Upgrade to upstream 1.0.2 that fixes several security vulnerabilities:
http://www.wireshark.org/security/wnpa-sec-2008-03.html http://www.wireshark.org/security/wnpa-sec-2008-04.html

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Various vulnerabilities have been fixed in wireshark: CVE-2008-3137 / CVE-2008-3138 / CVE-2008-3139 / CVE-2008-3140 / CVE-2008-3141 / CVE-2008-3145 / CVE-2008-3146.

The remote host is affected by the vulnerability described in GLSA-200808-04 (Wireshark: Denial of Service)

    Multiple vulnerabilities related to memory management were discovered     in the GSM SMS dissector (CVE-2008-3137), the PANA and KISMET     dissectors (CVE-2008-3138), the RTMPT dissector (CVE-2008-3139), the     syslog dissector (CVE-2008-3140) and the RMI dissector (CVE-2008-3141)     and when reassembling fragmented packets (CVE-2008-3145).
  Impact :

    A remote attacker could exploit these vulnerabilities by sending a     specially crafted packet on a network being monitored by Wireshark or     enticing a user to read a malformed packet trace file, causing a Denial     of Service.
  Workaround :

    There is no known workaround at this time.

Various vulnerabilities have been fixed in wireshark: CVE-2008-3137, CVE-2008-3138, CVE-2008-3139, CVE-2008-3140, CVE-2008-3141, CVE-2008-3145 and CVE-2008-3146.

A number of vulnerabilities were discovered in Wireshark that could cause it to crash while processing malicious packets (CVE-2008-3137, CVE-2008-3138, CVE-2008-3139, CVE-2008-3140, CVE-2008-3141, CVE-2008-3145).

This update provides Wireshark 1.0.2, which is not vulnerable to these issues.

Various vulnerabilities have been fixed in ethereal: CVE-2008-3137, CVE-2008-3138, CVE-2008-3139, CVE-2008-3140, CVE-2008-3141, CVE-2008-3145 and CVE-2008-3146.

ID	Name	Product	Family	Published	Updated	Severity
33553	Fedora 8 : wireshark-1.0.2-1.fc8 (2008-6645)	Nessus	Fedora Local Security Checks	7/23/2008	1/11/2021	medium
34046	SuSE 10 Security Update : ethereal (ZYPP Patch Number 5520)	Nessus	SuSE Local Security Checks	8/26/2008	1/14/2021	critical
33834	GLSA-200808-04 : Wireshark: Denial of Service	Nessus	Gentoo Local Security Checks	8/7/2008	1/6/2021	medium
40151	openSUSE Security Update : wireshark (wireshark-149)	Nessus	SuSE Local Security Checks	7/21/2009	1/14/2021	critical
36557	Mandriva Linux Security Advisory : wireshark (MDVSA-2008:152)	Nessus	Mandriva Local Security Checks	4/23/2009	1/6/2021	medium
41234	SuSE9 Security Update : ethereal (YOU Patch Number 12225)	Nessus	SuSE Local Security Checks	9/24/2009	1/14/2021	critical
33521	Fedora 9 : wireshark-1.0.2-1.fc9 (2008-6440)	Nessus	Fedora Local Security Checks	7/16/2008	1/11/2021	medium
34047	openSUSE 10 Security Update : wireshark (wireshark-5515)	Nessus	SuSE Local Security Checks	8/26/2008	1/14/2021	critical

Detections

Analytics

Plugins Search

medium

critical

medium

critical

medium

critical

medium

critical