| Description: | Summary:
The remote host is missing an update for the 'wireshark'
package(s) announced via the referenced advisory.
Vulnerability Insight:
This advisory updates wireshark to the latest version (1.2.17),
fixing several security issues:
* Large/infinite loop in the DICOM dissector. (Bug 5876) Versions
affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
* Huzaifa Sidhpurwala of the Red Hat Security Response Team
discovered that a corrupted Diameter dictionary file could crash
Wireshark. Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
* Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
that a corrupted snoop file could crash Wireshark. (Bug 5912) Versions
affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
* David Maciejak of Fortinet's FortiGuard Labs discovered that
malformed compressed capture data could crash Wireshark. (Bug 5908)
Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
* Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
that a corrupted Visual Networks file could crash Wireshark. (Bug 5934)
Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
Affected Software/OS:
wireshark on Mandriva Linux 2010.1,
Mandriva Linux 2010.1/X86_64,
Mandriva Enterprise Server 5,
Mandriva Enterprise Server 5/X86_64
Solution:
Please Install the Updated Packages.
CVSS Score:
4.3
CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
|
