wireshark-1.0.11-1.5.0.1.AXS3

エラータID: AXSA:2010-244:01

Release date: 
Thursday, April 22, 2010 - 19:45
Subject: 
wireshark-1.0.11-1.5.0.1.AXS3
Affected Channels: 
Asianux Server 3 for x86_64
Asianux Server 3 for x86
Severity: 
High
Description: 

This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package.
Security issues fixed with this release:
CVE-2009-2560
Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissector. NOTE: it was later reported that the RADIUS issue also affects 0.10.13 through 1.0.9.
CVE-2009-2562
Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors.
CVE-2009-2563
Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors.
CVE-2009-3550
The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party information.
CVE-2009-3829
Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability."
CVE-2009-4377
The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap.
CVE-2010-0304
Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allow remote attackers to cause a denial of service (crash) via a malformed packet, as demonstrated using a stack-based buffer overflow to the dissect_getaddrsbyname_request function.

Solution: 

Update packages.

CVEs: 
CVE-2009-2560
Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissector. NOTE: it was later reported that the RADIUS issue also affects 0.10.13 through 1.0.9.
CVE-2009-2562
Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors.
CVE-2009-2563
Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors.
CVE-2009-3550
The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party information.
CVE-2009-3829
Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability."
CVE-2009-4377
The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap.
CVE-2010-0304
Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allow remote attackers to cause a denial of service (crash) via a malformed packet, as demonstrated using a stack-based buffer overflow to the dissect_getaddrsbyname_request function.
Additional Info: 

N/A

Download: 

SRPMS
  1. wireshark-1.0.11-1.5.0.1.AXS3.src.rpm
    MD5: 27692e816ba50b23fd89874876be0034
    SHA-256: 5a445839ca8800cea3e69c37e8d82a2fb619039e964870977d4819a819301f4f
    Size: 12.78 MB

Asianux Server 3 for x86
  1. wireshark-1.0.11-1.5.0.1.AXS3.i386.rpm
    MD5: 9388896c0ed66904df64749b0116d7cb
    SHA-256: 5f8f1f22654848a6ff2abb2f34ce9bd323c31c1d4a94118de4565ba27384d736
    Size: 10.54 MB
  2. wireshark-gnome-1.0.11-1.5.0.1.AXS3.i386.rpm
    MD5: 664ee15b14cb1f210a1648001ba52eed
    SHA-256: 5dabd68923f6b66a144f052b991463848cd9621e24cfb091973942a505f3b193
    Size: 670.79 kB

Asianux Server 3 for x86_64
  1. wireshark-1.0.11-1.5.0.1.AXS3.x86_64.rpm
    MD5: 667b5aa78c9e1f6726d9727c75ef1a36
    SHA-256: d361720dde3eb5c679b508e5f9e2eee7931d394cb6429520cb45be3dcf0485af
    Size: 11.85 MB
  2. wireshark-gnome-1.0.11-1.5.0.1.AXS3.x86_64.rpm
    MD5: cbed2db141f9263b1eda06576e928372
    SHA-256: 64df2fe344b7b51482f1305062114735db4715757b64bc4f814f637822a8fc34
    Size: 697.56 kB