Mandriva Update For Wireshark MDVSA-2010:200 (wireshark) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

It was discovered that the ASN.1 BER dissector in wireshark was susceptible to a stack overflow (CVE-2010-3445). For 2010.0 and 2010.1 wireshark was upgraded to v1.2.12 which is not vulnerable to this issue and was patched for CS4 and MES5 to resolve the vulnerability.

Affected

wireshark on Mandriva Linux 2010.0, Mandriva Linux 2010.0/X86_64, Mandriva Linux 2010.1, Mandriva Linux 2010.1/X86_64, Mandriva Enterprise Server 5, Mandriva Enterprise Server 5/X86_64

Severity

Classification

CVE CVE-2010-3445
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:145 (php)
Mandrake Security Advisory MDVSA-2009:002 (bind)
Mandrake Security Advisory MDVSA-2009:043 (gnumeric)
Mandrake Security Advisory MDVSA-2009:068-1 (poppler)
Mandrake Security Advisory MDVSA-2009:063 (eog)

Mandriva Update for wireshark MDVSA-2010:200 (wireshark)

Take action and discover your vulnerabilities