Mandrake Local Security Checks : Mandriva Security Advisory MDVSA-2010:144 (wireshark)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.68261

Categoría: Mandrake Local Security Checks

Título: Mandriva Security Advisory MDVSA-2010:144 (wireshark)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing an update to wireshark
announced via advisory MDVSA-2010:144.

This advisory updates wireshark to the latest version(s), fixing
several security issues:

Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through
1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack
vectors (CVE-2010-2284).

Buffer overflow in the SigComp Universal Decompressor Virtual Machine
dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8
has unknown impact and remote attack vectors (CVE-2010-2287).

Affected: 2009.1, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2010:144
http://www.wireshark.org/docs/relnotes/wireshark-1.0.15.html
http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html

Risk factor : Critical

CVSS Score:
8.3

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-2284
BugTraq ID: 40728
http://www.securityfocus.com/bid/40728
http://www.mandriva.com/security/advisories?name=MDVSA-2010:113
http://www.mandriva.com/security/advisories?name=MDVSA-2010:144
http://www.openwall.com/lists/oss-security/2010/06/11/1
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11888
http://secunia.com/advisories/40112
http://secunia.com/advisories/42877
http://secunia.com/advisories/43068
SuSE Security Announcement: SUSE-SR:2011:001 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html
SuSE Security Announcement: SUSE-SR:2011:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://www.vupen.com/english/advisories/2010/1418
http://www.vupen.com/english/advisories/2011/0076
http://www.vupen.com/english/advisories/2011/0212
Common Vulnerability Exposure (CVE) ID: CVE-2010-2287
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11836

Copyright Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.68261
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2010:144 (wireshark)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to wireshark announced via advisory MDVSA-2010:144. This advisory updates wireshark to the latest version(s), fixing several security issues: Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors (CVE-2010-2284). Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors (CVE-2010-2287). Affected: 2009.1, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2010:144 http://www.wireshark.org/docs/relnotes/wireshark-1.0.15.html http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html Risk factor : Critical CVSS Score: 8.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2284 BugTraq ID: 40728 http://www.securityfocus.com/bid/40728 http://www.mandriva.com/security/advisories?name=MDVSA-2010:113 http://www.mandriva.com/security/advisories?name=MDVSA-2010:144 http://www.openwall.com/lists/oss-security/2010/06/11/1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11888 http://secunia.com/advisories/40112 http://secunia.com/advisories/42877 http://secunia.com/advisories/43068 SuSE Security Announcement: SUSE-SR:2011:001 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html SuSE Security Announcement: SUSE-SR:2011:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://www.vupen.com/english/advisories/2010/1418 http://www.vupen.com/english/advisories/2011/0076 http://www.vupen.com/english/advisories/2011/0212 Common Vulnerability Exposure (CVE) ID: CVE-2010-2287 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11836
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com