[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1MxOMQ-0005NI-02@titan.mandriva.com>
Date: Mon, 12 Oct 2009 19:07:01 +0200
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2009:270 ] wireshark
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2009:270
http://www.mandriva.com/security/
_______________________________________________________________________
Package : wireshark
Date : October 12, 2009
Affected: 2009.0, 2009.1, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
A vulnerability has been found and corrected in wireshark:
Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark
0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers
to cause a denial of service (memory and CPU consumption) via malformed
OPCUA Service CallRequest packets (CVE-2009-3241).
This update fixes this vulnerability.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3241
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2009.0:
2bde688e3de981ae3180da4f05f5e860 2009.0/i586/dumpcap-1.0.8-3.3mdv2009.0.i586.rpm
8216fb437b04046ad2b78c6a8ddebdce 2009.0/i586/libwireshark0-1.0.8-3.3mdv2009.0.i586.rpm
282063c02297a2a70be4fd87b69762c0 2009.0/i586/libwireshark-devel-1.0.8-3.3mdv2009.0.i586.rpm
93b7d86a3f5e45c8bbe0ecd349c97bde 2009.0/i586/rawshark-1.0.8-3.3mdv2009.0.i586.rpm
f4f449adb85ac8bfc32ace580857a6ea 2009.0/i586/tshark-1.0.8-3.3mdv2009.0.i586.rpm
8716922a83cd417e9b7b2ce883ca884c 2009.0/i586/wireshark-1.0.8-3.3mdv2009.0.i586.rpm
08268e3ffdd712e455683461c7824932 2009.0/i586/wireshark-tools-1.0.8-3.3mdv2009.0.i586.rpm
557f530edfefccd6c86722471a420157 2009.0/SRPMS/wireshark-1.0.8-3.3mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64:
351498c928631fca8b4a17e2cda0e9e4 2009.0/x86_64/dumpcap-1.0.8-3.3mdv2009.0.x86_64.rpm
031e245b10fbceb7b0c31a6655f6e865 2009.0/x86_64/lib64wireshark0-1.0.8-3.3mdv2009.0.x86_64.rpm
ea2868e2e3275ef8d81d1df0921c94a4 2009.0/x86_64/lib64wireshark-devel-1.0.8-3.3mdv2009.0.x86_64.rpm
c2de9defd468a89b0253dc666c1deec5 2009.0/x86_64/rawshark-1.0.8-3.3mdv2009.0.x86_64.rpm
b78e8891183e62b82c7e2b69c82d6b2f 2009.0/x86_64/tshark-1.0.8-3.3mdv2009.0.x86_64.rpm
77587f7f59238df2369268343fab38df 2009.0/x86_64/wireshark-1.0.8-3.3mdv2009.0.x86_64.rpm
7f73ef1ea62e8135449aef0081767b9a 2009.0/x86_64/wireshark-tools-1.0.8-3.3mdv2009.0.x86_64.rpm
557f530edfefccd6c86722471a420157 2009.0/SRPMS/wireshark-1.0.8-3.3mdv2009.0.src.rpm
Mandriva Linux 2009.1:
60a5e67fccdef0c1262fbd0a09c2348c 2009.1/i586/dumpcap-1.0.8-3.3mdv2009.1.i586.rpm
5acf7dc50d50c411b95197afd57e900e 2009.1/i586/libwireshark0-1.0.8-3.3mdv2009.1.i586.rpm
b5d518bb595eab0ae8d45076251f5310 2009.1/i586/libwireshark-devel-1.0.8-3.3mdv2009.1.i586.rpm
9e6420089364f4328f23f69097234ef4 2009.1/i586/rawshark-1.0.8-3.3mdv2009.1.i586.rpm
6f1185ef8f9f40bbb658f717aa3e1bc3 2009.1/i586/tshark-1.0.8-3.3mdv2009.1.i586.rpm
abb50dcc4f9f724a9616c9312f22242d 2009.1/i586/wireshark-1.0.8-3.3mdv2009.1.i586.rpm
9b57739a885b779ed27f8ecd1741741c 2009.1/i586/wireshark-tools-1.0.8-3.3mdv2009.1.i586.rpm
0de2b5f93d233d934fc60db6b878df39 2009.1/SRPMS/wireshark-1.0.8-3.3mdv2009.1.src.rpm
Mandriva Linux 2009.1/X86_64:
bd69b75efaf76123bc6f432b497c4d48 2009.1/x86_64/dumpcap-1.0.8-3.3mdv2009.1.x86_64.rpm
ca9e6caf06d3d04b6733c91b4fdebadf 2009.1/x86_64/lib64wireshark0-1.0.8-3.3mdv2009.1.x86_64.rpm
080aeaac702ee188bb14117f4fb8ad78 2009.1/x86_64/lib64wireshark-devel-1.0.8-3.3mdv2009.1.x86_64.rpm
26f7faa79b096c647a7dc28b7437a43d 2009.1/x86_64/rawshark-1.0.8-3.3mdv2009.1.x86_64.rpm
907b493706802e0346f9b49d30c6ab8a 2009.1/x86_64/tshark-1.0.8-3.3mdv2009.1.x86_64.rpm
e9f7324616e46f70f1121067c7e90763 2009.1/x86_64/wireshark-1.0.8-3.3mdv2009.1.x86_64.rpm
6d8711428172217d929ddde4af90d753 2009.1/x86_64/wireshark-tools-1.0.8-3.3mdv2009.1.x86_64.rpm
0de2b5f93d233d934fc60db6b878df39 2009.1/SRPMS/wireshark-1.0.8-3.3mdv2009.1.src.rpm
Corporate 4.0:
235a73de04afa52b6c2bd4d15fc04de8 corporate/4.0/i586/dumpcap-1.0.8-0.3.20060mlcs4.i586.rpm
527692971e6feb970b85d660ec3db6f5 corporate/4.0/i586/libwireshark0-1.0.8-0.3.20060mlcs4.i586.rpm
54e5d379b63c1dd73dd0a6637117c80e corporate/4.0/i586/libwireshark-devel-1.0.8-0.3.20060mlcs4.i586.rpm
3c632ea90bef9509cb12c87ab4260bc5 corporate/4.0/i586/rawshark-1.0.8-0.3.20060mlcs4.i586.rpm
8009af53ab8d2f2e6771c08d88f3696e corporate/4.0/i586/tshark-1.0.8-0.3.20060mlcs4.i586.rpm
22f786d733ceada2b2714d7a92bdbd96 corporate/4.0/i586/wireshark-1.0.8-0.3.20060mlcs4.i586.rpm
b4c9f6f49203ddfa51e71dc63a859f63 corporate/4.0/i586/wireshark-tools-1.0.8-0.3.20060mlcs4.i586.rpm
c595cf7c6f131cf59cd842886f5ad4b8 corporate/4.0/SRPMS/wireshark-1.0.8-0.3.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
42469cfd64904936faa44d905748528c corporate/4.0/x86_64/dumpcap-1.0.8-0.3.20060mlcs4.x86_64.rpm
69b656cbd3318d651a3e0848eb075d25 corporate/4.0/x86_64/lib64wireshark0-1.0.8-0.3.20060mlcs4.x86_64.rpm
b5b033f2e2dcd4f3dd7667c7ce3dcbd7 corporate/4.0/x86_64/lib64wireshark-devel-1.0.8-0.3.20060mlcs4.x86_64.rpm
3ce35df4b75a82efe453b0029920e6b4 corporate/4.0/x86_64/rawshark-1.0.8-0.3.20060mlcs4.x86_64.rpm
434a75fe14dcd011a41e776a14ed7350 corporate/4.0/x86_64/tshark-1.0.8-0.3.20060mlcs4.x86_64.rpm
6ad3ecc27f403ca13b083b238b06c7e7 corporate/4.0/x86_64/wireshark-1.0.8-0.3.20060mlcs4.x86_64.rpm
30314354841e099d96d4b027663b5015 corporate/4.0/x86_64/wireshark-tools-1.0.8-0.3.20060mlcs4.x86_64.rpm
c595cf7c6f131cf59cd842886f5ad4b8 corporate/4.0/SRPMS/wireshark-1.0.8-0.3.20060mlcs4.src.rpm
Mandriva Enterprise Server 5:
17f89060c77952ed112258f1abfe0abc mes5/i586/dumpcap-1.0.8-3.3mdvmes5.i586.rpm
abe0adc98b505d61603fe290bc7e61d1 mes5/i586/libwireshark0-1.0.8-3.3mdvmes5.i586.rpm
49d5467f90ebb20fba8fc357accd2ba7 mes5/i586/libwireshark-devel-1.0.8-3.3mdvmes5.i586.rpm
352b688a76410b04c541c4e203c9e7a2 mes5/i586/rawshark-1.0.8-3.3mdvmes5.i586.rpm
b98e60094dea42ac3342bc26e215dead mes5/i586/tshark-1.0.8-3.3mdvmes5.i586.rpm
c6ea5e0db20a3094c3d5d88a5038a0c8 mes5/i586/wireshark-1.0.8-3.3mdvmes5.i586.rpm
a101c193c08eeaa47f036407360981b5 mes5/i586/wireshark-tools-1.0.8-3.3mdvmes5.i586.rpm
8aa8055f7abf91a44be930b673a17666 mes5/SRPMS/wireshark-1.0.8-3.3mdvmes5.src.rpm
Mandriva Enterprise Server 5/X86_64:
81435f348933151e20d407dc454b7185 mes5/x86_64/dumpcap-1.0.8-3.3mdvmes5.x86_64.rpm
1bc631e207090e4ea14697f6402698af mes5/x86_64/lib64wireshark0-1.0.8-3.3mdvmes5.x86_64.rpm
96aa50d0c98a3b67186b5a6aa4fd564b mes5/x86_64/lib64wireshark-devel-1.0.8-3.3mdvmes5.x86_64.rpm
9017d0824e7358b941a021e9b15c05cf mes5/x86_64/rawshark-1.0.8-3.3mdvmes5.x86_64.rpm
9fe1cc86912952fdd1a43a27081c52db mes5/x86_64/tshark-1.0.8-3.3mdvmes5.x86_64.rpm
550faa2dc40cd436b5119d969da8553a mes5/x86_64/wireshark-1.0.8-3.3mdvmes5.x86_64.rpm
67485a40e441e2d23f14e9e227618a9b mes5/x86_64/wireshark-tools-1.0.8-3.3mdvmes5.x86_64.rpm
8aa8055f7abf91a44be930b673a17666 mes5/SRPMS/wireshark-1.0.8-3.3mdvmes5.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFK0zSfmqjQ0CJFipgRAiBPAKDIX2oYAND45gGt0DEYZBTw1yIgGwCg6MY6
tBVWTXOfaL0RwCH4VCqeIkE=
=IXKg
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists