Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2008.0424 -- [Win][UNIX/Linux]
Multiple vulnerabilities in Wireshark
28 April 2008
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: wireshark
Publisher: Mandriva
Operating System: UNIX variants (UNIX, Linux, OSX)
Windows
Impact: Denial of Service
Access: Remote/Unauthenticated
CVE Names: CVE-2008-1563 CVE-2008-1562 CVE-2008-1561
Comment: This advisory references vulnerabilities in products which run on
platforms other than Mandriva. It is recommended that
administrators running wireshark check for an updated version of
the software for their operating system.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2008:091
http://www.mandriva.com/security/
_______________________________________________________________________
Package : wireshark
Date : April 24, 2008
Affected: 2007.1, 2008.0, 2008.1, Corporate 4.0
_______________________________________________________________________
Problem Description:
A few vulnerabilities were found in Wireshark, that could cause it
to crash or hang under certain conditions.
This update provides Wireshark 1.0.0, which is not vulnerable to
the issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1561
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1562
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1563
http://www.wireshark.org/security/wnpa-sec-2008-02.html
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2007.1:
8787584277e32c57e8dbdfa90a09d6d3 2007.1/i586/libwireshark0-1.0.0-0.1mdv2007.1.i586.rpm
90e8906045320889892164014b4ae09e 2007.1/i586/tshark-1.0.0-0.1mdv2007.1.i586.rpm
aa76809ca85216ac3378fbfd77c8f0f7 2007.1/i586/wireshark-1.0.0-0.1mdv2007.1.i586.rpm
064dd8c764cb6341d54b24e74e726cac 2007.1/i586/wireshark-tools-1.0.0-0.1mdv2007.1.i586.rpm
e619607ac168cad95c9d8be177414d1e 2007.1/SRPMS/wireshark-1.0.0-0.1mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64:
8ba33eac114c70d5db62ae4555fd078d 2007.1/x86_64/lib64wireshark0-1.0.0-0.1mdv2007.1.x86_64.rpm
53fd170cc3a0c7845018b0016a83ad95 2007.1/x86_64/tshark-1.0.0-0.1mdv2007.1.x86_64.rpm
012e2d0c9331f3133ad09c74d0964578 2007.1/x86_64/wireshark-1.0.0-0.1mdv2007.1.x86_64.rpm
bf8a2d43190488174f02317db866aabb 2007.1/x86_64/wireshark-tools-1.0.0-0.1mdv2007.1.x86_64.rpm
e619607ac168cad95c9d8be177414d1e 2007.1/SRPMS/wireshark-1.0.0-0.1mdv2007.1.src.rpm
Mandriva Linux 2008.0:
41ebbf92d53fc6236c501ef5c953670b 2008.0/i586/libwireshark0-1.0.0-0.1mdv2008.0.i586.rpm
92dfdcfc34cd49fba7a48e125c2fde16 2008.0/i586/tshark-1.0.0-0.1mdv2008.0.i586.rpm
e6222a7870ab3954bac26b7b6ba5bbd2 2008.0/i586/wireshark-1.0.0-0.1mdv2008.0.i586.rpm
4c2865ee18ee7a16603bfde697df8213 2008.0/i586/wireshark-tools-1.0.0-0.1mdv2008.0.i586.rpm
4fdd76ed933632936dd99720d4e6250d 2008.0/SRPMS/wireshark-1.0.0-0.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
90e06e9450c8aa5b0a8f856f279ac81b 2008.0/x86_64/lib64wireshark0-1.0.0-0.1mdv2008.0.x86_64.rpm
e6235ac2844f5bb96908df0c8146d7bb 2008.0/x86_64/lib64wireshark-devel-1.0.0-0.1mdv2008.0.x86_64.rpm
109705d2be271a0465d507c608250152 2008.0/x86_64/tshark-1.0.0-0.1mdv2008.0.x86_64.rpm
6e485179083d47ea9b87d43825ef7a59 2008.0/x86_64/wireshark-1.0.0-0.1mdv2008.0.x86_64.rpm
332e92a7f42f1d69e36d89624007aa2b 2008.0/x86_64/wireshark-tools-1.0.0-0.1mdv2008.0.x86_64.rpm
4fdd76ed933632936dd99720d4e6250d 2008.0/SRPMS/wireshark-1.0.0-0.1mdv2008.0.src.rpm
Mandriva Linux 2008.1:
368a41966b95c34310c20136f33510cb 2008.1/i586/dumpcap-1.0.0-0.1mdv2008.1.i586.rpm
20775130a49c3df874ec12553b4d8b84 2008.1/i586/libwireshark0-1.0.0-0.1mdv2008.1.i586.rpm
04e2d93fc36508ba476b265e0eac8a66 2008.1/i586/libwireshark-devel-1.0.0-0.1mdv2008.1.i586.rpm
2dc8b55ee2f39a974e36187dbe5958ce 2008.1/i586/rawshark-1.0.0-0.1mdv2008.1.i586.rpm
960699b9d4fab3d158e25a97c16cd8ac 2008.1/i586/tshark-1.0.0-0.1mdv2008.1.i586.rpm
f37d602bdec21c4d0cf2d367d3806322 2008.1/i586/wireshark-1.0.0-0.1mdv2008.1.i586.rpm
b4310471e4a6b805798c14417c20d4ac 2008.1/i586/wireshark-tools-1.0.0-0.1mdv2008.1.i586.rpm
43cf1ba211095bff90205372b3bc765e 2008.1/SRPMS/wireshark-1.0.0-0.1mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64:
6c33e6ac2c9926db8b1b4dace0336e42 2008.1/x86_64/dumpcap-1.0.0-0.1mdv2008.1.x86_64.rpm
b87b8cdd68ff0aa2065636ec7a9da91f 2008.1/x86_64/lib64wireshark0-1.0.0-0.1mdv2008.1.x86_64.rpm
76083985fe72b0570f5f9f4a710b900d 2008.1/x86_64/lib64wireshark-devel-1.0.0-0.1mdv2008.1.x86_64.rpm
08cf866aa760a033759240dfb4f9d3af 2008.1/x86_64/rawshark-1.0.0-0.1mdv2008.1.x86_64.rpm
836517a64854c925fc50ed3d4a92a948 2008.1/x86_64/tshark-1.0.0-0.1mdv2008.1.x86_64.rpm
ee799f9a903de787b22bcc2577e9ee97 2008.1/x86_64/wireshark-1.0.0-0.1mdv2008.1.x86_64.rpm
51577890d056c553912b68e83f58c6c7 2008.1/x86_64/wireshark-tools-1.0.0-0.1mdv2008.1.x86_64.rpm
43cf1ba211095bff90205372b3bc765e 2008.1/SRPMS/wireshark-1.0.0-0.1mdv2008.1.src.rpm
Corporate 4.0:
f2da2805f44784b44bee20d4d99509f3 corporate/4.0/i586/libwireshark0-1.0.0-0.1.20060mlcs4.i586.rpm
8f326e641b25d5589048df62d022991e corporate/4.0/i586/tshark-1.0.0-0.1.20060mlcs4.i586.rpm
9b2943b2bb023c205f6142ba8d45fcca corporate/4.0/i586/wireshark-1.0.0-0.1.20060mlcs4.i586.rpm
65c6f43193ca8c5dd704e279c3ab6481 corporate/4.0/i586/wireshark-tools-1.0.0-0.1.20060mlcs4.i586.rpm
440f3a82ed9b770dac808764c141f050 corporate/4.0/SRPMS/wireshark-1.0.0-0.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
f7b496670d75f4abf2c41ab2d21a56b0 corporate/4.0/x86_64/lib64wireshark0-1.0.0-0.1.20060mlcs4.x86_64.rpm
afd1cb38a5c78fe226306104aad14de4 corporate/4.0/x86_64/tshark-1.0.0-0.1.20060mlcs4.x86_64.rpm
b986ab0557e9f52897664bfd579a17c2 corporate/4.0/x86_64/wireshark-1.0.0-0.1.20060mlcs4.x86_64.rpm
ef5caa4d6233962417dfa9d7f5785e85 corporate/4.0/x86_64/wireshark-tools-1.0.0-0.1.20060mlcs4.x86_64.rpm
440f3a82ed9b770dac808764c141f050 corporate/4.0/SRPMS/wireshark-1.0.0-0.1.20060mlcs4.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFIEQNvmqjQ0CJFipgRAtp2AJ9VFLsbhV4RYREEFc6IuyL8ugg0vACePM1N
DUwFwaNaPHPTtHyIHnJEUso=
=bJ/q
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBSBVSWyh9+71yA2DNAQI71wP9El23SXBjgMw0SAS8ynlbq+LWX+plRS7w
FFiRyahYOH4CuZJyPyYBS1I+D2lirHAYLyjxrdYmRa6rkouPZxMXekSEWk+ivoqW
f9+z3GWcryC1CzUNP/WdTDO7sLlX926GGkFrAxn1mYHPFj/div5rIcV8R/cOoLMq
BroZRDKEi9s=
=hM4o
-----END PGP SIGNATURE-----