GLSA 200607-09: Wireshark: Multiple vulnerabilities

http://security.gentoo.org/

Severity:	high
Title:	Wireshark: Multiple vulnerabilities
Date:	07/25/2006
Bugs:	#140856
ID:	200607-09

Synopsis

Wireshark (formerly known as Ethereal) is vulnerable to several security issues, potentially allowing the execution of arbitrary code by a remote attacker.

Background

Wireshark, formerly known as Ethereal, is a popular network protocol analyzer.

Affected packages

Package	Vulnerable	Unaffected	Architecture(s)
net-analyzer/wireshark	< 0.99.2	>= 0.99.2	All supported architectures
net-analyzer/ethereal	<= 0.99.0-r1		All supported architectures

Description

Wireshark dissectors have been found vulnerable to a large number of exploits, including off-by-one errors, buffer overflows, format string overflows and an infinite loop.

Impact

Running an affected version of Wireshark or Ethereal could allow for a remote attacker to execute arbitrary code on the user's computer by sending specially crafted packets.

Workaround

There is no known workaround at this time.

Resolution

All Wireshark users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-0.99.2"

All Ethereal users should migrate to Wireshark:


    # emerge --sync
    # emerge --ask --unmerge net-analyzer/ethereal
    # emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-0.99.2"

To keep the [saved] configuration from Ethereal and reuse it with Wireshark:


    # mv ~/.ethereal ~/.wireshark

References

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200607-09.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.