Objavljena je nadogradnja programskog paketa Wireshark koja ispravlja nekoliko sigurnosnih ranjivosti. Spomenute ranjivosti napadači mogu iskoristiti za DoS napad.
Paket:
wireshark 1.x
Operacijski sustavi:
Mandriva Linux 2010.1, Mandriva Linux Corporate 4.0, Mandriva Linux Enterprise Server 5.0
Problem:
neodgovarajuća provjera ulaznih podataka, neodgovarajuće rukovanje datotekama, pogreška u programskoj funkciji, pogreška u programskoj komponenti
Iskorištavanje:
udaljeno
Posljedica:
uskraćivanje usluga (DoS)
Rješenje:
programska zakrpa proizvođača
Izvorni ID preporuke:
MDVSA-2011:105
Izvor:
Mandriva
Problem:
Uočene ranjivosti javljaju se zbog pogreške u DICOM disektoru, funkciji "desegment_tcp()" (epan/dissectors/packet-tcp.c) i neodgovarajuće obrade određenih datoteka. Za detaljniji pregled propusta savjetuje se čitanje izvorne preporuke.
Posljedica:
Potencijalni napadači mogu iskoristiti uočene ranjivosti za rušenje aplikacije (DoS).
Rješenje:
Svim se korisnicima savjetuje primjena objavljene nadogradnje.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2011:105
http://www.mandriva.com/security/
_______________________________________________________________________
Package : wireshark
Date : June 1, 2011
Affected: 2010.1, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
This advisory updates wireshark to the latest version (1.2.17),
fixing several security issues:
* Large/infinite loop in the DICOM dissector. (Bug 5876) Versions
affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
* Huzaifa Sidhpurwala of the Red Hat Security Response Team
discovered that a corrupted Diameter dictionary file could crash
Wireshark. Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
* Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
that a corrupted snoop file could crash Wireshark. (Bug 5912) Versions
affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
* David Maciejak of Fortinet's FortiGuard Labs discovered that
malformed compressed capture data could crash Wireshark. (Bug 5908)
Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
* Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered
that a corrupted Visual Networks file could crash Wireshark. (Bug 5934)
Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.
_______________________________________________________________________
References:
http://www.wireshark.org/security/wnpa-sec-2011-07.html
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2010.1:
bf11862659afce8761a4d58ee546d1b9
2010.1/i586/dumpcap-1.2.17-0.1mdv2010.2.i586.rpm
0da0281f3c736de4929a053d5d92d1a7
2010.1/i586/libwireshark0-1.2.17-0.1mdv2010.2.i586.rpm
b6e97b06fd0ac0e7384d6aab97e5cc50
2010.1/i586/libwireshark-devel-1.2.17-0.1mdv2010.2.i586.rpm
5cd0f0029fb4431c51ed8cd9207075ee
2010.1/i586/rawshark-1.2.17-0.1mdv2010.2.i586.rpm
43b1ee7fec3df0d6063d2f2e875a3ba1
2010.1/i586/tshark-1.2.17-0.1mdv2010.2.i586.rpm
fa313ad7a730edd4440c7a5d61cb3aa3
2010.1/i586/wireshark-1.2.17-0.1mdv2010.2.i586.rpm
a61c1457627b7371c3c7693dce1ebb6d
2010.1/i586/wireshark-tools-1.2.17-0.1mdv2010.2.i586.rpm
0dd2c106f7747527cab50ccb820e3005
2010.1/SRPMS/wireshark-1.2.17-0.1mdv2010.2.src.rpm
Mandriva Linux 2010.1/X86_64:
125bf4d3c37ff2fd06ca3116d1a06448
2010.1/x86_64/dumpcap-1.2.17-0.1mdv2010.2.x86_64.rpm
2e80800ec2d5a221bcc6a1beffa99605
2010.1/x86_64/lib64wireshark0-1.2.17-0.1mdv2010.2.x86_64.rpm
d05b01efa7eceb47c4dc9655a4108790
2010.1/x86_64/lib64wireshark-devel-1.2.17-0.1mdv2010.2.x86_64.rpm
13ff82aeeed568b1e58884b965d4dd2b
2010.1/x86_64/rawshark-1.2.17-0.1mdv2010.2.x86_64.rpm
fbbbcbcdfd4f98893c6a49f03d9990f7
2010.1/x86_64/tshark-1.2.17-0.1mdv2010.2.x86_64.rpm
d5e412a56fbbb8d8d456ab06408587a7
2010.1/x86_64/wireshark-1.2.17-0.1mdv2010.2.x86_64.rpm
adf06e2c47c991886b674a9b300c83c6
2010.1/x86_64/wireshark-tools-1.2.17-0.1mdv2010.2.x86_64.rpm
0dd2c106f7747527cab50ccb820e3005
2010.1/SRPMS/wireshark-1.2.17-0.1mdv2010.2.src.rpm
Corporate 4.0:
642f57dfe04fbe995e2dc3764305ac48
corporate/4.0/i586/dumpcap-1.2.17-0.1.20060mlcs4.i586.rpm
6a32aebf65252655762e4b276765435e
corporate/4.0/i586/libwireshark0-1.2.17-0.1.20060mlcs4.i586.rpm
d3170e8152da4c8911e4a997f68434e6
corporate/4.0/i586/libwireshark-devel-1.2.17-0.1.20060mlcs4.i586.rpm
a352fd66d6778a139e6ba01723fed2fd
corporate/4.0/i586/rawshark-1.2.17-0.1.20060mlcs4.i586.rpm
db3c0befa16510f4cb4ecb1420a6d261
corporate/4.0/i586/tshark-1.2.17-0.1.20060mlcs4.i586.rpm
c558f334fa91cef5b92c8de899a138f0
corporate/4.0/i586/wireshark-1.2.17-0.1.20060mlcs4.i586.rpm
60f329a78d00c9c22cbb3b1bf7464ba4
corporate/4.0/i586/wireshark-tools-1.2.17-0.1.20060mlcs4.i586.rpm
45b07dac18687757472e952371f0c7a5
corporate/4.0/SRPMS/wireshark-1.2.17-0.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
b6c85c2f78b59e35e0a07d040fe9ab2e
corporate/4.0/x86_64/dumpcap-1.2.17-0.1.20060mlcs4.x86_64.rpm
f7947f2f688a2989edee5202ed7edb4c
corporate/4.0/x86_64/lib64wireshark0-1.2.17-0.1.20060mlcs4.x86_64.rpm
1d3938c349d356b719b1461340744a07
corporate/4.0/x86_64/lib64wireshark-devel-1.2.17-0.1.20060mlcs4.x86_64.rpm
615e1104bb0cc89494cd018802c8db99
corporate/4.0/x86_64/rawshark-1.2.17-0.1.20060mlcs4.x86_64.rpm
759e77482159d94b723f2e3cdcad3987
corporate/4.0/x86_64/tshark-1.2.17-0.1.20060mlcs4.x86_64.rpm
20bc7d7883ec6ad04661540aac91750b
corporate/4.0/x86_64/wireshark-1.2.17-0.1.20060mlcs4.x86_64.rpm
7552340c66ecaf4ca3c343efd2687844
corporate/4.0/x86_64/wireshark-tools-1.2.17-0.1.20060mlcs4.x86_64.rpm
45b07dac18687757472e952371f0c7a5
corporate/4.0/SRPMS/wireshark-1.2.17-0.1.20060mlcs4.src.rpm
Mandriva Enterprise Server 5:
aaa5c6d5fc4d2c95ac4195e47d33fafa
mes5/i586/dumpcap-1.2.17-0.1mdvmes5.2.i586.rpm
6d58055269e6092d0a5686a4a8c42ac3
mes5/i586/libwireshark0-1.2.17-0.1mdvmes5.2.i586.rpm
a3cb3bb89e80fe29c790f6e8b063b131
mes5/i586/libwireshark-devel-1.2.17-0.1mdvmes5.2.i586.rpm
79fa5c8f2a5eb746b1187c65cbae4e40
mes5/i586/rawshark-1.2.17-0.1mdvmes5.2.i586.rpm
e100f6d645ab73a1fc5a9deb84606698
mes5/i586/tshark-1.2.17-0.1mdvmes5.2.i586.rpm
4b04325c54878e19f1f4c72311560034
mes5/i586/wireshark-1.2.17-0.1mdvmes5.2.i586.rpm
5527a82f63a08dd5c975155e1fedd338
mes5/i586/wireshark-tools-1.2.17-0.1mdvmes5.2.i586.rpm
55e251303583720d3cb1017a6ee760cb
mes5/SRPMS/wireshark-1.2.17-0.1mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64:
cfb3fce8ca61979a2a6460ae5bb1e0fa
mes5/x86_64/dumpcap-1.2.17-0.1mdvmes5.2.x86_64.rpm
a0143cf4fd861df6d0e48f64fde3b624
mes5/x86_64/lib64wireshark0-1.2.17-0.1mdvmes5.2.x86_64.rpm
06d2eabbcefdc213ca49eea94861384f
mes5/x86_64/lib64wireshark-devel-1.2.17-0.1mdvmes5.2.x86_64.rpm
e280f7279b408002816ac4a4cc5011db
mes5/x86_64/rawshark-1.2.17-0.1mdvmes5.2.x86_64.rpm
9268040d3f61500dda520eab5ac49fd6
mes5/x86_64/tshark-1.2.17-0.1mdvmes5.2.x86_64.rpm
9277a5ee2abdb2382e123269f7ea2688
mes5/x86_64/wireshark-1.2.17-0.1mdvmes5.2.x86_64.rpm
e9d8581141921e54a69932192f96b817
mes5/x86_64/wireshark-tools-1.2.17-0.1mdvmes5.2.x86_64.rpm
55e251303583720d3cb1017a6ee760cb
mes5/SRPMS/wireshark-1.2.17-0.1mdvmes5.2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFN5hCamqjQ0CJFipgRAtWMAKC7lUm7KIzYoaUyDLAldfYfMgyPAACg2atx
qx2ViMyJnyfW7cy9RohtHzE=
=IUCE
-----END PGP SIGNATURE-----
Posljednje sigurnosne preporuke