Please Install the Updated Packages.

Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. A heap-based buffer overflow flaw was found in the way Wireshark handled Endace ERF (Extensible Record Format) capture files. If Wireshark opened a specially-crafted ERF capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2011-4102) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2011-1958, CVE-2011-1959, CVE-2011-2175, CVE-2011-2698, CVE-2012-0041, CVE-2012-0042, CVE-2012-0066, CVE-2012-0067, CVE-2012-4285, CVE-2012-4289, CVE-2012-4290, CVE-2012-4291) The CVE-2011-1958, CVE-2011-1959, CVE-2011-2175, and CVE-2011-4102 issues were discovered by Huzaifa Sidhpurwala of the Red Hat Security Response Team. This update also fixes the following bugs: * When Wireshark starts with the X11 protocol being tunneled through an SSH connection, it automatically prepares its capture filter to omit the SSH packets. If the SSH connection was to a link-local IPv6 address including an interface name (for example ssh -X [ipv6addr]%eth0), Wireshark parsed this address erroneously, constructed an incorrect capture filter and refused to capture packets. The &quot Invalid capture filter&quot message was displayed. With this update, parsing of link-local IPv6 addresses is fixed and Wireshark correctly prepares a capture filter to omit SSH packets over a link-local IPv6 connection. (BZ#438473) Description truncated, for more information please check the Reference URL

wireshark on Red Hat Enterprise Linux (v. 5 server)

• https://www.redhat.com/archives/rhsa-announce/2013-January/msg00008.html

---

Updated on 2015-03-25