Mandriva Linux Security Advisory : wireshark (MDVSA-2008:242)
Medium Nessus Plugin ID 37127
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionTwo vulnerabilities were discovered in Wireshark. The first is a vulnerability in the SMTP dissector that could cause it to consume excessive CPU and memory via a long SMTP request (CVE-2008-5285).
The second is an issue with the WLCCP dissector that could cause it to go into an infinite loop.
This update also provides a patch to fix a potential freeze during capture interface selection.
This update provides Wireshark 1.0.5, which is not vulnerable to these issues.
SolutionUpdate the affected packages.