Mandriva Update For Wireshark MDVSA-2010:031 (wireshark) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

This advisory updates Wireshark to the version 1.0.11, which fixes the following vulnerabilities: The SMB and SMB2 dissectors could crash (CVE-2009-4377). The Infiniband dissector could crash on some platforms (CVE-2009-2563). Several buffer overflows were discovered and fixed in the LWRES dissector.

Affected

wireshark on Mandriva Linux 2008.0, Mandriva Linux 2008.0/X86_64, Mandriva Linux 2009.1, Mandriva Linux 2009.1/X86_64, Mandriva Enterprise Server 5, Mandriva Enterprise Server 5/X86_64

Severity

Classification

CVE CVE-2009-2563, CVE-2009-4377

CVSS	Base Score: 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:081 (libsoup)
Mandrake Security Advisory MDVSA-2009:184 (apache-mod_security)
Mandrake Security Advisory MDVSA-2009:050-1 (python-pycrypto)
Mandrake Security Advisory MDVSA-2009:057 (valgrind)
Mandrake Security Advisory MDVSA-2009:103 (udev)

Mandriva Update for wireshark MDVSA-2010:031 (wireshark)

Take action and discover your vulnerabilities