ID de Prueba:	1.3.6.1.4.1.25623.1.0.72064
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2011:164 (wireshark)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to wireshark announced via advisory MDVSA-2011:164. This advisory updates wireshark to the latest version (1.6.3), fixing several security issues: An uninitialized variable in the CSN.1 dissector could cause a crash (CVE-2011-4100). Huzaifa Sidhpurwala of Red Hat Security Response Team discovered that the Infiniband dissector could dereference a NULL pointer (CVE-2011-4101). Huzaifa Sidhpurwala of Red Hat Security Response Team discovered a buffer overflow in the ERF file reader (CVE-2011-4102). The updated packages have been upgraded to the latest 1.6.x version (1.6.3) which is not vulnerable to these issues. Affected: 2011. Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2011:164 http://www.wireshark.org/security/wnpa-sec-2011-17.html http://www.wireshark.org/security/wnpa-sec-2011-18.html http://www.wireshark.org/security/wnpa-sec-2011-19.html Risk factor : High
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4100 46644 http://secunia.com/advisories/46644 50479 http://www.securityfocus.com/bid/50479 76768 http://osvdb.org/76768 [oss-security] 20111101 Re: CVE request for wireshark flaws http://openwall.com/lists/oss-security/2011/11/01/9 http://anonsvn.wireshark.org/viewvc?view=revision&revision=39140 http://www.wireshark.org/security/wnpa-sec-2011-17.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6351 https://bugzilla.redhat.com/show_bug.cgi?id=750643 oval:org.mitre.oval:def:14833 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14833 wireshark-csn1-dissector-dos(71090) https://exchange.xforce.ibmcloud.com/vulnerabilities/71090 Common Vulnerability Exposure (CVE) ID: CVE-2011-4101 50481 http://www.securityfocus.com/bid/50481 76769 http://osvdb.org/76769 http://anonsvn.wireshark.org/viewvc?view=revision&revision=39500 http://www.wireshark.org/security/wnpa-sec-2011-18.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6476 https://bugzilla.redhat.com/show_bug.cgi?id=750645 oval:org.mitre.oval:def:14760 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14760 wireshark-infiniband-dissector-dos(71091) https://exchange.xforce.ibmcloud.com/vulnerabilities/71091 Common Vulnerability Exposure (CVE) ID: CVE-2011-4102 46913 http://secunia.com/advisories/46913 48947 http://secunia.com/advisories/48947 50486 http://www.securityfocus.com/bid/50486 76770 http://osvdb.org/76770 RHSA-2013:0125 http://rhn.redhat.com/errata/RHSA-2013-0125.html http://anonsvn.wireshark.org/viewvc?view=revision&revision=39508 http://www.wireshark.org/security/wnpa-sec-2011-19.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6479 https://bugzilla.redhat.com/show_bug.cgi?id=750648 oval:org.mitre.oval:def:15073 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15073 wireshark-erf-bo(71092) https://exchange.xforce.ibmcloud.com/vulnerabilities/71092
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.