Mandriva Linux Security Advisory 2011-044 - This advisory updates wireshark to the latest version (1.2.15), fixing several security issues. Wireshark 1.5.0, 1.4.3, and earlier frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a malformed file. Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file. wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field. Various other issues have been addressed as well.
226b5891bf60e311e70b2e108a9605a209856a8dce1a91a24138ea6d7b6b5cdf
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2011:044
http://www.mandriva.com/security/
_______________________________________________________________________
Package : wireshark
Date : March 8, 2011
Affected: 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
This advisory updates wireshark to the latest version (1.2.15),
fixing several security issues:
Wireshark 1.5.0, 1.4.3, and earlier frees an uninitialized pointer
during processing of a .pcap file in the pcap-ng format, which allows
remote attackers to cause a denial of service (memory corruption)
or possibly have unspecified other impact via a malformed file
(CVE-2011-0538).
Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark
1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers
to cause a denial of service (application crash) or possibly have
unspecified other impact via a long record in a Nokia DCT3 trace file
(CVE-2011-0713).
wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through
1.4.3 allows remote attackers to cause a denial of service (application
crash) via a pcap-ng file that contains a large packet-length field
(CVE-2011-1139).
Multiple stack consumption vulnerabilities in the
dissect_ms_compressed_string and dissect_mscldap_string functions in
Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow
remote attackers to cause a denial of service (infinite recursion)
via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet
(CVE-2011-1140).
epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14,
and 1.4.0 through 1.4.3 allows remote attackers to cause a denial
of service (memory consumption) via (1) a long LDAP filter string or
(2) an LDAP filter string containing many elements (CVE-2011-1141).
Stack consumption vulnerability in the dissect_ber_choice function in
the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through
1.4.4 might allow remote attackers to cause a denial of service
(infinite loop) via vectors involving self-referential ASN.1 CHOICE
values (CVE-2011-1142).
The updated packages have been upgraded to the latest 1.2.x version
(1.2.15) and patched to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0538
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0713
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1139
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1140
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1141
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1142
http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2010.0:
4db846abbacf7eac286b74f86382d238 2010.0/i586/dumpcap-1.2.15-0.1mdv2010.0.i586.rpm
3b4fe6b8e1edb2cbd83179d97fd84f23 2010.0/i586/libwireshark0-1.2.15-0.1mdv2010.0.i586.rpm
890665f35f7876060b247509ce31fd37 2010.0/i586/libwireshark-devel-1.2.15-0.1mdv2010.0.i586.rpm
e8232ea22a396aca9bf71031f247fa01 2010.0/i586/rawshark-1.2.15-0.1mdv2010.0.i586.rpm
d5536e102b608ed0665549e5e0ab507e 2010.0/i586/tshark-1.2.15-0.1mdv2010.0.i586.rpm
40d642d0cfb665ff3f8755e05638eac0 2010.0/i586/wireshark-1.2.15-0.1mdv2010.0.i586.rpm
0a8e773f4a0e1981342b7bb8b6816941 2010.0/i586/wireshark-tools-1.2.15-0.1mdv2010.0.i586.rpm
4fed7a360885bd7024b9c3fd69504224 2010.0/SRPMS/wireshark-1.2.15-0.1mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64:
62a1fda0c386e0aa6d3aadd8c3f7d62c 2010.0/x86_64/dumpcap-1.2.15-0.1mdv2010.0.x86_64.rpm
d17ac71ad6ce839c8c3a81a0a06793de 2010.0/x86_64/lib64wireshark0-1.2.15-0.1mdv2010.0.x86_64.rpm
9235c2a8549951df7c77b07606962bc8 2010.0/x86_64/lib64wireshark-devel-1.2.15-0.1mdv2010.0.x86_64.rpm
691e8294144bedac0d49ea8b92b07240 2010.0/x86_64/rawshark-1.2.15-0.1mdv2010.0.x86_64.rpm
236960ab7c21e9b5e7646db762924b8d 2010.0/x86_64/tshark-1.2.15-0.1mdv2010.0.x86_64.rpm
c1794b390d93cdbfaf05eb8bd36019a1 2010.0/x86_64/wireshark-1.2.15-0.1mdv2010.0.x86_64.rpm
148720aac3f7a0d7a981420caaea4616 2010.0/x86_64/wireshark-tools-1.2.15-0.1mdv2010.0.x86_64.rpm
4fed7a360885bd7024b9c3fd69504224 2010.0/SRPMS/wireshark-1.2.15-0.1mdv2010.0.src.rpm
Mandriva Linux 2010.1:
313756ef8291ba01def8a2e004903ca4 2010.1/i586/dumpcap-1.2.15-0.1mdv2010.2.i586.rpm
cb340c3a4c8e3c900f4e54cdacf7d03d 2010.1/i586/libwireshark0-1.2.15-0.1mdv2010.2.i586.rpm
49755a2744bc696fc901380b25768bd0 2010.1/i586/libwireshark-devel-1.2.15-0.1mdv2010.2.i586.rpm
2dcd879857499f43a6700a4071b19963 2010.1/i586/rawshark-1.2.15-0.1mdv2010.2.i586.rpm
10df6360560c06cf88052154a0bf8437 2010.1/i586/tshark-1.2.15-0.1mdv2010.2.i586.rpm
76b1f8d1ca0ec660e6ede9b2d102d48d 2010.1/i586/wireshark-1.2.15-0.1mdv2010.2.i586.rpm
6bc7cea10fa45d475c784fb2c8248726 2010.1/i586/wireshark-tools-1.2.15-0.1mdv2010.2.i586.rpm
f09a4605b705ff31a3651dcc053f25f4 2010.1/SRPMS/wireshark-1.2.15-0.1mdv2010.2.src.rpm
Mandriva Linux 2010.1/X86_64:
e0c96a4008943f5ca581792311f12e20 2010.1/x86_64/dumpcap-1.2.15-0.1mdv2010.2.x86_64.rpm
36471ca2f5677034fddd10b896f0fc35 2010.1/x86_64/lib64wireshark0-1.2.15-0.1mdv2010.2.x86_64.rpm
0fb2d5a647ab250975581e2dc56298f7 2010.1/x86_64/lib64wireshark-devel-1.2.15-0.1mdv2010.2.x86_64.rpm
b682b69bd02a4af2cf92948325f4ba07 2010.1/x86_64/rawshark-1.2.15-0.1mdv2010.2.x86_64.rpm
e91b89417c8bd1d15fe393c42300a22c 2010.1/x86_64/tshark-1.2.15-0.1mdv2010.2.x86_64.rpm
7b35a9b7557647bd42c30039c84df63d 2010.1/x86_64/wireshark-1.2.15-0.1mdv2010.2.x86_64.rpm
8ad221f477df7c831dd7adb8d3853c34 2010.1/x86_64/wireshark-tools-1.2.15-0.1mdv2010.2.x86_64.rpm
f09a4605b705ff31a3651dcc053f25f4 2010.1/SRPMS/wireshark-1.2.15-0.1mdv2010.2.src.rpm
Corporate 4.0:
b54d69de13126f0d38341c68eb3a103a corporate/4.0/i586/dumpcap-1.2.15-0.1.20060mlcs4.i586.rpm
a61b9590c904a2355055fedca1b9b376 corporate/4.0/i586/libwireshark0-1.2.15-0.1.20060mlcs4.i586.rpm
bd330514a919d44489ee73ef2710f8a6 corporate/4.0/i586/libwireshark-devel-1.2.15-0.1.20060mlcs4.i586.rpm
a06f9556aa334259587f97a9573daccf corporate/4.0/i586/rawshark-1.2.15-0.1.20060mlcs4.i586.rpm
1cb24f08ae6c9b4fd35ca5a7cc46ea71 corporate/4.0/i586/tshark-1.2.15-0.1.20060mlcs4.i586.rpm
28a9e9b31bdc61e3867642b40d1d4207 corporate/4.0/i586/wireshark-1.2.15-0.1.20060mlcs4.i586.rpm
caa214a512036a64ed1be90c08f422a4 corporate/4.0/i586/wireshark-tools-1.2.15-0.1.20060mlcs4.i586.rpm
3066aaf92bf7a6c6337f312d5517bf17 corporate/4.0/SRPMS/wireshark-1.2.15-0.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
bceab74e6623f826ae274f51beb093da corporate/4.0/x86_64/dumpcap-1.2.15-0.1.20060mlcs4.x86_64.rpm
ece3a66edb8e6daf517d0383ae580ebf corporate/4.0/x86_64/lib64wireshark0-1.2.15-0.1.20060mlcs4.x86_64.rpm
24bb291540e2e38e01ac49eabba230b5 corporate/4.0/x86_64/lib64wireshark-devel-1.2.15-0.1.20060mlcs4.x86_64.rpm
408303a4088968c02465938289a1def9 corporate/4.0/x86_64/rawshark-1.2.15-0.1.20060mlcs4.x86_64.rpm
ae3b781a2bd1a88ad508503e65bfe908 corporate/4.0/x86_64/tshark-1.2.15-0.1.20060mlcs4.x86_64.rpm
da14c4f3b67a3670a8204ace7ef883d7 corporate/4.0/x86_64/wireshark-1.2.15-0.1.20060mlcs4.x86_64.rpm
3a63c5a1573e2be58eb66b6780690a18 corporate/4.0/x86_64/wireshark-tools-1.2.15-0.1.20060mlcs4.x86_64.rpm
3066aaf92bf7a6c6337f312d5517bf17 corporate/4.0/SRPMS/wireshark-1.2.15-0.1.20060mlcs4.src.rpm
Mandriva Enterprise Server 5:
ed5b46f90ae7e3219b73e7ba3d63737e mes5/i586/dumpcap-1.2.15-0.1mdvmes5.1.i586.rpm
4d64232986ad602bb4d763785bd4225f mes5/i586/libwireshark0-1.2.15-0.1mdvmes5.1.i586.rpm
3dbad1f1ce77ae5c7f187cb235af6907 mes5/i586/libwireshark-devel-1.2.15-0.1mdvmes5.1.i586.rpm
0cea9f898ec74532ecfca73c481ada5e mes5/i586/rawshark-1.2.15-0.1mdvmes5.1.i586.rpm
c644686c96c57dfc193aa6ec741abe8c mes5/i586/tshark-1.2.15-0.1mdvmes5.1.i586.rpm
d4d77402584f592db8c5e5d67b9826a1 mes5/i586/wireshark-1.2.15-0.1mdvmes5.1.i586.rpm
b0d930a2853cc902dd053a372d2a0875 mes5/i586/wireshark-tools-1.2.15-0.1mdvmes5.1.i586.rpm
65cbe21540fa2ca0e9959a504c7f39e1 mes5/SRPMS/wireshark-1.2.15-0.1mdvmes5.1.src.rpm
Mandriva Enterprise Server 5/X86_64:
e8abbf279ba644e0fb10c7c3f96d2e06 mes5/x86_64/dumpcap-1.2.15-0.1mdvmes5.1.x86_64.rpm
c24e9df37b1bfd0376a9e64140900fb9 mes5/x86_64/lib64wireshark0-1.2.15-0.1mdvmes5.1.x86_64.rpm
9259fd0e8598b196df1aebc6c7b6af29 mes5/x86_64/lib64wireshark-devel-1.2.15-0.1mdvmes5.1.x86_64.rpm
6120f4f49cb3049ef19a301b1f6cffa6 mes5/x86_64/rawshark-1.2.15-0.1mdvmes5.1.x86_64.rpm
5b42fd6f31a1e03e22c8eb147d1fe1b0 mes5/x86_64/tshark-1.2.15-0.1mdvmes5.1.x86_64.rpm
8e578ce025a5a732d0b165bffa49a9d8 mes5/x86_64/wireshark-1.2.15-0.1mdvmes5.1.x86_64.rpm
030f6a2f8319c927a894e8797dfacc82 mes5/x86_64/wireshark-tools-1.2.15-0.1mdvmes5.1.x86_64.rpm
65cbe21540fa2ca0e9959a504c7f39e1 mes5/SRPMS/wireshark-1.2.15-0.1mdvmes5.1.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFNdjjzmqjQ0CJFipgRAt7cAJ4qeESyciH7ZTihsuyYI4PpXFM1WgCgilDh
OnNa6ktZICEoIRov8hhFAGg=
=FR2J
-----END PGP SIGNATURE-----