ID de Prueba:	1.3.6.1.4.1.25623.1.0.68334
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2010:200 (wireshark)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to wireshark announced via advisory MDVSA-2010:200. It was discovered that the ASN.1 BER dissector in wireshark was susceptible to a stack overflow (CVE-2010-3445). For 2010.0 and 2010.1 wireshark was upgraded to v1.2.12 which is not vulnerable to this issue and was patched for CS4 and MES5 to resolve the vulnerability. Affected: 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2010:200 http://www.wireshark.org/security/wnpa-sec-2010-11.html http://www.wireshark.org/security/wnpa-sec-2010-12.html Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3445 20100913 Wireshark 1.4.0 Malformed SNMP V1 Packet Denial of Service http://archives.neohapsis.com/archives/bugtraq/2010-09/0088.html 42392 http://secunia.com/advisories/42392 42411 http://secunia.com/advisories/42411 42877 http://secunia.com/advisories/42877 43068 http://secunia.com/advisories/43068 43197 http://www.securityfocus.com/bid/43197 43759 http://secunia.com/advisories/43759 43821 http://secunia.com/advisories/43821 ADV-2010-3067 http://www.vupen.com/english/advisories/2010/3067 ADV-2010-3093 http://www.vupen.com/english/advisories/2010/3093 ADV-2011-0076 http://www.vupen.com/english/advisories/2011/0076 ADV-2011-0212 http://www.vupen.com/english/advisories/2011/0212 ADV-2011-0404 http://www.vupen.com/english/advisories/2011/0404 ADV-2011-0626 http://www.vupen.com/english/advisories/2011/0626 ADV-2011-0719 http://www.vupen.com/english/advisories/2011/0719 DSA-2127 http://www.debian.org/security/2010/dsa-2127 FEDORA-2011-2620 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html FEDORA-2011-2632 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html FEDORA-2011-2648 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html MDVSA-2010:200 http://www.mandriva.com/security/advisories?name=MDVSA-2010:200 RHSA-2010:0924 http://www.redhat.com/support/errata/RHSA-2010-0924.html RHSA-2011:0370 http://www.redhat.com/support/errata/RHSA-2011-0370.html SUSE-SR:2011:001 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html SUSE-SR:2011:002 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html VU#215900 http://www.kb.cert.org/vuls/id/215900 [oss-security] 20101001 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark http://www.openwall.com/lists/oss-security/2010/10/01/10 [oss-security] 20101011 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark http://www.openwall.com/lists/oss-security/2010/10/12/1 http://blogs.sun.com/security/entry/resource_management_errors_vulnerability_in http://www.wireshark.org/security/wnpa-sec-2010-12.html http://xorl.wordpress.com/2010/10/15/cve-2010-3445-wireshark-asn-1-ber-stack-overflow/ https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5230 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3445 oval:org.mitre.oval:def:14607 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14607
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.