Mandriva Security Advisory MDVSA-2009:292 (wireshark)

The remote host is missing an update to wireshark announced via advisory MDVSA-2009:292.
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
Vulnerabilities have been discovered and corrected in wireshark, affecting DCERPC/NT dissector, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace (CVE-2009-3550) and in wiretap/erf.c which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file (CVE-2009-3829). The wireshark package has been updated to fix these vulnerabilities. Affected: 2009.1, Corporate 4.0, Enterprise Server 5.0