| id | 43085 |
|---|
| Risiko | other |
|---|
| Familie | SuSE Local Security Checks |
|---|
| Kategori | infos |
|---|
| Navn | SuSE Security Update: wireshark (2009-11-25) |
|---|
| Sammenfatning | Check for the wireshark package |
|---|
| Beskrivelse | Synopsis :
The remote SuSE system is missing a security patch for wireshark
Description :
Version upgrade of wireshark fix multiple vulnerabilities:
- CVE-2009-3549: CVSS v2 Base Score: 5.0 (MEDIUM) The
Paltalk dissector could crash on alignment-sensitive
processors.
- CVE-2009-3550: CVSS v2 Base Score: 4.3 (MEDIUM) The
DCERPC/NT dissector could crash.
- CVE-2009-3551: CVSS v2 Base Score: 5.0 (MEDIUM) The SMB
dissector could crash.
- CVE-2009-2560: CVSS v2 Base Score: 5.0 (MEDIUM) The
RADIUS dissector could crash.
- CVE-2009-3829 CVSS v2 Base Score: 9.3 (HIGH) Fix for an
integer overflow in wiretap/erf.c that allowed remote
attackers to execute arbitrary code via a crafted ERF
file.
See also :
https://bugzilla.novell.com/show_bug.cgi?id=550320
https://bugzilla.novell.com/show_bug.cgi?id=553215
Solution :
Run yast to install the security patch for wireshark
Risk factor :
High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
|
|---|
| CVE |
CVE-2009-2560,CVE-2009-3549,CVE-2009-3550,CVE-2009-3551,CVE-2009-3829 |
| Bugtraq |
NOBID |
| Copyright |
(C) 2009 Tenable Network Security, Inc. |