Please support VectorLinux!

Author Topic: 090409 wireshark-1.0.7 [VL6.0]  (Read 491 times)

toothandnail

  • Moderator
  • Vectorian
  • *****
  • Posts: 2527
090409 wireshark-1.0.7 [VL6.0]
« on: April 09, 2009, 04:04:16 am »
I've built wireshark for VL 6.0. 

Package:  wireshark-1.0.7-i586-1vl60.tlz
MD5: 6e19304fedd3578e1d2845b6b715fbda
Package Size:  7731 K
Installed Size: 38980 K

Sources:  http://vectorlinux.osuosl.org/veclinux-6.0/source/testing/net/wireshark

Code: [Select]
wireshark: wireshark (a powerful network protocol analyzer)
wireshark:
wireshark: wireshark is a cross-platform, powerful and flexible network protocol
wireshark: analyzer. It provides live packet capture as well as offline
wireshark: analysis
wireshark:
wireshark:
wireshark: License: GPL
wireshark: Authors: Gerald Combs <gerald[AT]wireshark.org>  & others
wireshark: Website: http://www.wireshark.org/

Just noticed. The 1.0.7 build fixes a number of security problems:

Quote
Wireshark 1.0.7 fixes the following vulnerabilities:

* The PROFINET dissector was vulnerable to a format string overflow. (Bug 3382) Versions affected: 0.99.6 to 1.0.6 CVE-2009-1210
* The LDAP dissector could crash on Windows. (Bug 3262) Versions affected: 0.99.2 to 1.0.6 CVE-2009-1267
* The Check Point High-Availability Protocol (CPHAP) dissector could crash. (Bug 3269) Versions affected: 0.9.6 to 1.0.6 CVE-2009-1268
* Wireshark could crash while loading a Tektronix .rf5 file. (Bug 3366) Versions affected: 0.99.6 to 1.0.6 CVE-2009-1269

Impact

It may be possible to make Wireshark crash by altering the HOME environment variable or by convincing someone to read a malformed packet trace file.

After testing this package please stop back here and let us know how it works for you.

« Last Edit: April 09, 2009, 01:55:33 pm by toothandnail »