-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:270 http://www.mandriva.com/security/ _______________________________________________________________________ Package : wireshark Date : October 12, 2009 Affected: 2009.0, 2009.1, Corporate 4.0, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: A vulnerability has been found and corrected in wireshark: Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets (CVE-2009-3241). This update fixes this vulnerability. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3241 _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.0: 2bde688e3de981ae3180da4f05f5e860 2009.0/i586/dumpcap-1.0.8-3.3mdv2009.0.i586.rpm 8216fb437b04046ad2b78c6a8ddebdce 2009.0/i586/libwireshark0-1.0.8-3.3mdv2009.0.i586.rpm 282063c02297a2a70be4fd87b69762c0 2009.0/i586/libwireshark-devel-1.0.8-3.3mdv2009.0.i586.rpm 93b7d86a3f5e45c8bbe0ecd349c97bde 2009.0/i586/rawshark-1.0.8-3.3mdv2009.0.i586.rpm f4f449adb85ac8bfc32ace580857a6ea 2009.0/i586/tshark-1.0.8-3.3mdv2009.0.i586.rpm 8716922a83cd417e9b7b2ce883ca884c 2009.0/i586/wireshark-1.0.8-3.3mdv2009.0.i586.rpm 08268e3ffdd712e455683461c7824932 2009.0/i586/wireshark-tools-1.0.8-3.3mdv2009.0.i586.rpm 557f530edfefccd6c86722471a420157 2009.0/SRPMS/wireshark-1.0.8-3.3mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: 351498c928631fca8b4a17e2cda0e9e4 2009.0/x86_64/dumpcap-1.0.8-3.3mdv2009.0.x86_64.rpm 031e245b10fbceb7b0c31a6655f6e865 2009.0/x86_64/lib64wireshark0-1.0.8-3.3mdv2009.0.x86_64.rpm ea2868e2e3275ef8d81d1df0921c94a4 2009.0/x86_64/lib64wireshark-devel-1.0.8-3.3mdv2009.0.x86_64.rpm c2de9defd468a89b0253dc666c1deec5 2009.0/x86_64/rawshark-1.0.8-3.3mdv2009.0.x86_64.rpm b78e8891183e62b82c7e2b69c82d6b2f 2009.0/x86_64/tshark-1.0.8-3.3mdv2009.0.x86_64.rpm 77587f7f59238df2369268343fab38df 2009.0/x86_64/wireshark-1.0.8-3.3mdv2009.0.x86_64.rpm 7f73ef1ea62e8135449aef0081767b9a 2009.0/x86_64/wireshark-tools-1.0.8-3.3mdv2009.0.x86_64.rpm 557f530edfefccd6c86722471a420157 2009.0/SRPMS/wireshark-1.0.8-3.3mdv2009.0.src.rpm Mandriva Linux 2009.1: 60a5e67fccdef0c1262fbd0a09c2348c 2009.1/i586/dumpcap-1.0.8-3.3mdv2009.1.i586.rpm 5acf7dc50d50c411b95197afd57e900e 2009.1/i586/libwireshark0-1.0.8-3.3mdv2009.1.i586.rpm b5d518bb595eab0ae8d45076251f5310 2009.1/i586/libwireshark-devel-1.0.8-3.3mdv2009.1.i586.rpm 9e6420089364f4328f23f69097234ef4 2009.1/i586/rawshark-1.0.8-3.3mdv2009.1.i586.rpm 6f1185ef8f9f40bbb658f717aa3e1bc3 2009.1/i586/tshark-1.0.8-3.3mdv2009.1.i586.rpm abb50dcc4f9f724a9616c9312f22242d 2009.1/i586/wireshark-1.0.8-3.3mdv2009.1.i586.rpm 9b57739a885b779ed27f8ecd1741741c 2009.1/i586/wireshark-tools-1.0.8-3.3mdv2009.1.i586.rpm 0de2b5f93d233d934fc60db6b878df39 2009.1/SRPMS/wireshark-1.0.8-3.3mdv2009.1.src.rpm Mandriva Linux 2009.1/X86_64: bd69b75efaf76123bc6f432b497c4d48 2009.1/x86_64/dumpcap-1.0.8-3.3mdv2009.1.x86_64.rpm ca9e6caf06d3d04b6733c91b4fdebadf 2009.1/x86_64/lib64wireshark0-1.0.8-3.3mdv2009.1.x86_64.rpm 080aeaac702ee188bb14117f4fb8ad78 2009.1/x86_64/lib64wireshark-devel-1.0.8-3.3mdv2009.1.x86_64.rpm 26f7faa79b096c647a7dc28b7437a43d 2009.1/x86_64/rawshark-1.0.8-3.3mdv2009.1.x86_64.rpm 907b493706802e0346f9b49d30c6ab8a 2009.1/x86_64/tshark-1.0.8-3.3mdv2009.1.x86_64.rpm e9f7324616e46f70f1121067c7e90763 2009.1/x86_64/wireshark-1.0.8-3.3mdv2009.1.x86_64.rpm 6d8711428172217d929ddde4af90d753 2009.1/x86_64/wireshark-tools-1.0.8-3.3mdv2009.1.x86_64.rpm 0de2b5f93d233d934fc60db6b878df39 2009.1/SRPMS/wireshark-1.0.8-3.3mdv2009.1.src.rpm Corporate 4.0: 235a73de04afa52b6c2bd4d15fc04de8 corporate/4.0/i586/dumpcap-1.0.8-0.3.20060mlcs4.i586.rpm 527692971e6feb970b85d660ec3db6f5 corporate/4.0/i586/libwireshark0-1.0.8-0.3.20060mlcs4.i586.rpm 54e5d379b63c1dd73dd0a6637117c80e corporate/4.0/i586/libwireshark-devel-1.0.8-0.3.20060mlcs4.i586.rpm 3c632ea90bef9509cb12c87ab4260bc5 corporate/4.0/i586/rawshark-1.0.8-0.3.20060mlcs4.i586.rpm 8009af53ab8d2f2e6771c08d88f3696e corporate/4.0/i586/tshark-1.0.8-0.3.20060mlcs4.i586.rpm 22f786d733ceada2b2714d7a92bdbd96 corporate/4.0/i586/wireshark-1.0.8-0.3.20060mlcs4.i586.rpm b4c9f6f49203ddfa51e71dc63a859f63 corporate/4.0/i586/wireshark-tools-1.0.8-0.3.20060mlcs4.i586.rpm c595cf7c6f131cf59cd842886f5ad4b8 corporate/4.0/SRPMS/wireshark-1.0.8-0.3.20060mlcs4.src.rpm Corporate 4.0/X86_64: 42469cfd64904936faa44d905748528c corporate/4.0/x86_64/dumpcap-1.0.8-0.3.20060mlcs4.x86_64.rpm 69b656cbd3318d651a3e0848eb075d25 corporate/4.0/x86_64/lib64wireshark0-1.0.8-0.3.20060mlcs4.x86_64.rpm b5b033f2e2dcd4f3dd7667c7ce3dcbd7 corporate/4.0/x86_64/lib64wireshark-devel-1.0.8-0.3.20060mlcs4.x86_64.rpm 3ce35df4b75a82efe453b0029920e6b4 corporate/4.0/x86_64/rawshark-1.0.8-0.3.20060mlcs4.x86_64.rpm 434a75fe14dcd011a41e776a14ed7350 corporate/4.0/x86_64/tshark-1.0.8-0.3.20060mlcs4.x86_64.rpm 6ad3ecc27f403ca13b083b238b06c7e7 corporate/4.0/x86_64/wireshark-1.0.8-0.3.20060mlcs4.x86_64.rpm 30314354841e099d96d4b027663b5015 corporate/4.0/x86_64/wireshark-tools-1.0.8-0.3.20060mlcs4.x86_64.rpm c595cf7c6f131cf59cd842886f5ad4b8 corporate/4.0/SRPMS/wireshark-1.0.8-0.3.20060mlcs4.src.rpm Mandriva Enterprise Server 5: 17f89060c77952ed112258f1abfe0abc mes5/i586/dumpcap-1.0.8-3.3mdvmes5.i586.rpm abe0adc98b505d61603fe290bc7e61d1 mes5/i586/libwireshark0-1.0.8-3.3mdvmes5.i586.rpm 49d5467f90ebb20fba8fc357accd2ba7 mes5/i586/libwireshark-devel-1.0.8-3.3mdvmes5.i586.rpm 352b688a76410b04c541c4e203c9e7a2 mes5/i586/rawshark-1.0.8-3.3mdvmes5.i586.rpm b98e60094dea42ac3342bc26e215dead mes5/i586/tshark-1.0.8-3.3mdvmes5.i586.rpm c6ea5e0db20a3094c3d5d88a5038a0c8 mes5/i586/wireshark-1.0.8-3.3mdvmes5.i586.rpm a101c193c08eeaa47f036407360981b5 mes5/i586/wireshark-tools-1.0.8-3.3mdvmes5.i586.rpm 8aa8055f7abf91a44be930b673a17666 mes5/SRPMS/wireshark-1.0.8-3.3mdvmes5.src.rpm Mandriva Enterprise Server 5/X86_64: 81435f348933151e20d407dc454b7185 mes5/x86_64/dumpcap-1.0.8-3.3mdvmes5.x86_64.rpm 1bc631e207090e4ea14697f6402698af mes5/x86_64/lib64wireshark0-1.0.8-3.3mdvmes5.x86_64.rpm 96aa50d0c98a3b67186b5a6aa4fd564b mes5/x86_64/lib64wireshark-devel-1.0.8-3.3mdvmes5.x86_64.rpm 9017d0824e7358b941a021e9b15c05cf mes5/x86_64/rawshark-1.0.8-3.3mdvmes5.x86_64.rpm 9fe1cc86912952fdd1a43a27081c52db mes5/x86_64/tshark-1.0.8-3.3mdvmes5.x86_64.rpm 550faa2dc40cd436b5119d969da8553a mes5/x86_64/wireshark-1.0.8-3.3mdvmes5.x86_64.rpm 67485a40e441e2d23f14e9e227618a9b mes5/x86_64/wireshark-tools-1.0.8-3.3mdvmes5.x86_64.rpm 8aa8055f7abf91a44be930b673a17666 mes5/SRPMS/wireshark-1.0.8-3.3mdvmes5.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFK0zSfmqjQ0CJFipgRAiBPAKDIX2oYAND45gGt0DEYZBTw1yIgGwCg6MY6 tBVWTXOfaL0RwCH4VCqeIkE= =IXKg -----END PGP SIGNATURE-----
