User: Password:
Subscribe / Log in / New account

Pardus alert 2011-107 (wireshark)

From:  Meltem Parmaksız <>
Subject:  [Pardus-security] [PLSA 2011-107] wireshark: Multiple Vulnerabilities
Date:  Mon, 8 Aug 2011 16:25:53 +0300
Message-ID:  <>
Archive-link:  Article, Thread

------------------------------------------------------------------------ Pardus Linux Security Advisory 2011-107 ------------------------------------------------------------------------ Date: 2011-08-04 Type: Remote ------------------------------------------------------------------------ Summary ======= A vulnerability has been fixed in wireshark Description =========== CVE-2011-2597: The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service (infinite loop) via malformed packets. CVE-2011-2698: An infinite loop was found in the way ANSI A Interface (IS-634/IOS) dissector of the Wireshark network traffic analyzer processed certain ANSI A MAP capture files. If Wireshark read a malformed packet off a network or opened a malicious packet capture file, it could lead to denial of service (Wireshark hang). Affected packages: Pardus 2009: wireshark, all before 1.4.8-46-23 Resolution ========== There are update(s) for wireshark. You can update them via Package Manager or with a single command from console: pisi up wireshark References ========== * ------------------------------------------------------------------------ _______________________________________________ Pardus-Security mailing list

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds