Test Kennung:	1.3.6.1.4.1.25623.1.0.69228
Kategorie:	Red Hat Local Security Checks
Titel:	RedHat Security Advisory RHSA-2011:0369
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory RHSA-2011:0369. Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in the Wireshark MAC-LTE dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2011-0444) A heap-based buffer overflow flaw was found in the way Wireshark processed signaling traces generated by the Gammu utility on Nokia DCT3 phones running in Netmonitor mode. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2011-0713) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2011-0538, CVE-2011-1139, CVE-2011-1140, CVE-2011-1141) Users of Wireshark should upgrade to these updated packages, which contain Wireshark version 1.2.15, and resolve these issues. All running instances of Wireshark must be restarted for the update to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2011-0369.html http://www.wireshark.org/security/wnpa-sec-2011-01.html http://www.wireshark.org/security/wnpa-sec-2011-03.html Risk factor : Critical CVSS Score: 10.0
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0444 BugTraq ID: 45775 http://www.securityfocus.com/bid/45775 http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053650.html http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053669.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:007 https://bugs.wireshark.org/bugzilla/attachment.cgi?id=5676 http://osvdb.org/70403 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14283 http://www.redhat.com/support/errata/RHSA-2011-0369.html http://secunia.com/advisories/43175 http://www.vupen.com/english/advisories/2011/0079 http://www.vupen.com/english/advisories/2011/0104 http://www.vupen.com/english/advisories/2011/0270 http://www.vupen.com/english/advisories/2011/0719 XForce ISS Database: wireshark-maclte-bo(64624) https://exchange.xforce.ibmcloud.com/vulnerabilities/64624 Common Vulnerability Exposure (CVE) ID: CVE-2011-0538 BugTraq ID: 46167 http://www.securityfocus.com/bid/46167 CERT/CC vulnerability note: VU#215900 http://www.kb.cert.org/vuls/id/215900 Debian Security Information: DSA-2201 (Google Search) http://www.debian.org/security/2011/dsa-2201 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:044 http://openwall.com/lists/oss-security/2011/02/04/1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14605 http://www.redhat.com/support/errata/RHSA-2011-0370.html http://www.securitytracker.com/id?1025148 http://secunia.com/advisories/43759 http://secunia.com/advisories/43795 http://secunia.com/advisories/43821 http://www.vupen.com/english/advisories/2011/0622 http://www.vupen.com/english/advisories/2011/0626 http://www.vupen.com/english/advisories/2011/0747 XForce ISS Database: wireshark-pcap-code-execution(65182) https://exchange.xforce.ibmcloud.com/vulnerabilities/65182 Common Vulnerability Exposure (CVE) ID: CVE-2011-0713 BugTraq ID: 46416 http://www.securityfocus.com/bid/46416 http://openwall.com/lists/oss-security/2011/02/16/13 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14766 XForce ISS Database: wireshark-nokiadct3-bo(65780) https://exchange.xforce.ibmcloud.com/vulnerabilities/65780 XForce ISS Database: wireshark-visualc-bo(65460) https://exchange.xforce.ibmcloud.com/vulnerabilities/65460 Common Vulnerability Exposure (CVE) ID: CVE-2011-1139 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14997 http://secunia.com/advisories/44169 SuSE Security Announcement: openSUSE-SU-2011:0347 (Google Search) https://hermes.opensuse.org/messages/8086844 XForce ISS Database: wireshark-pcapng-dos(65779) https://exchange.xforce.ibmcloud.com/vulnerabilities/65779 Common Vulnerability Exposure (CVE) ID: CVE-2011-1140 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14715 Common Vulnerability Exposure (CVE) ID: CVE-2011-1141 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14974
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.