RHSA-2008:0890: Moderate: wireshark security update
First published: Wed Oct 01 2008(Updated: )
Wireshark is a program for monitoring network traffic. Wireshark was<br>previously known as Ethereal.<br>Multiple buffer overflow flaws were found in Wireshark. If Wireshark read<br>a malformed packet off a network, it could crash or, possibly, execute<br>arbitrary code as the user running Wireshark. (CVE-2008-3146)<br>Several denial of service flaws were found in Wireshark. Wireshark could<br>crash or stop responding if it read a malformed packet off a network, or<br>opened a malformed dump file. (CVE-2008-1070, CVE-2008-1071, CVE-2008-1072,<br>CVE-2008-1561, CVE-2008-1562, CVE-2008-1563, CVE-2008-3137, CVE-2008-3138,<br>CVE-2008-3141, CVE-2008-3145, CVE-2008-3932, CVE-2008-3933, CVE-2008-3934)<br>Additionally, this update changes the default Pluggable Authentication<br>Modules (PAM) configuration to always prompt for the root password before<br>each start of Wireshark. This avoids unintentionally running Wireshark with<br>root privileges.<br>Users of wireshark should upgrade to these updated packages, which contain<br>Wireshark version 1.0.3, and resolve these issues.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/wireshark | <1.0.3-4.el5_2 | 1.0.3-4.el5_2 |
| redhat/wireshark | <1.0.3-4.el5_2 | 1.0.3-4.el5_2 |
| redhat/wireshark-gnome | <1.0.3-4.el5_2 | 1.0.3-4.el5_2 |
| redhat/wireshark-gnome | <1.0.3-4.el5_2 | 1.0.3-4.el5_2 |
| redhat/wireshark | <1.0.3-3.el4_7 | 1.0.3-3.el4_7 |
| redhat/wireshark | <1.0.3-3.el4_7 | 1.0.3-3.el4_7 |
| redhat/wireshark-gnome | <1.0.3-3.el4_7 | 1.0.3-3.el4_7 |
| redhat/wireshark-gnome | <1.0.3-3.el4_7 | 1.0.3-3.el4_7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=435481
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=435482
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=435483
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=439943
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=440014
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=440015
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=448584
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=454970
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=454971
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=454975
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=454984
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=461242
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=461243
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=461244
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=461245
- http://www.redhat.com/security/updates/classification/#moderate
- http://www.wireshark.org/docs/relnotes/
- http://www.wireshark.org/security/
- https://access.redhat.com/errata/RHSA-2008:0890 (Advisory)
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- agent/weakness
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2008:0890
- agent/software-canonical-lookup
- package-manager/redhat