Pardus alert 2010-26 (wireshark)

From:
    	     
 
Eren Turkay <eren@pardus.org.tr> 
To:
    	     
 
pardus-security@pardus.org.tr 
Subject:
    	     
 
[Pardus-security] [PLSA 2010-26] Wireshark: Buffer Overflow 
Date:
    	     
 
Tue,  2 Feb 2010 21:32:36 +0200 (EET)
Message-ID:
    	     
 
<20100202193236.879A1A7AB26@lider.pardus.org.tr>
Archive-link:
    	     
 
Article, Thread
              
------------------------------------------------------------------------
Pardus Linux Security Advisory 2010-26            security@pardus.org.tr
------------------------------------------------------------------------
      Date: 2010-02-02
  Severity: 3
      Type: Remote
------------------------------------------------------------------------

Summary
=======

Multiple vulnerabilities have been fixed in  Wireshark,  which  can  be 
exploited by malicious people to cause a denial of service. 


Description
===========

Buffer overflows in LWRES dissector allow remote attackers to  cause  a 
denial of service via specifically crafted packet. 


Affected packages:

  Pardus 2009:
    wireshark, all before 1.2.6-33-9


Resolution
==========

There are update(s) for wireshark. You  can  update  them  via  Package 
Manager or with a single command from console: 

    pisi up wireshark

References
==========

  * http://bugs.pardus.org.tr/show_bug.cgi?id=12168
  * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0304
  * http://www.wireshark.org/security/wnpa-sec-2010-02.html

------------------------------------------------------------------------

_______________________________________________
Pardus-security mailing list
Pardus-security@pardus.org.tr
http://liste.pardus.org.tr/mailman/listinfo/pardus-security