Home / vulnerabilitiesPDF  

MDVSA-2008-1.txt

Posted on 03 January 2008
Source : packetstormsecurity.org Link

 


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2008:1
http://www.mandriva.com/security/
_______________________________________________________________________

Package : wireshark
Date : January 2, 2008
Affected: 2007.0, 2007.1, 2008.0, Corporate 4.0
_______________________________________________________________________

Problem Description:

A number of vulnerabilities in the Wireshark program were found that
could cause crashes, excessive looping, or arbitrary code execution.

This update rovides Wireshark 0.99.7 which is not vulnerable to
these issues.

An updated version of libsmi is also being provided, not because
of security issues, but because this version of wireshark uses it
instead of net-snmp for SNMP support.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6111
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6114
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6115
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6116
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6117
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6118
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6119
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6120
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6121
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6438
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6439
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6441
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6450
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6451
http://www.wireshark.org/security/wnpa-sec-2007-03.html
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2007.0:
3b8e9077915d6d2b26334de8d2f845fe 2007.0/i586/libsmi-mibs-ext-0.4.5-2.2mdv2007.0.i586.rpm
dbe6a64db1d2fccb573a3e3f67f973f8 2007.0/i586/libsmi-mibs-std-0.4.5-2.2mdv2007.0.i586.rpm
87d655b543be31d5ae0f58a8dbf97027 2007.0/i586/libsmi2-0.4.5-2.2mdv2007.0.i586.rpm
4ff75e902911eb3ff3fdf307220ca62d 2007.0/i586/libsmi2-devel-0.4.5-2.2mdv2007.0.i586.rpm
49765d2627d5d361fea25034a7cffdb3 2007.0/i586/libwireshark0-0.99.7-0.1mdv2007.0.i586.rpm
0a01841128e59b2f7d176294017c6763 2007.0/i586/smi-tools-0.4.5-2.2mdv2007.0.i586.rpm
8aa19bb4d1e9117ca49513cc59029796 2007.0/i586/tshark-0.99.7-0.1mdv2007.0.i586.rpm
3bc0b4bab65defa5bf6e35759031fcb7 2007.0/i586/wireshark-0.99.7-0.1mdv2007.0.i586.rpm
c0c54d8444367c6183c62cece8cac049 2007.0/i586/wireshark-tools-0.99.7-0.1mdv2007.0.i586.rpm
7968c27be369f6b1f420fa24a4a515a1 2007.0/SRPMS/libsmi-0.4.5-2.2mdv2007.0.src.rpm
93d4485e496435ada84767d57f7c1225 2007.0/SRPMS/wireshark-0.99.7-0.1mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
5f6ce5ab3aec1f5127103b072bd119f8 2007.0/x86_64/lib64smi2-0.4.5-2.2mdv2007.0.x86_64.rpm
be3c430ecada008c60cf35e286825708 2007.0/x86_64/lib64smi2-devel-0.4.5-2.2mdv2007.0.x86_64.rpm
c6fe3c1044e2dd49e6ba317ccb894584 2007.0/x86_64/lib64wireshark0-0.99.7-0.1mdv2007.0.x86_64.rpm
9d8536864c09ad40dd4224fa3b0d574d 2007.0/x86_64/libsmi-mibs-ext-0.4.5-2.2mdv2007.0.x86_64.rpm
6f038a40025193ca8051b0460fb7caa5 2007.0/x86_64/libsmi-mibs-std-0.4.5-2.2mdv2007.0.x86_64.rpm
68369d61905e99fe3ccaf53f5e57bc8e 2007.0/x86_64/smi-tools-0.4.5-2.2mdv2007.0.x86_64.rpm
c26ac8fc5775cd607c661690329ab1e1 2007.0/x86_64/tshark-0.99.7-0.1mdv2007.0.x86_64.rpm
d459878bb96b1876b5bd6bb474e4a7ce 2007.0/x86_64/wireshark-0.99.7-0.1mdv2007.0.x86_64.rpm
0f8cb96e05b83022fb31444bc01e08c3 2007.0/x86_64/wireshark-tools-0.99.7-0.1mdv2007.0.x86_64.rpm
7968c27be369f6b1f420fa24a4a515a1 2007.0/SRPMS/libsmi-0.4.5-2.2mdv2007.0.src.rpm
93d4485e496435ada84767d57f7c1225 2007.0/SRPMS/wireshark-0.99.7-0.1mdv2007.0.src.rpm

Mandriva Linux 2007.1:
d4f8fcfde7e4a5f547282829163a6838 2007.1/i586/libsmi-mibs-ext-0.4.5-2.2mdv2007.1.i586.rpm
be6c823a10d7dd7ea3b23da1606e30a7 2007.1/i586/libsmi-mibs-std-0.4.5-2.2mdv2007.1.i586.rpm
ae2f88e691ebb0b376a136fa2f7a5949 2007.1/i586/libsmi2-0.4.5-2.2mdv2007.1.i586.rpm
245b8d9a9b8f85437f8c4aebb81479c6 2007.1/i586/libsmi2-devel-0.4.5-2.2mdv2007.1.i586.rpm
8fe776c3019f672043e5346fd4462995 2007.1/i586/libwireshark0-0.99.7-0.1mdv2007.1.i586.rpm
42fb7f4c0baaed536c933adc1e4cb07c 2007.1/i586/smi-tools-0.4.5-2.2mdv2007.1.i586.rpm
1fefa448daf9412b9475a1fcb908ddc4 2007.1/i586/tshark-0.99.7-0.1mdv2007.1.i586.rpm
6df4f1564d1d20087b87ad12c2afc7d8 2007.1/i586/wireshark-0.99.7-0.1mdv2007.1.i586.rpm
18263c6e83de541e5c241ee90e6c07d7 2007.1/i586/wireshark-tools-0.99.7-0.1mdv2007.1.i586.rpm
db3984a957602d0d4d92b3afb3a99d4e 2007.1/SRPMS/libsmi-0.4.5-2.2mdv2007.1.src.rpm
ff37f6fc51d9f1fceb55e7cc993e7de5 2007.1/SRPMS/wireshark-0.99.7-0.1mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64:
33c0feb8826a285b520ec5779e94b193 2007.1/x86_64/lib64smi2-0.4.5-2.2mdv2007.1.x86_64.rpm
27af7f9e7aa57ae63b4afc44c7cf5509 2007.1/x86_64/lib64smi2-devel-0.4.5-2.2mdv2007.1.x86_64.rpm
49b666ff593a860f1930f66d1ce4defe 2007.1/x86_64/lib64wireshark0-0.99.7-0.1mdv2007.1.x86_64.rpm
aee09168343a531052b148ee2b8cb612 2007.1/x86_64/libsmi-mibs-ext-0.4.5-2.2mdv2007.1.x86_64.rpm
de9f9609eb2b1fa492179af10a4ae48b 2007.1/x86_64/libsmi-mibs-std-0.4.5-2.2mdv2007.1.x86_64.rpm
d8e3b591abae976a1a0171824a36c906 2007.1/x86_64/smi-tools-0.4.5-2.2mdv2007.1.x86_64.rpm
a26a60457e667e0bf28911bd17f9031f 2007.1/x86_64/tshark-0.99.7-0.1mdv2007.1.x86_64.rpm
55a41bf37f237a77b6d700521222865a 2007.1/x86_64/wireshark-0.99.7-0.1mdv2007.1.x86_64.rpm
1253938c2b8b83846fbcba775d1abfb6 2007.1/x86_64/wireshark-tools-0.99.7-0.1mdv2007.1.x86_64.rpm
db3984a957602d0d4d92b3afb3a99d4e 2007.1/SRPMS/libsmi-0.4.5-2.2mdv2007.1.src.rpm
ff37f6fc51d9f1fceb55e7cc993e7de5 2007.1/SRPMS/wireshark-0.99.7-0.1mdv2007.1.src.rpm

Mandriva Linux 2008.0:
8ddec7918618ad0c05681c9e868d5749 2008.0/i586/libsmi-devel-0.4.5-2.1mdv2008.0.i586.rpm
515291f1ea87bc98886232c88d8e77ac 2008.0/i586/libsmi-mibs-ext-0.4.5-2.1mdv2008.0.i586.rpm
428ca0dd4c11b4a52e9b8b55c1226889 2008.0/i586/libsmi-mibs-std-0.4.5-2.1mdv2008.0.i586.rpm
78d313e34cd392ad925c497d77703bd1 2008.0/i586/libsmi2-0.4.5-2.1mdv2008.0.i586.rpm
e9d9a6560a9f35a325c45142c20d73a7 2008.0/i586/libwireshark-devel-0.99.7-0.1mdv2008.0.i586.rpm
8cd27aef2b1d9a74125aa09a0fd67c62 2008.0/i586/libwireshark0-0.99.7-0.1mdv2008.0.i586.rpm
03ec7ad86e36e72f5726ef3e61d0c966 2008.0/i586/smi-tools-0.4.5-2.1mdv2008.0.i586.rpm
ddb7b8990649bc5dfb924ab138b5f166 2008.0/i586/tshark-0.99.7-0.1mdv2008.0.i586.rpm
acd81887f0c6d376c5c27c25bd9ce573 2008.0/i586/wireshark-0.99.7-0.1mdv2008.0.i586.rpm
42d89dc7de0b0d95de0b145348fbe434 2008.0/i586/wireshark-tools-0.99.7-0.1mdv2008.0.i586.rpm
1f6549a3de8de269542ed3136059de7d 2008.0/SRPMS/libsmi-0.4.5-2.1mdv2008.0.src.rpm
7d2618f7919055f24c6a5a0a642c012c 2008.0/SRPMS/wireshark-0.99.7-0.1mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
422f39bcba64fdc3034d8ae4107d0c83 2008.0/x86_64/lib64smi-devel-0.4.5-2.1mdv2008.0.x86_64.rpm
82cee9a6f246a30e3981639ad559ac99 2008.0/x86_64/lib64smi2-0.4.5-2.1mdv2008.0.x86_64.rpm
e2750893002c9f30573bf9f13e208a24 2008.0/x86_64/lib64wireshark-devel-0.99.7-0.1mdv2008.0.x86_64.rpm
053969419e2af559526b382f891d5b5e 2008.0/x86_64/lib64wireshark0-0.99.7-0.1mdv2008.0.x86_64.rpm
9e52ac6e6da6ee73a9e5ee9713b93eac 2008.0/x86_64/libsmi-mibs-ext-0.4.5-2.1mdv2008.0.x86_64.rpm
56dda40a8b674d50338c09895d5b0edb 2008.0/x86_64/libsmi-mibs-std-0.4.5-2.1mdv2008.0.x86_64.rpm
d12810fb24e625beff6000b0eb11319f 2008.0/x86_64/smi-tools-0.4.5-2.1mdv2008.0.x86_64.rpm
2a4d7a7174e29b939f7328b6c42b0cbe 2008.0/x86_64/tshark-0.99.7-0.1mdv2008.0.x86_64.rpm
d9f0965ee9bd47c2a7e29d2adb7632ce 2008.0/x86_64/wireshark-0.99.7-0.1mdv2008.0.x86_64.rpm
7045d748d1bff2cc6372efcc1fa8eee9 2008.0/x86_64/wireshark-tools-0.99.7-0.1mdv2008.0.x86_64.rpm
1f6549a3de8de269542ed3136059de7d 2008.0/SRPMS/libsmi-0.4.5-2.1mdv2008.0.src.rpm
7d2618f7919055f24c6a5a0a642c012c 2008.0/SRPMS/wireshark-0.99.7-0.1mdv2008.0.src.rpm

Corporate 4.0:
3105c7480d1466787bab5c202a24c881 corporate/4.0/i586/libsmi-mibs-ext-0.4.5-2.2.20060mlcs4.i586.rpm
6b1f79d9dcfede50a77833d7e27b2207 corporate/4.0/i586/libsmi-mibs-std-0.4.5-2.2.20060mlcs4.i586.rpm
3a022e89d08142476e1dd697da40aefd corporate/4.0/i586/libsmi2-0.4.5-2.2.20060mlcs4.i586.rpm
ce253c3fd84efb95e9f80d91d2047ba3 corporate/4.0/i586/libsmi2-devel-0.4.5-2.2.20060mlcs4.i586.rpm
cb1558626b02c7ac7a60f2470e22406f corporate/4.0/i586/libwireshark0-0.99.7-0.1.20060mlcs4.i586.rpm
ba73ddd29044d4d93cec49dcd737efae corporate/4.0/i586/smi-tools-0.4.5-2.2.20060mlcs4.i586.rpm
16fde2392ce2adf31a992010cbec390f corporate/4.0/i586/tshark-0.99.7-0.1.20060mlcs4.i586.rpm
f9eca8f2b302d3dbb8d7379d4038e910 corporate/4.0/i586/wireshark-0.99.7-0.1.20060mlcs4.i586.rpm
71fe25c9a1bd3b9bdb0339c51aa9463c corporate/4.0/i586/wireshark-tools-0.99.7-0.1.20060mlcs4.i586.rpm
a050e420402960d4ff2608487326bc31 corporate/4.0/SRPMS/libsmi-0.4.5-2.2.20060mlcs4.src.rpm
5cce91e2cb4c0e330b7280131870640f corporate/4.0/SRPMS/wireshark-0.99.7-0.1.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
22ae3adf154cd430b91c1883344df21d corporate/4.0/x86_64/lib64smi2-0.4.5-2.2.20060mlcs4.x86_64.rpm
fa4f2e5e8a8f4b055ba34ea3d6c33224 corporate/4.0/x86_64/lib64smi2-devel-0.4.5-2.2.20060mlcs4.x86_64.rpm
1601e097303a14f2b9c36d13b6d8e785 corporate/4.0/x86_64/lib64wireshark0-0.99.7-0.1.20060mlcs4.x86_64.rpm
c682b4bb19a9161ffe0d4520a091815e corporate/4.0/x86_64/libsmi-mibs-ext-0.4.5-2.2.20060mlcs4.x86_64.rpm
7605b1a4a0c911e4de3c5658e87bd2fd corporate/4.0/x86_64/libsmi-mibs-std-0.4.5-2.2.20060mlcs4.x86_64.rpm
1ffe2793d1ec3747e503caa0ae38faed corporate/4.0/x86_64/smi-tools-0.4.5-2.2.20060mlcs4.x86_64.rpm
6e405520c32127950447cf43c3399bf7 corporate/4.0/x86_64/tshark-0.99.7-0.1.20060mlcs4.x86_64.rpm
3d5691445aabafc9b1871c0f46df4cb0 corporate/4.0/x86_64/wireshark-0.99.7-0.1.20060mlcs4.x86_64.rpm
9509f638dbab7c4e5a89f356db1d49fc corporate/4.0/x86_64/wireshark-tools-0.99.7-0.1.20060mlcs4.x86_64.rpm
a050e420402960d4ff2608487326bc31 corporate/4.0/SRPMS/libsmi-0.4.5-2.2.20060mlcs4.src.rpm
5cce91e2cb4c0e330b7280131870640f corporate/4.0/SRPMS/wireshark-0.99.7-0.1.20060mlcs4.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)

iEYEARECAAYFAkd784IACgkQmqjQ0CJFipj6/wCeLFypfxZdEJROyKUw9KfwAflZ
feIAoJa2hM9XvT54eiCPdYwhA9KURMIy
=4Y2q
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

 

TOP