Mandriva Linux Security Advisory : wireshark (MDVSA-2010:016)

High Nessus Plugin ID 48169


The remote Mandriva Linux host is missing one or more security updates.


This advisory updates wireshark to the latest 1.2.5 version, fixing several bugs and two security issues :

- The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet (CVE-2009-4377)

- Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet (CVE-2009-4376)


Update the affected packages.

Plugin Details

Severity: High

ID: 48169

File Name: mandriva_MDVSA-2010-016.nasl

Version: $Revision: 1.10 $

Type: local

Published: 2010/07/30

Modified: 2016/03/07

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:dumpcap, p-cpe:/a:mandriva:linux:lib64wireshark-devel, p-cpe:/a:mandriva:linux:lib64wireshark0, p-cpe:/a:mandriva:linux:libwireshark-devel, p-cpe:/a:mandriva:linux:libwireshark0, p-cpe:/a:mandriva:linux:rawshark, p-cpe:/a:mandriva:linux:tshark, p-cpe:/a:mandriva:linux:wireshark, p-cpe:/a:mandriva:linux:wireshark-tools, cpe:/o:mandriva:linux:2010.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2010/01/19

Reference Information

CVE: CVE-2009-4376, CVE-2009-4377

BID: 37407

OSVDB: 61177, 61178

MDVSA: 2010:016

CWE: 119