Scientific Linux Security Update : wireshark on SL6.x i386/x86_64
High Nessus Plugin ID 60911
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionA heap-based buffer overflow flaw was found in the Wireshark Local Download Sharing Service (LDSS) dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2010-4300)
A denial of service flaw was found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2010-3445)
All running instances of Wireshark must be restarted for the update to take effect.
SolutionUpdate the affected wireshark, wireshark-devel and / or wireshark-gnome packages.