CentOS Local Security Checks : CentOS Update for wireshark CESA-2011:0013 centos4 x86

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.881253

Categoría: CentOS Local Security Checks

Título: CentOS Update for wireshark CESA-2011:0013 centos4 x86_64

Resumen: The remote host is missing an update for the 'wireshark'; package(s) announced via the referenced advisory.

Descripción: Summary:
The remote host is missing an update for the 'wireshark'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Wireshark is a program for monitoring network traffic. Wireshark was
previously known as Ethereal.

An array index error, leading to a stack-based buffer overflow, was found
in the Wireshark ENTTEC dissector. If Wireshark read a malformed packet off
a network or opened a malicious dump file, it could crash or, possibly,
execute arbitrary code as the user running Wireshark. (CVE-2010-4538)

Users of Wireshark should upgrade to these updated packages, which contain
a backported patch to correct this issue. All running instances of
Wireshark must be restarted for the update to take effect.

Affected Software/OS:
wireshark on CentOS 4

Solution:
Please install the updated packages.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-4538
1024930
http://www.securitytracker.com/id?1024930
42767
http://secunia.com/advisories/42767
42853
http://secunia.com/advisories/42853
42910
http://secunia.com/advisories/42910
42914
http://secunia.com/advisories/42914
45634
http://www.securityfocus.com/bid/45634
70244
http://osvdb.org/70244
ADV-2011-0008
http://www.vupen.com/english/advisories/2011/0008
ADV-2011-0053
http://www.vupen.com/english/advisories/2011/0053
ADV-2011-0069
http://www.vupen.com/english/advisories/2011/0069
ADV-2011-0079
http://www.vupen.com/english/advisories/2011/0079
ADV-2011-0099
http://www.vupen.com/english/advisories/2011/0099
ADV-2011-0110
http://www.vupen.com/english/advisories/2011/0110
DSA-2144
http://www.debian.org/security/2011/dsa-2144
FEDORA-2011-0128
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053042.html
FEDORA-2011-0167
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053061.html
MDVSA-2011:002
http://www.mandriva.com/security/advisories?name=MDVSA-2011:002
RHSA-2011:0013
http://www.redhat.com/support/errata/RHSA-2011-0013.html
[oss-security] 20101231 CVE Request: Wireshark
http://openwall.com/lists/oss-security/2010/12/31/7
[oss-security] 20110103 Re: CVE Request: Wireshark
http://openwall.com/lists/oss-security/2011/01/03/8
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5539
oval:org.mitre.oval:def:14937
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14937

Copyright Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.881253
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for wireshark CESA-2011:0013 centos4 x86_64
Resumen:	The remote host is missing an update for the 'wireshark'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'wireshark' package(s) announced via the referenced advisory. Vulnerability Insight: Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. An array index error, leading to a stack-based buffer overflow, was found in the Wireshark ENTTEC dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2010-4538) Users of Wireshark should upgrade to these updated packages, which contain a backported patch to correct this issue. All running instances of Wireshark must be restarted for the update to take effect. Affected Software/OS: wireshark on CentOS 4 Solution: Please install the updated packages. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-4538 1024930 http://www.securitytracker.com/id?1024930 42767 http://secunia.com/advisories/42767 42853 http://secunia.com/advisories/42853 42910 http://secunia.com/advisories/42910 42914 http://secunia.com/advisories/42914 45634 http://www.securityfocus.com/bid/45634 70244 http://osvdb.org/70244 ADV-2011-0008 http://www.vupen.com/english/advisories/2011/0008 ADV-2011-0053 http://www.vupen.com/english/advisories/2011/0053 ADV-2011-0069 http://www.vupen.com/english/advisories/2011/0069 ADV-2011-0079 http://www.vupen.com/english/advisories/2011/0079 ADV-2011-0099 http://www.vupen.com/english/advisories/2011/0099 ADV-2011-0110 http://www.vupen.com/english/advisories/2011/0110 DSA-2144 http://www.debian.org/security/2011/dsa-2144 FEDORA-2011-0128 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053042.html FEDORA-2011-0167 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053061.html MDVSA-2011:002 http://www.mandriva.com/security/advisories?name=MDVSA-2011:002 RHSA-2011:0013 http://www.redhat.com/support/errata/RHSA-2011-0013.html [oss-security] 20101231 CVE Request: Wireshark http://openwall.com/lists/oss-security/2010/12/31/7 [oss-security] 20110103 Re: CVE Request: Wireshark http://openwall.com/lists/oss-security/2011/01/03/8 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5539 oval:org.mitre.oval:def:14937 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14937
Copyright	Copyright (C) 2012 Greenbone AG