Mandriva Linux Security Advisory : wireshark (MDVSA-2010:016)
High Nessus Plugin ID 48169
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionThis advisory updates wireshark to the latest 1.2.5 version, fixing several bugs and two security issues :
- The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet (CVE-2009-4377)
- Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet (CVE-2009-4376)
SolutionUpdate the affected packages.