 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.71998 |
| Categoría: | Mandrake Local Security Checks |
| Título: | Mandriva Security Advisory MDVSA-2011:138 (wireshark) |
| Resumen: | NOSUMMARY |
| Descripción: | Description: The remote host is missing an update to wireshark announced via advisory MDVSA-2011:138. This advisory updates wireshark to the latest version (1.6.2), fixing several security issues: Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory (CVE-2011-3360). The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.2 does not initialize a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a malformed packet (CVE-2011-3482). Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (application crash) via a malformed capture file that leads to an invalid root tvbuff, related to a buffer exception handling vulnerability. (CVE-2011-3483). The unxorFrame function in epan/dissectors/packet-opensafety.c in the OpenSafety dissector in Wireshark 1.6.x before 1.6.2 does not properly validate a certain frame size, which allows remote attackers to cause a denial of service (loop and application crash) via a malformed packet (CVE-2011-3484). The updated packages have been upgraded to the latest 1.6.x version (1.6.2) which is not vulnerable to these issues. Affected: 2011. Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2011:138 Risk factor : High |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-3360 75347 http://osvdb.org/75347 DSA-2324 http://www.debian.org/security/2011/dsa-2324 MDVSA-2011:138 http://www.mandriva.com/security/advisories?name=MDVSA-2011:138 [oss-security] 20110913 CVE Request: Multiple issues fixed in wireshark 1.6.2 http://www.openwall.com/lists/oss-security/2011/09/13/1 [oss-security] 20110914 Re: CVE Request: Multiple issues fixed in wireshark 1.6.2 http://www.openwall.com/lists/oss-security/2011/09/14/5 http://www.wireshark.org/security/wnpa-sec-2011-15.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6136 https://bugzilla.redhat.com/show_bug.cgi?id=737784 oval:org.mitre.oval:def:15059 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15059 Common Vulnerability Exposure (CVE) ID: CVE-2011-3482 http://www.openwall.com/lists/oss-security/2011/09/14/10 http://www.openwall.com/lists/oss-security/2011/09/14/9 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14886 Common Vulnerability Exposure (CVE) ID: CVE-2011-3483 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14971 Common Vulnerability Exposure (CVE) ID: CVE-2011-3484 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15062 |
| Copyright | Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com |
| Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |