wireshark-1.0.15-1.4.0.1.AXS3

エラータID: AXSA:2011-109:02

Release date: 
Thursday, March 24, 2011 - 15:12
Subject: 
wireshark-1.0.15-1.4.0.1.AXS3
Affected Channels: 
Asianux Server 3 for x86_64
Asianux Server 3 for x86
Severity: 
High
Description: 

This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package.
Security issues fixed with this release:
CVE-2010-3445
Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP.
CVE-2011-0024
No description available at the time of writing, please refer to the CVE link below.
CVE-2011-0538
Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file.
CVE-2011-1139
wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field.
CVE-2011-1140
Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet.
CVE-2011-1141
epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements.
CVE-2011-1143
epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.

Solution: 

Update packages.

CVEs: 
CVE-2010-3445
Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP.
CVE-2011-0024
Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted capture file.
CVE-2011-0538
Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file.
CVE-2011-1139
wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field.
CVE-2011-1140
Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet.
CVE-2011-1141
epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements.
CVE-2011-1143
epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.


Additional Info: 

N/A

Download: 

SRPMS
  1. wireshark-1.0.15-1.4.0.1.AXS3.src.rpm
    MD5: b253f7c3fbfef69e778cf01bd01de871
    SHA-256: 618b096b614e0e7429cbe75b7a7e808667d17beee77d0ed2ab557e3f519cffea
    Size: 12.81 MB

Asianux Server 3 for x86
  1. wireshark-1.0.15-1.4.0.1.AXS3.i386.rpm
    MD5: 94243243513af9ff9fdad197593dc98c
    SHA-256: 8ba87b080546b24acd914fd27aaf1e73f60e63388d3a3e1b9de2b1dd21b1bdea
    Size: 10.70 MB
  2. wireshark-gnome-1.0.15-1.4.0.1.AXS3.i386.rpm
    MD5: 48378f95a773e506b9f028918527e1a8
    SHA-256: 23f759eccc4fdf2ff2cfdac9c7641930f1a459256fc11130e9b53358e10f282f
    Size: 671.38 kB

Asianux Server 3 for x86_64
  1. wireshark-1.0.15-1.4.0.1.AXS3.x86_64.rpm
    MD5: a725bf762e9333d4888f96df55ed6fec
    SHA-256: 5fac548c4c338d75752efba09a72197e4ef0b42d5a5dc90ea108b9bf50fd788f
    Size: 12.00 MB
  2. wireshark-gnome-1.0.15-1.4.0.1.AXS3.x86_64.rpm
    MD5: 862e8938fe08e8de903cc4d31c70393f
    SHA-256: 2481bcd05a45be89aedd521bf9c2f822e9d7b48678bf3519fae0e9c16671964d
    Size: 698.03 kB