Solution
Please Install the Updated Packages.
Insight
Multiple vulnerabilities was found and corrected in Wireshark:
The DCP ETSI dissector could trigger a zero division (CVE-2012-4285).
The MongoDB dissector could go into a large loop (CVE-2012-4287).
The XTP dissector could go into an infinite loop (CVE-2012-4288).
The AFP dissector could go into a large loop (CVE-2012-4289).
The RTPS2 dissector could overflow a buffer (CVE-2012-4296).
The GSM RLC MAC dissector could overflow a buffer (CVE-2012-4297).
The CIP dissector could exhaust system memory (CVE-2012-4291).
The STUN dissector could crash (CVE-2012-4292).
The EtherCAT Mailbox dissector could abort (CVE-2012-4293).
The CTDB dissector could go into a large loop (CVE-2012-4290).
This advisory provides the latest version of Wireshark (1.6.10) which is not vulnerable to these issues.
Affected
wireshark on Mandriva Linux 2011.0
Severity
Classification
-
CVE CVE-2012-4285, CVE-2012-4287, CVE-2012-4288, CVE-2012-4289, CVE-2012-4290, CVE-2012-4291, CVE-2012-4292, CVE-2012-4293, CVE-2012-4296, CVE-2012-4297 -
CVSS Base Score: 8.3
AV:A/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities