User: Password:
|
|
Subscribe / Log in / New account

Pardus alert 2011-107 (wireshark)

From:  Meltem Parmaksız <meltem@pardus.org.tr>
To:  pardus-security@pardus.org.tr
Subject:  [Pardus-security] [PLSA 2011-107] wireshark: Multiple Vulnerabilities
Date:  Mon, 8 Aug 2011 16:25:53 +0300
Message-ID:  <201108081625.53645.meltem@pardus.org.tr>
Archive-link:  Article, Thread

------------------------------------------------------------------------ Pardus Linux Security Advisory 2011-107 security@pardus.org.tr ------------------------------------------------------------------------ Date: 2011-08-04 Type: Remote ------------------------------------------------------------------------ Summary ======= A vulnerability has been fixed in wireshark Description =========== CVE-2011-2597: The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service (infinite loop) via malformed packets. CVE-2011-2698: An infinite loop was found in the way ANSI A Interface (IS-634/IOS) dissector of the Wireshark network traffic analyzer processed certain ANSI A MAP capture files. If Wireshark read a malformed packet off a network or opened a malicious packet capture file, it could lead to denial of service (Wireshark hang). Affected packages: Pardus 2009: wireshark, all before 1.4.8-46-23 Resolution ========== There are update(s) for wireshark. You can update them via Package Manager or with a single command from console: pisi up wireshark References ========== * http://bugs.pardus.org.tr/show_bug.cgi?id=18775 ------------------------------------------------------------------------ _______________________________________________ Pardus-Security mailing list Pardus-Security@pardus.org.tr http://liste.pardus.org.tr/mailman/listinfo/pardus-security


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds