Ispravljeni su višestruki sigurnosni propusti paketa wireshark koji su zlonamjernom korisniku omogućavali uskraćivanje usluge i proizvoljno izvođenje programskog koda.
Paket: | wireshark 1.x |
Operacijski sustavi: | Fedora 16 |
Kritičnost: | 7.2 |
Problem: | pogreška u programskoj funkciji, pogreška u programskoj komponenti |
Iskorištavanje: | udaljeno |
Posljedica: | proizvoljno izvršavanje programskog koda, uskraćivanje usluga (DoS) |
Rješenje: | programska zakrpa proizvođača |
CVE: | CVE-2012-4285, CVE-2012-4288, CVE-2012-4289, CVE-2012-4296, CVE-2012-4297, CVE-2012-4291, CVE-2012-4292, CVE-2012-4293, CVE-2012-4290 |
Izvorni ID preporuke: | FEDORA-2012-12085 |
Izvor: | Fedora |
Problem: | |
Propusti nastaju zbog pogrešaka u funkcijama dissect_pft, dissect_xtp_ecntl, dissect_gsm_rlcmac_downlink, dissect_stun_message i neispravnih komponenti packet-afp.c, packet-rtps2.c, CIP dissector, EtherCAT Mailbox dissector i CTDB dissector. |
|
Posljedica: | |
Zlonamjerni korisnik mogao je iskoristiti brojne propuste kako bi izveo DoS napad ili pokrenuo proizvoljan programski kod. |
|
Rješenje: | |
Savjetuje se nadogradnja paketa na noviju inačicu. |
Izvorni tekst preporuke
-------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-12085
2012-08-17 05:24:23
--------------------------------------------------------------------------------
Name : wireshark
Product : Fedora 16
Version : 1.6.10
Release : 1.fc16
URL : http://www.wireshark.org/
Summary : Network traffic analyzer
Description :
Wireshark is a network traffic analyzer for Unix-ish operating systems.
This package lays base for libpcap, a packet capture and filtering
library, contains command-line utilities, contains plugins and
documentation for wireshark. A graphical user interface is packaged
separately to GTK+ package.
--------------------------------------------------------------------------------
Update Information:
Upgrade to wireshark 1.6.10
The following vulnerabilities have been fixed.
wnpa-sec-2012-13: The DCP ETSI dissector could trigger a zero division.
wnpa-sec-2012-15: The XTP dissector could go into an infinite loop.
wnpa-sec-2012-17: The AFP dissector could go into a large loop.
wnpa-sec-2012-18: The RTPS2 dissector could overflow a buffer.
wnpa-sec-2012-20: The CIP dissector could exhaust system memory.
wnpa-sec-2012-21: The STUN dissector could crash.
wnpa-sec-2012-22: The EtherCAT Mailbox dissector could abort.
wnpa-sec-2012-23: The CTDB dissector could go into a large loop.
See http://www.wireshark.org/docs/relnotes/wireshark-1.6.10.html for details.
The following vulnerabilities have been fixed.
wnpa-sec-2012-11: The PPP dissector could crash.
wnpa-sec-2012-12: The NFS dissector could use excessive amounts of CPU.
The following vulnerabilities have been fixed.
wnpa-sec-2012-11: The PPP dissector could crash.
wnpa-sec-2012-12: The NFS dissector could use excessive amounts of CPU.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 16 2012 Jan Safranek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1.6.10-1
- upgrade to 1.6.10
- see http://www.wireshark.org/docs/relnotes/wireshark-1.6.10.html
* Tue Jul 24 2012 Jan Safranek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1.6.9-1
- upgrade to 1.6.9
- see http://www.wireshark.org/docs/relnotes/wireshark-1.6.9.html
* Wed May 23 2012 Jan Safranek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1.6.8-1
- upgrade to 1.6.8
- see http://www.wireshark.org/docs/relnotes/wireshark-1.6.8.html
* Mon May 21 2012 Jan Safranek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1.6.7-2
- Removed dependency on GeoIP on RHEL.
* Tue Apr 10 2012 Jan Safranek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1.6.7-1
- upgrade to 1.6.7
- see http://www.wireshark.org/docs/relnotes/wireshark-1.6.7.html
* Wed Mar 28 2012 Jan Safranek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1.6.6-1
- upgrade to 1.6.6
- see http://www.wireshark.org/docs/relnotes/wireshark-1.6.6.html
* Fri Mar 9 2012 Jan Safranek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1.6.5-2
- fixed wireshark crashing when using combo box in import dialog (#773290)
- added AES support into netlogon dissector
* Wed Jan 11 2012 Jan Safranek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1.6.5-1
- upgrade to 1.6.5
- see http://www.wireshark.org/docs/relnotes/wireshark-1.6.5.html
* Fri Dec 2 2011 Jan Safranek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1.6.4-1
- upgrade to 1.6.4
- see http://www.wireshark.org/docs/relnotes/wireshark-1.6.4.html
- build with c-ares and libpcap (#759305)
- fixed display of error message boxes on startup in gnome3 (#752559)
* Mon Nov 14 2011 Jan Safranek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1.6.3-2
- added dependency on shadow-utils (#753293)
- removed usermode support
* Wed Nov 2 2011 Jan Safranek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1.6.3-1
- upgrade to 1.6.3
- see http://www.wireshark.org/docs/relnotes/wireshark-1.6.3.html
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #848541 - CVE-2012-4285 wireshark: crash due to zero division in DCP ETSI dissector (wnpa-sec-2012-13)
https://bugzilla.redhat.com/show_bug.cgi?id=848541
[ 2 ] Bug #848548 - CVE-2012-4288 wireshark: DoS via excessive resource consumption in XTP dissector (wnpa-sec-2012-15)
https://bugzilla.redhat.com/show_bug.cgi?id=848548
[ 3 ] Bug #848561 - CVE-2012-4289 wireshark: DoS via excessive CPU consumption in AFP dissector (wnpa-sec-2012-17)
https://bugzilla.redhat.com/show_bug.cgi?id=848561
[ 4 ] Bug #848565 - CVE-2012-4296 wireshark: DoS via excessive CPU consumption in RTPS2 dissector (wnpa-sec-2012-18)
https://bugzilla.redhat.com/show_bug.cgi?id=848565
[ 5 ] Bug #848568 - CVE-2012-4297 wireshark: buffer overflow in GSM RLC MAC dissector (wnpa-sec-2012-19)
https://bugzilla.redhat.com/show_bug.cgi?id=848568
[ 6 ] Bug #848572 - CVE-2012-4291 wireshark: DoS via excessive system resource consumption in CIP dissector (wnpa-sec-2012-20)
https://bugzilla.redhat.com/show_bug.cgi?id=848572
[ 7 ] Bug #848575 - CVE-2012-4292 wireshark: crash in STUN dissector (wnpa-sec-2012-21)
https://bugzilla.redhat.com/show_bug.cgi?id=848575
[ 8 ] Bug #848577 - CVE-2012-4293 wireshark: premature exit in EtherCAT Mailbox dissector (wnpa-sec-2012-22)
https://bugzilla.redhat.com/show_bug.cgi?id=848577
[ 9 ] Bug #848578 - CVE-2012-4290 wireshark: DoS via excessive CPU consumption in CTDB dissector (wnpa-sec-2012-23)
https://bugzilla.redhat.com/show_bug.cgi?id=848578
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update wireshark' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-12091
2012-08-17 05:24:47
--------------------------------------------------------------------------------
Name : wireshark
Product : Fedora 17
Version : 1.6.10
Release : 1.fc17
URL : http://www.wireshark.org/
Summary : Network traffic analyzer
Description :
Wireshark is a network traffic analyzer for Unix-ish operating systems.
This package lays base for libpcap, a packet capture and filtering
library, contains command-line utilities, contains plugins and
documentation for wireshark. A graphical user interface is packaged
separately to GTK+ package.
--------------------------------------------------------------------------------
Update Information:
Upgrade to wireshark 1.6.10
The following vulnerabilities have been fixed.
wnpa-sec-2012-13: The DCP ETSI dissector could trigger a zero division.
wnpa-sec-2012-15: The XTP dissector could go into an infinite loop.
wnpa-sec-2012-17: The AFP dissector could go into a large loop.
wnpa-sec-2012-18: The RTPS2 dissector could overflow a buffer.
wnpa-sec-2012-20: The CIP dissector could exhaust system memory.
wnpa-sec-2012-21: The STUN dissector could crash.
wnpa-sec-2012-22: The EtherCAT Mailbox dissector could abort.
wnpa-sec-2012-23: The CTDB dissector could go into a large loop.
See http://www.wireshark.org/docs/relnotes/wireshark-1.6.10.html for details.
The following vulnerabilities have been fixed.
wnpa-sec-2012-11: The PPP dissector could crash.
wnpa-sec-2012-12: The NFS dissector could use excessive amounts of CPU.
The following vulnerabilities have been fixed.
wnpa-sec-2012-11: The PPP dissector could crash.
wnpa-sec-2012-12: The NFS dissector could use excessive amounts of CPU.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 16 2012 Jan Safranek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1.6.10-1
- upgrade to 1.6.10
- see http://www.wireshark.org/docs/relnotes/wireshark-1.6.10.html
* Tue Jul 24 2012 Jan Safranek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1.6.9-1
- upgrade to 1.6.9
- see http://www.wireshark.org/docs/relnotes/wireshark-1.6.9.html
* Wed May 23 2012 Jan Safranek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1.6.8-1
- upgrade to 1.6.8
- see http://www.wireshark.org/docs/relnotes/wireshark-1.6.8.html
* Mon May 21 2012 Jan Safranek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1.6.7-2
- Removed dependency on GeoIP on RHEL.
* Tue Apr 10 2012 Jan Safranek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1.6.7-1
- upgrade to 1.6.7
- see http://www.wireshark.org/docs/relnotes/wireshark-1.6.7.html
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #848541 - CVE-2012-4285 wireshark: crash due to zero division in DCP ETSI dissector (wnpa-sec-2012-13)
https://bugzilla.redhat.com/show_bug.cgi?id=848541
[ 2 ] Bug #848548 - CVE-2012-4288 wireshark: DoS via excessive resource consumption in XTP dissector (wnpa-sec-2012-15)
https://bugzilla.redhat.com/show_bug.cgi?id=848548
[ 3 ] Bug #848561 - CVE-2012-4289 wireshark: DoS via excessive CPU consumption in AFP dissector (wnpa-sec-2012-17)
https://bugzilla.redhat.com/show_bug.cgi?id=848561
[ 4 ] Bug #848565 - CVE-2012-4296 wireshark: DoS via excessive CPU consumption in RTPS2 dissector (wnpa-sec-2012-18)
https://bugzilla.redhat.com/show_bug.cgi?id=848565
[ 5 ] Bug #848568 - CVE-2012-4297 wireshark: buffer overflow in GSM RLC MAC dissector (wnpa-sec-2012-19)
https://bugzilla.redhat.com/show_bug.cgi?id=848568
[ 6 ] Bug #848572 - CVE-2012-4291 wireshark: DoS via excessive system resource consumption in CIP dissector (wnpa-sec-2012-20)
https://bugzilla.redhat.com/show_bug.cgi?id=848572
[ 7 ] Bug #848575 - CVE-2012-4292 wireshark: crash in STUN dissector (wnpa-sec-2012-21)
https://bugzilla.redhat.com/show_bug.cgi?id=848575
[ 8 ] Bug #848577 - CVE-2012-4293 wireshark: premature exit in EtherCAT Mailbox dissector (wnpa-sec-2012-22)
https://bugzilla.redhat.com/show_bug.cgi?id=848577
[ 9 ] Bug #848578 - CVE-2012-4290 wireshark: DoS via excessive CPU consumption in CTDB dissector (wnpa-sec-2012-23)
https://bugzilla.redhat.com/show_bug.cgi?id=848578
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update wireshark' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Posljednje sigurnosne preporuke