Mandriva Linux Security Advisory : wireshark (MDVSA-2011:164)
Medium Nessus Plugin ID 61934
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionThis advisory updates wireshark to the latest version (1.6.3), fixing several security issues :
An uninitialized variable in the CSN.1 dissector could cause a crash (CVE-2011-4100).
Huzaifa Sidhpurwala of Red Hat Security Response Team discovered that the Infiniband dissector could dereference a NULL pointer (CVE-2011-4101).
Huzaifa Sidhpurwala of Red Hat Security Response Team discovered a buffer overflow in the ERF file reader (CVE-2011-4102).
The updated packages have been upgraded to the latest 1.6.x version (1.6.3) which is not vulnerable to these issues.
SolutionUpdate the affected packages.