d97afc45b8cd5  2008.1/i586/wireshark-tools-1.0.8-3.1mdv2008.1.i586.rpm 
 764d085469658662ac2911fa64ff3ddd  2008.1/SRPMS/wireshark-1.0.8-3.1mdv2008.1.src.rpm

 Mandriva Linux 2008.1/X86_64:
 f81a7484841903392600faaf424c9b0f  2008.1/x86_64/dumpcap-1.0.8-3.1mdv2008.1.x86_64.rpm
 4f702d98ddc5c0c856737c3c8218120a  2008.1/x86_64/lib64wireshark0-1.0.8-3.1mdv2008.1.x86_64.rpm
 ba6fb67f3106d9e11d28c29c925bb79a  2008.1/x86_64/lib64wireshark-devel-1.0.8-3.1mdv2008.1.x86_64.rpm
 b5017da51fd24e944f30753ff799a7dd  2008.1/x86_64/rawshark-1.0.8-3.1mdv2008.1.x86_64.rpm
 5ea24ffef5972d5080cb986d0b7f8aa7  2008.1/x86_64/tshark-1.0.8-3.1mdv2008.1.x86_64.rpm
 83d8494632a64f4184cad21f0ff2070a  2008.1/x86_64/wireshark-1.0.8-3.1mdv2008.1.x86_64.rpm
 e446d9a365b467d17b829f156f88bcad  2008.1/x86_64/wireshark-tools-1.0.8-3.1mdv2008.1.x86_64.rpm 
 764d085469658662ac2911fa64ff3ddd  2008.1/SRPMS/wireshark-1.0.8-3.1mdv2008.1.src.rpm

 Mandriva Linux 2009.0:
 c601d5a72e97b879878a3d94d6b07682  2009.0/i586/dumpcap-1.0.8-3.1mdv2009.0.i586.rpm
 cbc6e9bfe4055a4e3a486ad7d9d5d1d6  2009.0/i586/libwireshark0-1.0.8-3.1mdv2009.0.i586.rpm
 7e15d3c389aec169bba4cbc3ca3e743e  2009.0/i586/libwireshark-devel-1.0.8-3.1mdv2009.0.i586.rpm
 8b54b7755dc4c23d5c5aabce2cc8c93b  2009.0/i586/rawshark-1.0.8-3.1mdv2009.0.i586.rpm
 4747a553908057b86c042759f78976ea  2009.0/i586/tshark-1.0.8-3.1mdv2009.0.i586.rpm
 736173032c8f0dc38f358196f092429b  2009.0/i586/wireshark-1.0.8-3.1mdv2009.0.i586.rpm
 e8aa27a3ca2cf82599fc4c84044ff5ba  2009.0/i586/wireshark-tools-1.0.8-3.1mdv2009.0.i586.rpm 
 2bae0ecb6b260cfe69f81afbcfe7ecb3  2009.0/SRPMS/wireshark-1.0.8-3.1mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 7878ec348dd2a4543d6704acf6847bf1  2009.0/x86_64/dumpcap-1.0.8-3.1mdv2009.0.x86_64.rpm
 5bf724ce33c315dda9d419132cb5c3f7  2009.0/x86_64/lib64wireshark0-1.0.8-3.1mdv2009.0.x86_64.rpm
 003c4fc644bbd55a5387a5840f071c2d  2009.0/x86_64/lib64wireshark-devel-1.0.8-3.1mdv2009.0.x86_64.rpm
 bfe8072577a4ec90e189bdcf9c595347  2009.0/x86_64/rawshark-1.0.8-3.1mdv2009.0.x86_64.rpm
 bdc71f63874e7d26bb38d2c0bb9e3704  2009.0/x86_64/tshark-1.0.8-3.1mdv2009.0.x86_64.rpm
 ebeff9070be842e8f76d197fcd9ab63d  2009.0/x86_64/wireshark-1.0.8-3.1mdv2009.0.x86_64.rpm
 87471e79b554ed396eafc35e38018cfe  2009.0/x86_64/wireshark-tools-1.0.8-3.1mdv2009.0.x86_64.rpm 
 2bae0ecb6b260cfe69f81afbcfe7ecb3  2009.0/SRPMS/wireshark-1.0.8-3.1mdv2009.0.src.rpm

 Mandriva Linux 2009.1:
 e78195d23cfe382e968c7d2c06640c0d  2009.1/i586/dumpcap-1.0.8-3mdv2009.1.i586.rpm
 28f331ffb584965eaf6007c5e7cf1256  2009.1/i586/libwireshark0-1.0.8-3mdv2009.1.i586.rpm
 d274ad81b779b568d29935701123c5fd  2009.1/i586/libwireshark-devel-1.0.8-3mdv2009.1.i586.rpm
 dab42aa9f71d2f6f0027cd535a88212b  2009.1/i586/rawshark-1.0.8-3mdv2009.1.i586.rpm
 7ed28537628436176c78efb085e83629  2009.1/i586/tshark-1.0.8-3mdv2009.1.i586.rpm
 b493d446f0167ccd9c1aed81f64b14c7  2009.1/i586/wireshark-1.0.8-3mdv2009.1.i586.rpm
 9edec3502b5a361ecbcdd03000d14689  2009.1/i586/wireshark-tools-1.0.8-3mdv2009.1.i586.rpm 
 461b4a5ca1fd68d46e6d9456284c39e7  2009.1/SRPMS/wireshark-1.0.8-3mdv2009.1.src.rpm

 Mandriva Linux 2009.1/X86_64:
 02025763727e6c694ea55db8c3fd754d  2009.1/x86_64/dumpcap-1.0.8-3mdv2009.1.x86_64.rpm
 b33f175e526d24e581cbeffc1ece9371  2009.1/x86_64/lib64wireshark0-1.0.8-3mdv2009.1.x86_64.rpm
 2fb1389b07e21d055527ee684bc263fe  2009.1/x86_64/lib64wireshark-devel-1.0.8-3mdv2009.1.x86_64.rpm
 85b34b626b4c5a0be8a6c944965ac3e0  2009.1/x86_64/rawshark-1.0.8-3mdv2009.1.x86_64.rpm
 ffe117f860faead25ad347ed5d336b98  2009.1/x86_64/tshark-1.0.8-3mdv2009.1.x86_64.rpm
 e67dbdf2748bbfc4b0dbe91d3b8bbff1  2009.1/x86_64/wireshark-1.0.8-3mdv2009.1.x86_64.rpm
 7c2f637c8a273e753c272f25ef440148  2009.1/x86_64/wireshark-tools-1.0.8-3mdv2009.1.x86_64.rpm 
 461b4a5ca1fd68d46e6d9456284c39e7  2009.1/SRPMS/wireshark-1.0.8-3mdv2009.1.src.rpm

 Corporate 4.0:
 46c96026ad73300946f6d7c256160191  corporate/4.0/i586/dumpcap-1.0.8-0.1.20060mlcs4.i586.rpm
 8095cd428e357efe67e9aecf5eff3bb5  corporate/4.0/i586/libwireshark0-1.0.8-0.1.20060mlcs4.i586.rpm
 851e5e1c57105d43cd5f2e7659cce886  corporate/4.0/i586/libwireshark-devel-1.0.8-0.1.20060mlcs4.i586.rpm
 c39421d007b4a397cb5c04626fccef8a  corporate/4.0/i586/rawshark-1.0.8-0.1.20060mlcs4.i586.rpm
 21572778f06be23fbd859d7e752a450d  corporate/4.0/i586/tshark-1.0.8-0.1.20060mlcs4.i586.rpm
 7d6afaf2dcbdec6a0c749238cadd422b  corporate/4.0/i586/wireshark-1.0.8-0.1.20060mlcs4.i586.rpm
 fd6e04679d2563ae518e559349748ea9  corporate/4.0/i586/wireshark-tools-1.0.8-0.1.20060mlcs4.i586.rpm 
 b5caa7e71a222b9d003bd66101ff5d32  corporate/4.0/SRPMS/wireshark-1.0.8-0.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 357cb4dd412b86749cb1105703259065  corporate/4.0/x86_64/dumpcap-1.0.8-0.1.20060mlcs4.x86_64.rpm
 93360b7b8ad11aa244088f794d0b17a0  corporate/4.0/x86_64/lib64wireshark0-1.0.8-0.1.20060mlcs4.x86_64.rpm
 14dab007969de8318bc27ded09571863  corporate/4.0/x86_64/lib64wireshark-devel-1.0.8-0.1.20060mlcs4.x86_64.rpm
 64fb873b96d4e67282783eecf010d3c9  corporate/4.0/x86_64/rawshark-1.0.8-0.1.20060mlcs4.x86_64.rpm
 288acb4e17fb0796cc138399b6df73cf  corporate/4.0/x86_64/tshark-1.0.8-0.1.20060mlcs4.x86_64.rpm
 f6d2f4a3c693f6e2ff028eea0a3a452d  corporate/4.0/x86_64/wireshark-1.0.8-0.1.20060mlcs4.x86_64.rpm
 1387dcf8f2a7529f65fa1aeea949267f  corporate/4.0/x86_64/wireshark-tools-1.0.8-0.1.20060mlcs4.x86_64.rpm 
 b5caa7e71a222b9d003bd66101ff5d32  corporate/4.0/SRPMS/wireshark-1.0.8-0.1.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKIrTYmqjQ0CJFipgRAnzUAJ0aht7CM5phMz5Wun/sCLNOgVmTTACbBLiG
WSNu7y/3y/2EjyBTWm5bTK0=
=lOfV
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ