Mandriva Update For Wireshark MDVSA-2011:007 (wireshark) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerability has been found and corrected in wireshark: Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c) in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of RARs (CVE-2011-0444). The updated packages have been upgraded to the latest version (1.2.14) which is not affected by this issue.

Affected

wireshark on Mandriva Linux 2010.0, Mandriva Linux 2010.0/X86_64, Mandriva Linux 2010.1, Mandriva Linux 2010.1/X86_64

Severity

Classification

CVE CVE-2011-0444
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:147 (pidgin)
Mandrake Security Advisory MDVSA-2009:101 (xpdf)
Mandrake Security Advisory MDVSA-2009:075 (firefox)
Mandrake Security Advisory MDVSA-2009:030 (amarok)
Mandrake Security Advisory MDVSA-2009:060-1 (nfs-utils)

Mandriva Update for wireshark MDVSA-2011:007 (wireshark)

Take action and discover your vulnerabilities