43821

RHSA-2011:0370

ADV-2011-0719

https://bugzilla.redhat.com/show_bug.cgi?id=671331

From Red Hat Security Advisory 2011:0370 :

Updated wireshark packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5.

The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal.

A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2011-0024)

Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2010-3445, CVE-2011-0538, CVE-2011-1139, CVE-2011-1140, CVE-2011-1141, CVE-2011-1143)

Users of Wireshark should upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of Wireshark must be restarted for the update to take effect.

A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2011-0024)

Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2010-3445, CVE-2011-0538, CVE-2011-1139, CVE-2011-1140, CVE-2011-1141, CVE-2011-1143)

All running instances of Wireshark must be restarted for the update to take effect.

The remote host is affected by the vulnerability described in GLSA-201110-02 (Wireshark: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Wireshark. Please       review the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could send specially crafted packets on a network       being monitored by Wireshark, entice a user to open a malformed packet       trace file using Wireshark, or deploy a specially crafted Lua script for       use by Wireshark, possibly resulting in the execution of arbitrary code,       or a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

Updated wireshark packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5.

The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal.

A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2011-0024)

Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2010-3445, CVE-2011-0538, CVE-2011-1139, CVE-2011-1140, CVE-2011-1141, CVE-2011-1143)

Users of Wireshark should upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of Wireshark must be restarted for the update to take effect.

ID	Name	Product	Family	Severity
68232	Oracle Linux 4 / 5 : wireshark (ELSA-2011-0370)	Nessus	Oracle Linux Local Security Checks	high
60991	Scientific Linux Security Update : wireshark on SL4.x, SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	high
56426	GLSA-201110-02 : Wireshark: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
52757	CentOS 4 / 5 : wireshark (CESA-2011:0370)	Nessus	CentOS Local Security Checks	high
52750	RHEL 4 / 5 : wireshark (RHSA-2011:0370)	Nessus	Red Hat Local Security Checks	high

CVE-2011-0024

high

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

Vulnerable Software

Configuration 1

Tenable Plugins

high

high

critical

high

high