Updated wireshark packages fix multiple security vulnerabilities
Publication date: 26 Jun 2013Modification date: 26 Jun 2013
Type: security
Affected Mageia releases : 3
CVE: CVE-2013-4074 , CVE-2013-4075 , CVE-2013-4076 , CVE-2013-4077 , CVE-2013-4078 , CVE-2013-4079 , CVE-2013-4080 , CVE-2013-4081 , CVE-2013-4082 , CVE-2013-4083
Description
The CAPWAP dissector could crash (CVE-2013-4074).
The GMR-1 BCCH dissector could crash (CVE-2013-4075).
The PPP dissector could crash (CVE-2013-4076).
The NBAP dissector could crash (CVE-2013-4077).
The RDP dissector could crash (CVE-2013-4078).
The GSM CBCH dissector could crash (CVE-2013-4079).
The Assa Abloy R3 dissector could consume excessive memory and CPU
(CVE-2013-4080).
The HTTP dissector could overrun the stack (CVE-2013-4081).
The Ixia IxVeriWave file parser could overflow the heap (CVE-2013-4082).
The DCP ETSI dissector could crash (CVE-2013-4083).
References
- http://www.wireshark.org/security/wnpa-sec-2013-32.html
- http://www.wireshark.org/security/wnpa-sec-2013-33.html
- http://www.wireshark.org/security/wnpa-sec-2013-34.html
- http://www.wireshark.org/security/wnpa-sec-2013-35.html
- http://www.wireshark.org/security/wnpa-sec-2013-36.html
- http://www.wireshark.org/security/wnpa-sec-2013-37.html
- http://www.wireshark.org/security/wnpa-sec-2013-38.html
- http://www.wireshark.org/security/wnpa-sec-2013-39.html
- http://www.wireshark.org/security/wnpa-sec-2013-40.html
- http://www.wireshark.org/security/wnpa-sec-2013-41.html
- http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html
- http://www.wireshark.org/news/20130607.html
- https://bugs.mageia.org/show_bug.cgi?id=10471
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4074
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4075
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4076
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4077
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4078
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4079
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4080
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4081
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4082
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4083
SRPMS
3/core
- wireshark-1.8.8-1.mga3