Mandriva Update For Wireshark MDVSA-2011:007 (wireshark) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerability has been found and corrected in wireshark: Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c) in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of RARs (CVE-2011-0444). The updated packages have been upgraded to the latest version (1.2.14) which is not affected by this issue.

Affected

wireshark on Mandriva Linux 2010.0, Mandriva Linux 2010.0/X86_64, Mandriva Linux 2010.1, Mandriva Linux 2010.1/X86_64

Severity

Classification

CVE CVE-2011-0444

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:088 (wireshark)
Mandrake Security Advisory MDVSA-2009:132 (libsndfile)
Mandrake Security Advisory MDVSA-2009:152 (pulseaudio)
Mandrake Security Advisory MDVSA-2009:003 (python)
Mandrake Security Advisory MDVSA-2009:116 (gnutls)

Mandriva Update for wireshark MDVSA-2011:007 (wireshark)

Take action and discover your vulnerabilities