Mandrake Local Security Checks : Mandriva Security Advisory MDVSA-2011:164 (wireshark)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.72064

Categoría: Mandrake Local Security Checks

Título: Mandriva Security Advisory MDVSA-2011:164 (wireshark)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing an update to wireshark
announced via advisory MDVSA-2011:164.

This advisory updates wireshark to the latest version (1.6.3), fixing
several security issues:

An uninitialized variable in the CSN.1 dissector could cause a crash
(CVE-2011-4100).

Huzaifa Sidhpurwala of Red Hat Security Response Team discovered
that the Infiniband dissector could dereference a NULL pointer
(CVE-2011-4101).

Huzaifa Sidhpurwala of Red Hat Security Response Team discovered a
buffer overflow in the ERF file reader (CVE-2011-4102).

The updated packages have been upgraded to the latest 1.6.x version
(1.6.3) which is not vulnerable to these issues.

Affected: 2011.

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2011:164
http://www.wireshark.org/security/wnpa-sec-2011-17.html
http://www.wireshark.org/security/wnpa-sec-2011-18.html
http://www.wireshark.org/security/wnpa-sec-2011-19.html

Risk factor : High

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-4100
BugTraq ID: 50479
http://www.securityfocus.com/bid/50479
http://openwall.com/lists/oss-security/2011/11/01/9
http://osvdb.org/76768
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14833
http://secunia.com/advisories/46644
XForce ISS Database: wireshark-csn1-dissector-dos(71090)
https://exchange.xforce.ibmcloud.com/vulnerabilities/71090
Common Vulnerability Exposure (CVE) ID: CVE-2011-4101
BugTraq ID: 50481
http://www.securityfocus.com/bid/50481
http://osvdb.org/76769
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14760
XForce ISS Database: wireshark-infiniband-dissector-dos(71091)
https://exchange.xforce.ibmcloud.com/vulnerabilities/71091
Common Vulnerability Exposure (CVE) ID: CVE-2011-4102
BugTraq ID: 50486
http://www.securityfocus.com/bid/50486
http://osvdb.org/76770
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15073
RedHat Security Advisories: RHSA-2013:0125
http://rhn.redhat.com/errata/RHSA-2013-0125.html
http://secunia.com/advisories/46913
http://secunia.com/advisories/48947
XForce ISS Database: wireshark-erf-bo(71092)
https://exchange.xforce.ibmcloud.com/vulnerabilities/71092

Copyright Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.72064
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2011:164 (wireshark)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to wireshark announced via advisory MDVSA-2011:164. This advisory updates wireshark to the latest version (1.6.3), fixing several security issues: An uninitialized variable in the CSN.1 dissector could cause a crash (CVE-2011-4100). Huzaifa Sidhpurwala of Red Hat Security Response Team discovered that the Infiniband dissector could dereference a NULL pointer (CVE-2011-4101). Huzaifa Sidhpurwala of Red Hat Security Response Team discovered a buffer overflow in the ERF file reader (CVE-2011-4102). The updated packages have been upgraded to the latest 1.6.x version (1.6.3) which is not vulnerable to these issues. Affected: 2011. Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2011:164 http://www.wireshark.org/security/wnpa-sec-2011-17.html http://www.wireshark.org/security/wnpa-sec-2011-18.html http://www.wireshark.org/security/wnpa-sec-2011-19.html Risk factor : High
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4100 BugTraq ID: 50479 http://www.securityfocus.com/bid/50479 http://openwall.com/lists/oss-security/2011/11/01/9 http://osvdb.org/76768 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14833 http://secunia.com/advisories/46644 XForce ISS Database: wireshark-csn1-dissector-dos(71090) https://exchange.xforce.ibmcloud.com/vulnerabilities/71090 Common Vulnerability Exposure (CVE) ID: CVE-2011-4101 BugTraq ID: 50481 http://www.securityfocus.com/bid/50481 http://osvdb.org/76769 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14760 XForce ISS Database: wireshark-infiniband-dissector-dos(71091) https://exchange.xforce.ibmcloud.com/vulnerabilities/71091 Common Vulnerability Exposure (CVE) ID: CVE-2011-4102 BugTraq ID: 50486 http://www.securityfocus.com/bid/50486 http://osvdb.org/76770 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15073 RedHat Security Advisories: RHSA-2013:0125 http://rhn.redhat.com/errata/RHSA-2013-0125.html http://secunia.com/advisories/46913 http://secunia.com/advisories/48947 XForce ISS Database: wireshark-erf-bo(71092) https://exchange.xforce.ibmcloud.com/vulnerabilities/71092
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com