| |||||||||||||||||||
Pardus alert 2011-107 (wireshark)
------------------------------------------------------------------------ Pardus Linux Security Advisory 2011-107 security@pardus.org.tr ------------------------------------------------------------------------ Date: 2011-08-04 Type: Remote ------------------------------------------------------------------------ Summary ======= A vulnerability has been fixed in wireshark Description =========== CVE-2011-2597: The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service (infinite loop) via malformed packets. CVE-2011-2698: An infinite loop was found in the way ANSI A Interface (IS-634/IOS) dissector of the Wireshark network traffic analyzer processed certain ANSI A MAP capture files. If Wireshark read a malformed packet off a network or opened a malicious packet capture file, it could lead to denial of service (Wireshark hang). Affected packages: Pardus 2009: wireshark, all before 1.4.8-46-23 Resolution ========== There are update(s) for wireshark. You can update them via Package Manager or with a single command from console: pisi up wireshark References ========== * http://bugs.pardus.org.tr/show_bug.cgi?id=18775 ------------------------------------------------------------------------ _______________________________________________ Pardus-Security mailing list Pardus-Security@pardus.org.tr http://liste.pardus.org.tr/mailman/listinfo/pardus-security (Log in to post comments)
|
|||||||||||||||||||