Scientific Linux Security Update : wireshark on SL4.x i386/x86_64
High Nessus Plugin ID 60312
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionSeveral denial of service bugs were found in Wireshark's HTTP, iSeries, DCP ETSI, SSL, MMS, DHCP and BOOTP protocol dissectors. It was possible for Wireshark to crash or stop responding if it read a malformed packet off the network. (CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392, CVE-2007-3393)
Wireshark would interpret certain completion codes incorrectly when dissecting IPMI traffic. Additionally, IPMI 2.0 packets would be reported as malformed IPMI traffic.
SolutionUpdate the affected wireshark and / or wireshark-gnome packages.