-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2011:083 http://www.mandriva.com/security/ _______________________________________________________________________ Package : wireshark Date : May 12, 2011 Affected: 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: This advisory updates wireshark to the latest version (1.2.16), fixing several security issues: The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file (CVE-2011-1590). Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file (CVE-2011-1591). The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x before 1.4.5 on Windows uses an incorrect integer data type during decoding of SETCLIENTID calls, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file (CVE-2011-1592). The updated packages have been upgraded to the latest 1.2.x version (1.2.16) which is not vulnerable to these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1590 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1591 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1592 http://www.wireshark.org/docs/relnotes/wireshark-1.2.16.html _______________________________________________________________________ Updated Packages: Mandriva Linux 2010.0: ce52dd0e89fe2e385a659825460edca9 2010.0/i586/dumpcap-1.2.16-0.1mdv2010.0.i586.rpm 91ffe9960b24b0d66ab4c7967aea0da8 2010.0/i586/libwireshark0-1.2.16-0.1mdv2010.0.i586.rpm 7660240ac8dfdcf06090835d43a20328 2010.0/i586/libwireshark-devel-1.2.16-0.1mdv2010.0.i586.rpm 6a6a6f06b1a658bded5854b9dc5abfce 2010.0/i586/rawshark-1.2.16-0.1mdv2010.0.i586.rpm b4449efd8f0aa2bc4efa2d6c0ed567f2 2010.0/i586/tshark-1.2.16-0.1mdv2010.0.i586.rpm b33adf3885df69a642ee9790a4cb52ff 2010.0/i586/wireshark-1.2.16-0.1mdv2010.0.i586.rpm c02d4845b02d0ea52cf6f6dcba9d4db4 2010.0/i586/wireshark-tools-1.2.16-0.1mdv2010.0.i586.rpm 9267be0104600200a1ac7b8dcf6672f5 2010.0/SRPMS/wireshark-1.2.16-0.1mdv2010.0.src.rpm Mandriva Linux 2010.0/X86_64: 6e8d8eb2c0902544079d3ead62d58678 2010.0/x86_64/dumpcap-1.2.16-0.1mdv2010.0.x86_64.rpm 07ee55185a1dc8862aec25fed869485f 2010.0/x86_64/lib64wireshark0-1.2.16-0.1mdv2010.0.x86_64.rpm cac74e47a0f8b2e8f2a58515efb0aef7 2010.0/x86_64/lib64wireshark-devel-1.2.16-0.1mdv2010.0.x86_64.rpm 4af3e8be251fd245166c9c164e62497f 2010.0/x86_64/rawshark-1.2.16-0.1mdv2010.0.x86_64.rpm 31b5df98c2618af1659d81ee6b3589fc 2010.0/x86_64/tshark-1.2.16-0.1mdv2010.0.x86_64.rpm eea20f5ae3fe65b71dfd7379c780515c 2010.0/x86_64/wireshark-1.2.16-0.1mdv2010.0.x86_64.rpm 6c97841450b5bd1e1038b0e867a73008 2010.0/x86_64/wireshark-tools-1.2.16-0.1mdv2010.0.x86_64.rpm 9267be0104600200a1ac7b8dcf6672f5 2010.0/SRPMS/wireshark-1.2.16-0.1mdv2010.0.src.rpm Mandriva Linux 2010.1: 343907ede3e21d5787be8824d6edcc80 2010.1/i586/dumpcap-1.2.16-0.1mdv2010.2.i586.rpm 90c2fc8cddd4ef897a6e6e5b3ef2c066 2010.1/i586/libwireshark0-1.2.16-0.1mdv2010.2.i586.rpm 1f6fc405ab5ae97b89cbd632059b48e5 2010.1/i586/libwireshark-devel-1.2.16-0.1mdv2010.2.i586.rpm 426f850b66a0298066cda626ca1cd432 2010.1/i586/rawshark-1.2.16-0.1mdv2010.2.i586.rpm 056227eb81a5e506dcde5b95923cd341 2010.1/i586/tshark-1.2.16-0.1mdv2010.2.i586.rpm 86fb33388710ed3d08967c514c8ab25d 2010.1/i586/wireshark-1.2.16-0.1mdv2010.2.i586.rpm 7dea3da2061f08eb9510ee713e41d26f 2010.1/i586/wireshark-tools-1.2.16-0.1mdv2010.2.i586.rpm 64f8b99b3eb288f4553c55469ccf6edf 2010.1/SRPMS/wireshark-1.2.16-0.1mdv2010.2.src.rpm Mandriva Linux 2010.1/X86_64: 52e98d93947ec39bb36997baf7d95e3f 2010.1/x86_64/dumpcap-1.2.16-0.1mdv2010.2.x86_64.rpm f86e42d466f72559510182ec49d1ca04 2010.1/x86_64/lib64wireshark0-1.2.16-0.1mdv2010.2.x86_64.rpm 17bf8cf149d8639e2acef12633b3ae5e 2010.1/x86_64/lib64wireshark-devel-1.2.16-0.1mdv2010.2.x86_64.rpm 5d7f97b0186213d477e51efda39d5c3e 2010.1/x86_64/rawshark-1.2.16-0.1mdv2010.2.x86_64.rpm 056ca1af6fff8f56fad1caae33c67691 2010.1/x86_64/tshark-1.2.16-0.1mdv2010.2.x86_64.rpm a49f98d9310bf9a6353a084a47f92b66 2010.1/x86_64/wireshark-1.2.16-0.1mdv2010.2.x86_64.rpm fe2fe64671b0ec435edbbb28bae5adaf 2010.1/x86_64/wireshark-tools-1.2.16-0.1mdv2010.2.x86_64.rpm 64f8b99b3eb288f4553c55469ccf6edf 2010.1/SRPMS/wireshark-1.2.16-0.1mdv2010.2.src.rpm Corporate 4.0: a69827ff3c21384f271cd731412c4430 corporate/4.0/i586/dumpcap-1.2.16-0.1.20060mlcs4.i586.rpm 4ecdcbf70587de75f592a03ca761e7dd corporate/4.0/i586/libwireshark0-1.2.16-0.1.20060mlcs4.i586.rpm ed2aa89f2a2aab3653967deb506db887 corporate/4.0/i586/libwireshark-devel-1.2.16-0.1.20060mlcs4.i586.rpm 0898a45c9d84ae350b2d1459bf138202 corporate/4.0/i586/rawshark-1.2.16-0.1.20060mlcs4.i586.rpm 3e84772e55704d394938366dd84ec893 corporate/4.0/i586/tshark-1.2.16-0.1.20060mlcs4.i586.rpm 3f965ee985c45d0260ac5c68ccd02e8d corporate/4.0/i586/wireshark-1.2.16-0.1.20060mlcs4.i586.rpm 68ca555b3318b7f0535302eda1d15677 corporate/4.0/i586/wireshark-tools-1.2.16-0.1.20060mlcs4.i586.rpm 398fb02a99f6403ec5544cd67202fada corporate/4.0/SRPMS/wireshark-1.2.16-0.1.20060mlcs4.src.rpm Corporate 4.0/X86_64: b954d225ad5c758763cf58f214fa6a3d corporate/4.0/x86_64/dumpcap-1.2.16-0.1.20060mlcs4.x86_64.rpm c4a34e696ad75d13a654b2fb12fe2d8c corporate/4.0/x86_64/lib64wireshark0-1.2.16-0.1.20060mlcs4.x86_64.rpm 84363d6f92b894a9d8b7017fad5f34c0 corporate/4.0/x86_64/lib64wireshark-devel-1.2.16-0.1.20060mlcs4.x86_64.rpm 410d24c1ebcc2756a5bed5f0398d0fa5 corporate/4.0/x86_64/rawshark-1.2.16-0.1.20060mlcs4.x86_64.rpm c858c8141c49cb5f24958285aa95248d corporate/4.0/x86_64/tshark-1.2.16-0.1.20060mlcs4.x86_64.rpm 9cfdba3bc24c4cd3fc165340eb3a3970 corporate/4.0/x86_64/wireshark-1.2.16-0.1.20060mlcs4.x86_64.rpm 82c157eb0ba46931b7a79d24dd87b414 corporate/4.0/x86_64/wireshark-tools-1.2.16-0.1.20060mlcs4.x86_64.rpm 398fb02a99f6403ec5544cd67202fada corporate/4.0/SRPMS/wireshark-1.2.16-0.1.20060mlcs4.src.rpm Mandriva Enterprise Server 5: e63b833575fa0433d323b5f793c4baac mes5/i586/dumpcap-1.2.16-0.1mdvmes5.2.i586.rpm 04dab36a3b05dd35622ceea2c7e163e6 mes5/i586/libwireshark0-1.2.16-0.1mdvmes5.2.i586.rpm c44f0bc075b6581a86e0b32c947b08b0 mes5/i586/libwireshark-devel-1.2.16-0.1mdvmes5.2.i586.rpm 54c4fa786efdc086da2036dd2b179141 mes5/i586/rawshark-1.2.16-0.1mdvmes5.2.i586.rpm 5e561f4430612f841e9a144ff97db32e mes5/i586/tshark-1.2.16-0.1mdvmes5.2.i586.rpm 1633ab89f96cdf58d76ec66c26e6ea3a mes5/i586/wireshark-1.2.16-0.1mdvmes5.2.i586.rpm 8d20bd293e3770f1740b965147fe73ab mes5/i586/wireshark-tools-1.2.16-0.1mdvmes5.2.i586.rpm e484e78f2d63a5c018c9e3afbba88ba2 mes5/SRPMS/wireshark-1.2.16-0.1mdvmes5.2.src.rpm Mandriva Enterprise Server 5/X86_64: f21561b6ad51f07d80f2329eb9d3c9b6 mes5/x86_64/dumpcap-1.2.16-0.1mdvmes5.2.x86_64.rpm 014afb1b8188a15048f1dc70012d296f mes5/x86_64/lib64wireshark0-1.2.16-0.1mdvmes5.2.x86_64.rpm 8b539d0361dc0b0a2ddfb10a369f26d1 mes5/x86_64/lib64wireshark-devel-1.2.16-0.1mdvmes5.2.x86_64.rpm 6f3e9f63fd1eca753720d37c232f7c6d mes5/x86_64/rawshark-1.2.16-0.1mdvmes5.2.x86_64.rpm de70d4dc7dfa466d80ad79b9114046c8 mes5/x86_64/tshark-1.2.16-0.1mdvmes5.2.x86_64.rpm d4e1a9453effbb5324fafd6a9ca8dcd1 mes5/x86_64/wireshark-1.2.16-0.1mdvmes5.2.x86_64.rpm 03d0d4fa8407616e53759c4f842c3061 mes5/x86_64/wireshark-tools-1.2.16-0.1mdvmes5.2.x86_64.rpm e484e78f2d63a5c018c9e3afbba88ba2 mes5/SRPMS/wireshark-1.2.16-0.1mdvmes5.2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFNzB5nmqjQ0CJFipgRAt9xAKC2QfPw8pvrkptvxl082UcKMKKduwCdHDFr bnghMK+643rsoMXOWgWLP9Q= =gvBt -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/