| |||||||||||||||||||
Mageia alert MGASA-2012-0210 (wireshark)
MGASA-2012-0210 Date: August 12th, 2012 Affected releases: 2 Description: Updated wireshark packages fix security vulnerabilities: The PPP dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via a crafted packet, as demonstrated by a usbmon dump (CVE-2012-4048). epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet (CVE-2012-4049). Updated Packages: dumpcap-1.6.9-1.mga2 lib(64)wireshark1-1.6.9-1.mga2 lib(64)wireshark-devel-1.6.9-1.mga2 rawshark-1.6.9-1.mga2 tshark-1.6.9-1.mga2 wireshark-1.6.9-1.mga2 wireshark-tools-1.6.9-1.mga2 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4048 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4049 http://www.wireshark.org/security/wnpa-sec-2012-11.html http://www.wireshark.org/security/wnpa-sec-2012-12.html http://www.wireshark.org/docs/relnotes/wireshark-1.6.9.html http://www.wireshark.org/news/20120722.html https://bugs.mageia.org/show_bug.cgi?id=6861 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-... (Log in to post comments)
|
|||||||||||||||||||