Mandriva Linux Security Advisory : wireshark (MDVSA-2011:164)

Medium Nessus Plugin ID 61934


The remote Mandriva Linux host is missing one or more security updates.


This advisory updates wireshark to the latest version (1.6.3), fixing several security issues :

An uninitialized variable in the CSN.1 dissector could cause a crash (CVE-2011-4100).

Huzaifa Sidhpurwala of Red Hat Security Response Team discovered that the Infiniband dissector could dereference a NULL pointer (CVE-2011-4101).

Huzaifa Sidhpurwala of Red Hat Security Response Team discovered a buffer overflow in the ERF file reader (CVE-2011-4102).

The updated packages have been upgraded to the latest 1.6.x version (1.6.3) which is not vulnerable to these issues.


Update the affected packages.

See Also

Plugin Details

Severity: Medium

ID: 61934

File Name: mandriva_MDVSA-2011-164.nasl

Version: $Revision: 1.3 $

Type: local

Published: 2012/09/06

Modified: 2013/06/01

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:dumpcap, p-cpe:/a:mandriva:linux:lib64wireshark-devel, p-cpe:/a:mandriva:linux:lib64wireshark1, p-cpe:/a:mandriva:linux:libwireshark-devel, p-cpe:/a:mandriva:linux:libwireshark1, p-cpe:/a:mandriva:linux:rawshark, p-cpe:/a:mandriva:linux:tshark, p-cpe:/a:mandriva:linux:wireshark, p-cpe:/a:mandriva:linux:wireshark-tools, cpe:/o:mandriva:linux:2011

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 2011/11/02

Reference Information

CVE: CVE-2011-4100, CVE-2011-4101, CVE-2011-4102

MDVSA: 2011:164