Test Kennung:	1.3.6.1.4.1.25623.1.0.69229
Kategorie:	Red Hat Local Security Checks
Titel:	RedHat Security Advisory RHSA-2011:0370
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory RHSA-2011:0370. Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2011-0024) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2010-3445, CVE-2011-0538, CVE-2011-1139, CVE-2011-1140, CVE-2011-1141, CVE-2011-1143) Users of Wireshark should upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of Wireshark must be restarted for the update to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2011-0370.html Risk factor : Critical CVSS Score: 9.3
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3445 BugTraq ID: 43197 http://www.securityfocus.com/bid/43197 Bugtraq: 20100913 Wireshark 1.4.0 Malformed SNMP V1 Packet Denial of Service (Google Search) http://archives.neohapsis.com/archives/bugtraq/2010-09/0088.html CERT/CC vulnerability note: VU#215900 http://www.kb.cert.org/vuls/id/215900 Debian Security Information: DSA-2127 (Google Search) http://www.debian.org/security/2010/dsa-2127 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:200 http://xorl.wordpress.com/2010/10/15/cve-2010-3445-wireshark-asn-1-ber-stack-overflow/ http://www.openwall.com/lists/oss-security/2010/10/01/10 http://www.openwall.com/lists/oss-security/2010/10/12/1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14607 http://www.redhat.com/support/errata/RHSA-2010-0924.html http://www.redhat.com/support/errata/RHSA-2011-0370.html http://secunia.com/advisories/42392 http://secunia.com/advisories/42411 http://secunia.com/advisories/42877 http://secunia.com/advisories/43068 http://secunia.com/advisories/43759 http://secunia.com/advisories/43821 SuSE Security Announcement: SUSE-SR:2011:001 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html SuSE Security Announcement: SUSE-SR:2011:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://www.vupen.com/english/advisories/2010/3067 http://www.vupen.com/english/advisories/2010/3093 http://www.vupen.com/english/advisories/2011/0076 http://www.vupen.com/english/advisories/2011/0212 http://www.vupen.com/english/advisories/2011/0404 http://www.vupen.com/english/advisories/2011/0626 http://www.vupen.com/english/advisories/2011/0719 Common Vulnerability Exposure (CVE) ID: CVE-2011-0024 Common Vulnerability Exposure (CVE) ID: CVE-2011-0538 BugTraq ID: 46167 http://www.securityfocus.com/bid/46167 Debian Security Information: DSA-2201 (Google Search) http://www.debian.org/security/2011/dsa-2201 http://www.mandriva.com/security/advisories?name=MDVSA-2011:044 http://openwall.com/lists/oss-security/2011/02/04/1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14605 http://www.redhat.com/support/errata/RHSA-2011-0369.html http://www.securitytracker.com/id?1025148 http://secunia.com/advisories/43795 http://www.vupen.com/english/advisories/2011/0622 http://www.vupen.com/english/advisories/2011/0747 XForce ISS Database: wireshark-pcap-code-execution(65182) https://exchange.xforce.ibmcloud.com/vulnerabilities/65182 Common Vulnerability Exposure (CVE) ID: CVE-2011-1139 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14997 http://secunia.com/advisories/44169 SuSE Security Announcement: openSUSE-SU-2011:0347 (Google Search) https://hermes.opensuse.org/messages/8086844 XForce ISS Database: wireshark-pcapng-dos(65779) https://exchange.xforce.ibmcloud.com/vulnerabilities/65779 Common Vulnerability Exposure (CVE) ID: CVE-2011-1140 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14715 Common Vulnerability Exposure (CVE) ID: CVE-2011-1141 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14974 Common Vulnerability Exposure (CVE) ID: CVE-2011-1143 BugTraq ID: 46796 http://www.securityfocus.com/bid/46796 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16209 http://secunia.com/advisories/48947
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.