wireshark-1.0.6-2.1AXS3

エラータID: AXSA:2009-26:01

Release date: 
Monday, March 16, 2009 - 13:46
Subject: 
wireshark-1.0.6-2.1AXS3
Affected Channels: 
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity: 
High
Description: 

Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package.
Fixed bugs:
CVE-2008-4680
packet-usb.c in the USB dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a malformed USB Request Block (URB).
CVE-2008-4681
Unspecified vulnerability in the Bluetooth RFCOMM dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via unknown packets.
CVE-2008-4682
wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application abort) via a malformed Tamos CommView capture file (aka .ncf file) with an unknown/unexpected packet type that triggers a failed assertion.
CVE-2008-4683
The dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a packet with an invalid length, related to an erroneous tvb_memcpy call.
CVE-2008-4684
packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post dissector.
CVE-2008-4685
Use-after-free vulnerability in the dissect_q931_cause_ie function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via certain packets that trigger an exception.
CVE-2008-5285
Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop.
CVE-2009-0599
Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed NetScreen snoop file.
CVE-2009-0600
Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly one frame.

Solution: 

Update packages.

CVEs: 
CVE-2008-4680
packet-usb.c in the USB dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a malformed USB Request Block (URB).
CVE-2008-4681
Unspecified vulnerability in the Bluetooth RFCOMM dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via unknown packets.
CVE-2008-4682
wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application abort) via a malformed Tamos CommView capture file (aka .ncf file) with an "unknown/unexpected packet type" that triggers a failed assertion.
CVE-2008-4683
The dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a packet with an invalid length, related to an erroneous tvb_memcpy call.
CVE-2008-4684
packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post dissector.
CVE-2008-4685
Use-after-free vulnerability in the dissect_q931_cause_ie function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via certain packets that trigger an exception.
CVE-2008-5285
Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop.
CVE-2009-0599
Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed NetScreen snoop file.
CVE-2009-0600
Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly one frame.




Additional Info: 

N/A

Download: 

SRPMS
  1. wireshark-1.0.6-2.1AXS3.src.rpm
    MD5: 29e709ffc085a72a7c30aaa851ad2558
    SHA-256: 53862333526db7d1ec2d5f957a09167fbe950c772aab6ed3d78d7cc2ec6174b3
    Size: 12.55 MB

Asianux Server 3 for x86
  1. wireshark-1.0.6-2.1AXS3.i386.rpm
    MD5: 0e31a515e3d7cebfd64193ff9991f3c6
    SHA-256: c143a181e7482ecba7def2ae623f92939ab356963e575da609face19e4c5e0a0
    Size: 10.53 MB
  2. wireshark-gnome-1.0.6-2.1AXS3.i386.rpm
    MD5: 649f24f79844af72abbe6eaee72e2ee6
    SHA-256: d482bff3dd9babcc2895af1126b3958b14cd0f4ce172a889fd6721921f4f60cc
    Size: 675.26 kB

Asianux Server 3 for x86_64
  1. wireshark-1.0.6-2.1AXS3.x86_64.rpm
    MD5: 5e7d42ad06825d84345df522391f4c4b
    SHA-256: c362e68800bdd782e30ca61d40f4f2c0e5a9fddd21e63ea069c746fe51755ada
    Size: 11.01 MB
  2. wireshark-gnome-1.0.6-2.1AXS3.x86_64.rpm
    MD5: db09c809ea6613f45f5e8160271212ac
    SHA-256: a72403447e0232c2072c47c8963256e89536cb33b0c48c4d64fb5910cf1f497f
    Size: 698.46 kB