Skip to navigation

Security Advisory Moderate: wireshark security update

Advisory: RHSA-2008:0890-2
Type: Security Advisory
Severity: Moderate
Issued on: 2008-10-01
Last updated on: 2008-10-01
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 3)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.7.z)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.7.z)
Red Hat Enterprise Linux EUS (v. 5.2.z server)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2008-1070
CVE-2008-1071
CVE-2008-1072
CVE-2008-1561
CVE-2008-1562
CVE-2008-1563
CVE-2008-3137
CVE-2008-3138
CVE-2008-3141
CVE-2008-3145
CVE-2008-3146
CVE-2008-3932
CVE-2008-3933
CVE-2008-3934

Details

Updated wireshark packages that fix several security issues are now
available for Red Hat Enterprise Linux 3, 4, and 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Wireshark is a program for monitoring network traffic. Wireshark was
previously known as Ethereal.

Multiple buffer overflow flaws were found in Wireshark. If Wireshark read
a malformed packet off a network, it could crash or, possibly, execute
arbitrary code as the user running Wireshark. (CVE-2008-3146)

Several denial of service flaws were found in Wireshark. Wireshark could
crash or stop responding if it read a malformed packet off a network, or
opened a malformed dump file. (CVE-2008-1070, CVE-2008-1071, CVE-2008-1072,
CVE-2008-1561, CVE-2008-1562, CVE-2008-1563, CVE-2008-3137, CVE-2008-3138,
CVE-2008-3141, CVE-2008-3145, CVE-2008-3932, CVE-2008-3933, CVE-2008-3934)

Additionally, this update changes the default Pluggable Authentication
Modules (PAM) configuration to always prompt for the root password before
each start of Wireshark. This avoids unintentionally running Wireshark with
root privileges.

Users of wireshark should upgrade to these updated packages, which contain
Wireshark version 1.0.3, and resolve these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

RHEL Desktop Workstation (v. 5 client)
SRPMS:
wireshark-1.0.3-4.el5_2.src.rpm
File outdated by:  RHSA-2013:0125		     MD5: 679a0d9c39ba1bd2aa9ba068233bd48d
 
IA-32:
wireshark-gnome-1.0.3-4.el5_2.i386.rpm
File outdated by:  RHSA-2013:0125		     MD5: 50b5986debbcc28cb56cf211db29a2f7
 
x86_64:
wireshark-gnome-1.0.3-4.el5_2.x86_64.rpm
File outdated by:  RHSA-2013:0125		     MD5: 28751efc521150c5b2378f1ac944b596
 
Red Hat Desktop (v. 3)
SRPMS:
wireshark-1.0.3-EL3.3.src.rpm
File outdated by:  RHSA-2010:0625		     MD5: 70e84e80e24df3d008875f9c71ade1d4
 
IA-32:
wireshark-1.0.3-EL3.3.i386.rpm
File outdated by:  RHSA-2010:0625		     MD5: 6705179792ab6e44a665c61a831fac0b
wireshark-gnome-1.0.3-EL3.3.i386.rpm
File outdated by:  RHSA-2010:0625		     MD5: e6b851f239c47e535db3365b7d848b46
 
x86_64:
wireshark-1.0.3-EL3.3.x86_64.rpm
File outdated by:  RHSA-2010:0625		     MD5: 64f2107227af85ee757a2f69e0055bae
wireshark-gnome-1.0.3-EL3.3.x86_64.rpm
File outdated by:  RHSA-2010:0625		     MD5: a16530d96836c8f3ce7bb015520b76f9
 
Red Hat Desktop (v. 4)
SRPMS:
wireshark-1.0.3-3.el4_7.src.rpm
File outdated by:  RHSA-2011:0370		     MD5: e22ce0e624b7f8df0042a7abfd322192
 
IA-32:
wireshark-1.0.3-3.el4_7.i386.rpm
File outdated by:  RHSA-2011:0370		     MD5: 717f661dfd186159d495ccd946a69c85
wireshark-gnome-1.0.3-3.el4_7.i386.rpm
File outdated by:  RHSA-2011:0370		     MD5: ffd1a47c7c733a786090c0708a6acebb
 
x86_64:
wireshark-1.0.3-3.el4_7.x86_64.rpm
File outdated by:  RHSA-2011:0370		     MD5: bea76860869826c5f2be129d153f344a
wireshark-gnome-1.0.3-3.el4_7.x86_64.rpm
File outdated by:  RHSA-2011:0370		     MD5: 9f66a8d1e9425406ba99d67bbacf778a
 
Red Hat Enterprise Linux (v. 5 server)
SRPMS:
wireshark-1.0.3-4.el5_2.src.rpm
File outdated by:  RHSA-2013:0125		     MD5: 679a0d9c39ba1bd2aa9ba068233bd48d
 
IA-32:
wireshark-1.0.3-4.el5_2.i386.rpm
File outdated by:  RHSA-2013:0125		     MD5: 3833998457529eb2af1547b2cc4587d1
wireshark-gnome-1.0.3-4.el5_2.i386.rpm
File outdated by:  RHSA-2013:0125		     MD5: 50b5986debbcc28cb56cf211db29a2f7
 
IA-64:
wireshark-1.0.3-4.el5_2.ia64.rpm
File outdated by:  RHSA-2013:0125		     MD5: d942b5fb1b04ebc0d0338b5169d91c39
wireshark-gnome-1.0.3-4.el5_2.ia64.rpm
File outdated by:  RHSA-2013:0125		     MD5: 802a907f7bd37cf78a93bc50a60b6c8f
 
PPC:
wireshark-1.0.3-4.el5_2.ppc.rpm
File outdated by:  RHSA-2013:0125		     MD5: c7c5efd18bbb9d36f76b14c01f0e17ca
wireshark-gnome-1.0.3-4.el5_2.ppc.rpm
File outdated by:  RHSA-2013:0125		     MD5: 7b06ba8acf2235f55f36c59093e81c64
 
s390x:
wireshark-1.0.3-4.el5_2.s390x.rpm
File outdated by:  RHSA-2013:0125		     MD5: c5855b3cf16dac815209197e232ec8ee
wireshark-gnome-1.0.3-4.el5_2.s390x.rpm
File outdated by:  RHSA-2013:0125		     MD5: 9730ad3dbd6890dc7c7bba78e4f589cf
 
x86_64:
wireshark-1.0.3-4.el5_2.x86_64.rpm
File outdated by:  RHSA-2013:0125		     MD5: 6f07c6ff181a52a511e4eed55411cfc8
wireshark-gnome-1.0.3-4.el5_2.x86_64.rpm
File outdated by:  RHSA-2013:0125		     MD5: 28751efc521150c5b2378f1ac944b596
 
Red Hat Enterprise Linux AS (v. 3)
SRPMS:
wireshark-1.0.3-EL3.3.src.rpm
File outdated by:  RHSA-2010:0625		     MD5: 70e84e80e24df3d008875f9c71ade1d4
 
IA-32:
wireshark-1.0.3-EL3.3.i386.rpm
File outdated by:  RHSA-2010:0625		     MD5: 6705179792ab6e44a665c61a831fac0b
wireshark-gnome-1.0.3-EL3.3.i386.rpm
File outdated by:  RHSA-2010:0625		     MD5: e6b851f239c47e535db3365b7d848b46
 
IA-64:
wireshark-1.0.3-EL3.3.ia64.rpm
File outdated by:  RHSA-2010:0625		     MD5: 8652afdf1d51e2a1e60383e004c24883
wireshark-gnome-1.0.3-EL3.3.ia64.rpm
File outdated by:  RHSA-2010:0625		     MD5: 3efea201a8a4520964252576ae84cebf
 
PPC:
wireshark-1.0.3-EL3.3.ppc.rpm
File outdated by:  RHSA-2010:0625		     MD5: c4faf64086f28e0fa21605fce251d73c
wireshark-gnome-1.0.3-EL3.3.ppc.rpm
File outdated by:  RHSA-2010:0625		     MD5: 30f41a2b0dfd1eafe700f092870363ef
 
s390:
wireshark-1.0.3-EL3.3.s390.rpm
File outdated by:  RHSA-2010:0625		     MD5: 1810e6ff014d00fe6cd537005eecfd29
wireshark-gnome-1.0.3-EL3.3.s390.rpm
File outdated by:  RHSA-2010:0625		     MD5: ec078a0b2988da02fcbcc62f46fc1335
 
s390x:
wireshark-1.0.3-EL3.3.s390x.rpm
File outdated by:  RHSA-2010:0625		     MD5: 123ae975bcd251e8f80200aded760501
wireshark-gnome-1.0.3-EL3.3.s390x.rpm
File outdated by:  RHSA-2010:0625		     MD5: ff69bf567aebdcffa0210b4b7fd5b9d6
 
x86_64:
wireshark-1.0.3-EL3.3.x86_64.rpm
File outdated by:  RHSA-2010:0625		     MD5: 64f2107227af85ee757a2f69e0055bae
wireshark-gnome-1.0.3-EL3.3.x86_64.rpm
File outdated by:  RHSA-2010:0625		     MD5: a16530d96836c8f3ce7bb015520b76f9
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
wireshark-1.0.3-3.el4_7.src.rpm
File outdated by:  RHSA-2011:0370		     MD5: e22ce0e624b7f8df0042a7abfd322192
 
IA-32:
wireshark-1.0.3-3.el4_7.i386.rpm
File outdated by:  RHSA-2011:0370		     MD5: 717f661dfd186159d495ccd946a69c85
wireshark-gnome-1.0.3-3.el4_7.i386.rpm
File outdated by:  RHSA-2011:0370		     MD5: ffd1a47c7c733a786090c0708a6acebb
 
IA-64:
wireshark-1.0.3-3.el4_7.ia64.rpm
File outdated by:  RHSA-2011:0370		     MD5: 80583e3eab6c3b271a7ee4e2b765ea3e
wireshark-gnome-1.0.3-3.el4_7.ia64.rpm
File outdated by:  RHSA-2011:0370		     MD5: df4c79fcc74da2508253fc66f9caca14
 
PPC:
wireshark-1.0.3-3.el4_7.ppc.rpm
File outdated by:  RHSA-2011:0370		     MD5: 7881af93a6a093ff54ded936233860ad
wireshark-gnome-1.0.3-3.el4_7.ppc.rpm
File outdated by:  RHSA-2011:0370		     MD5: 4b3171e162dce16e7e39d18f6e4f41db
 
s390:
wireshark-1.0.3-3.el4_7.s390.rpm
File outdated by:  RHSA-2011:0370		     MD5: fbdcb81abfcd064512b020b18fdb3c3d
wireshark-gnome-1.0.3-3.el4_7.s390.rpm
File outdated by:  RHSA-2011:0370		     MD5: 518005a3492f497de0a2a8d6c2cec452
 
s390x:
wireshark-1.0.3-3.el4_7.s390x.rpm
File outdated by:  RHSA-2011:0370		     MD5: 1ea807deff415552dcdbdef98b146719
wireshark-gnome-1.0.3-3.el4_7.s390x.rpm
File outdated by:  RHSA-2011:0370		     MD5: cc09bd3ffec79da1297f42e6be888cbc
 
x86_64:
wireshark-1.0.3-3.el4_7.x86_64.rpm
File outdated by:  RHSA-2011:0370		     MD5: bea76860869826c5f2be129d153f344a
wireshark-gnome-1.0.3-3.el4_7.x86_64.rpm
File outdated by:  RHSA-2011:0370		     MD5: 9f66a8d1e9425406ba99d67bbacf778a
 
Red Hat Enterprise Linux AS (v. 4.7.z)
SRPMS:
wireshark-1.0.3-3.el4_7.src.rpm
File outdated by:  RHSA-2011:0370		     MD5: e22ce0e624b7f8df0042a7abfd322192
 
IA-32:
wireshark-1.0.3-3.el4_7.i386.rpm
File outdated by:  RHSA-2009:0313		     MD5: 717f661dfd186159d495ccd946a69c85
wireshark-gnome-1.0.3-3.el4_7.i386.rpm
File outdated by:  RHSA-2009:0313		     MD5: ffd1a47c7c733a786090c0708a6acebb
 
IA-64:
wireshark-1.0.3-3.el4_7.ia64.rpm
File outdated by:  RHSA-2009:0313		     MD5: 80583e3eab6c3b271a7ee4e2b765ea3e
wireshark-gnome-1.0.3-3.el4_7.ia64.rpm
File outdated by:  RHSA-2009:0313		     MD5: df4c79fcc74da2508253fc66f9caca14
 
PPC:
wireshark-1.0.3-3.el4_7.ppc.rpm
File outdated by:  RHSA-2009:0313		     MD5: 7881af93a6a093ff54ded936233860ad
wireshark-gnome-1.0.3-3.el4_7.ppc.rpm
File outdated by:  RHSA-2009:0313		     MD5: 4b3171e162dce16e7e39d18f6e4f41db
 
s390:
wireshark-1.0.3-3.el4_7.s390.rpm
File outdated by:  RHSA-2009:0313		     MD5: fbdcb81abfcd064512b020b18fdb3c3d
wireshark-gnome-1.0.3-3.el4_7.s390.rpm
File outdated by:  RHSA-2009:0313		     MD5: 518005a3492f497de0a2a8d6c2cec452
 
s390x:
wireshark-1.0.3-3.el4_7.s390x.rpm
File outdated by:  RHSA-2009:0313		     MD5: 1ea807deff415552dcdbdef98b146719
wireshark-gnome-1.0.3-3.el4_7.s390x.rpm
File outdated by:  RHSA-2009:0313		     MD5: cc09bd3ffec79da1297f42e6be888cbc
 
x86_64:
wireshark-1.0.3-3.el4_7.x86_64.rpm
File outdated by:  RHSA-2009:0313		     MD5: bea76860869826c5f2be129d153f344a
wireshark-gnome-1.0.3-3.el4_7.x86_64.rpm
File outdated by:  RHSA-2009:0313		     MD5: 9f66a8d1e9425406ba99d67bbacf778a
 
Red Hat Enterprise Linux Desktop (v. 5 client)
SRPMS:
wireshark-1.0.3-4.el5_2.src.rpm
File outdated by:  RHSA-2013:0125		     MD5: 679a0d9c39ba1bd2aa9ba068233bd48d
 
IA-32:
wireshark-1.0.3-4.el5_2.i386.rpm
File outdated by:  RHSA-2013:0125		     MD5: 3833998457529eb2af1547b2cc4587d1
 
x86_64:
wireshark-1.0.3-4.el5_2.x86_64.rpm
File outdated by:  RHSA-2013:0125		     MD5: 6f07c6ff181a52a511e4eed55411cfc8
 
Red Hat Enterprise Linux ES (v. 3)
SRPMS:
wireshark-1.0.3-EL3.3.src.rpm
File outdated by:  RHSA-2010:0625		     MD5: 70e84e80e24df3d008875f9c71ade1d4
 
IA-32:
wireshark-1.0.3-EL3.3.i386.rpm
File outdated by:  RHSA-2010:0625		     MD5: 6705179792ab6e44a665c61a831fac0b
wireshark-gnome-1.0.3-EL3.3.i386.rpm
File outdated by:  RHSA-2010:0625		     MD5: e6b851f239c47e535db3365b7d848b46
 
IA-64:
wireshark-1.0.3-EL3.3.ia64.rpm
File outdated by:  RHSA-2010:0625		     MD5: 8652afdf1d51e2a1e60383e004c24883
wireshark-gnome-1.0.3-EL3.3.ia64.rpm
File outdated by:  RHSA-2010:0625		     MD5: 3efea201a8a4520964252576ae84cebf
 
x86_64:
wireshark-1.0.3-EL3.3.x86_64.rpm
File outdated by:  RHSA-2010:0625		     MD5: 64f2107227af85ee757a2f69e0055bae
wireshark-gnome-1.0.3-EL3.3.x86_64.rpm
File outdated by:  RHSA-2010:0625		     MD5: a16530d96836c8f3ce7bb015520b76f9
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
wireshark-1.0.3-3.el4_7.src.rpm
File outdated by:  RHSA-2011:0370		     MD5: e22ce0e624b7f8df0042a7abfd322192
 
IA-32:
wireshark-1.0.3-3.el4_7.i386.rpm
File outdated by:  RHSA-2011:0370		     MD5: 717f661dfd186159d495ccd946a69c85
wireshark-gnome-1.0.3-3.el4_7.i386.rpm
File outdated by:  RHSA-2011:0370		     MD5: ffd1a47c7c733a786090c0708a6acebb
 
IA-64:
wireshark-1.0.3-3.el4_7.ia64.rpm
File outdated by:  RHSA-2011:0370		     MD5: 80583e3eab6c3b271a7ee4e2b765ea3e
wireshark-gnome-1.0.3-3.el4_7.ia64.rpm
File outdated by:  RHSA-2011:0370		     MD5: df4c79fcc74da2508253fc66f9caca14
 
x86_64:
wireshark-1.0.3-3.el4_7.x86_64.rpm
File outdated by:  RHSA-2011:0370		     MD5: bea76860869826c5f2be129d153f344a
wireshark-gnome-1.0.3-3.el4_7.x86_64.rpm
File outdated by:  RHSA-2011:0370		     MD5: 9f66a8d1e9425406ba99d67bbacf778a
 
Red Hat Enterprise Linux ES (v. 4.7.z)
SRPMS:
wireshark-1.0.3-3.el4_7.src.rpm
File outdated by:  RHSA-2011:0370		     MD5: e22ce0e624b7f8df0042a7abfd322192
 
IA-32:
wireshark-1.0.3-3.el4_7.i386.rpm
File outdated by:  RHSA-2009:0313		     MD5: 717f661dfd186159d495ccd946a69c85
wireshark-gnome-1.0.3-3.el4_7.i386.rpm
File outdated by:  RHSA-2009:0313		     MD5: ffd1a47c7c733a786090c0708a6acebb
 
IA-64:
wireshark-1.0.3-3.el4_7.ia64.rpm
File outdated by:  RHSA-2009:0313		     MD5: 80583e3eab6c3b271a7ee4e2b765ea3e
wireshark-gnome-1.0.3-3.el4_7.ia64.rpm
File outdated by:  RHSA-2009:0313		     MD5: df4c79fcc74da2508253fc66f9caca14
 
x86_64:
wireshark-1.0.3-3.el4_7.x86_64.rpm
File outdated by:  RHSA-2009:0313		     MD5: bea76860869826c5f2be129d153f344a
wireshark-gnome-1.0.3-3.el4_7.x86_64.rpm
File outdated by:  RHSA-2009:0313		     MD5: 9f66a8d1e9425406ba99d67bbacf778a
 
Red Hat Enterprise Linux EUS (v. 5.2.z server)
SRPMS:
wireshark-1.0.3-4.el5_2.src.rpm
File outdated by:  RHSA-2013:0125		     MD5: 679a0d9c39ba1bd2aa9ba068233bd48d
 
IA-32:
wireshark-1.0.3-4.el5_2.i386.rpm     MD5: 3833998457529eb2af1547b2cc4587d1
wireshark-gnome-1.0.3-4.el5_2.i386.rpm     MD5: 50b5986debbcc28cb56cf211db29a2f7
 
IA-64:
wireshark-1.0.3-4.el5_2.ia64.rpm     MD5: d942b5fb1b04ebc0d0338b5169d91c39
wireshark-gnome-1.0.3-4.el5_2.ia64.rpm     MD5: 802a907f7bd37cf78a93bc50a60b6c8f
 
PPC:
wireshark-1.0.3-4.el5_2.ppc.rpm     MD5: c7c5efd18bbb9d36f76b14c01f0e17ca
wireshark-gnome-1.0.3-4.el5_2.ppc.rpm     MD5: 7b06ba8acf2235f55f36c59093e81c64
 
s390x:
wireshark-1.0.3-4.el5_2.s390x.rpm     MD5: c5855b3cf16dac815209197e232ec8ee
wireshark-gnome-1.0.3-4.el5_2.s390x.rpm     MD5: 9730ad3dbd6890dc7c7bba78e4f589cf
 
x86_64:
wireshark-1.0.3-4.el5_2.x86_64.rpm     MD5: 6f07c6ff181a52a511e4eed55411cfc8
wireshark-gnome-1.0.3-4.el5_2.x86_64.rpm     MD5: 28751efc521150c5b2378f1ac944b596
 
Red Hat Enterprise Linux WS (v. 3)
SRPMS:
wireshark-1.0.3-EL3.3.src.rpm
File outdated by:  RHSA-2010:0625		     MD5: 70e84e80e24df3d008875f9c71ade1d4
 
IA-32:
wireshark-1.0.3-EL3.3.i386.rpm
File outdated by:  RHSA-2010:0625		     MD5: 6705179792ab6e44a665c61a831fac0b
wireshark-gnome-1.0.3-EL3.3.i386.rpm
File outdated by:  RHSA-2010:0625		     MD5: e6b851f239c47e535db3365b7d848b46
 
IA-64:
wireshark-1.0.3-EL3.3.ia64.rpm
File outdated by:  RHSA-2010:0625		     MD5: 8652afdf1d51e2a1e60383e004c24883
wireshark-gnome-1.0.3-EL3.3.ia64.rpm
File outdated by:  RHSA-2010:0625		     MD5: 3efea201a8a4520964252576ae84cebf
 
x86_64:
wireshark-1.0.3-EL3.3.x86_64.rpm
File outdated by:  RHSA-2010:0625		     MD5: 64f2107227af85ee757a2f69e0055bae
wireshark-gnome-1.0.3-EL3.3.x86_64.rpm
File outdated by:  RHSA-2010:0625		     MD5: a16530d96836c8f3ce7bb015520b76f9
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
wireshark-1.0.3-3.el4_7.src.rpm
File outdated by:  RHSA-2011:0370		     MD5: e22ce0e624b7f8df0042a7abfd322192
 
IA-32:
wireshark-1.0.3-3.el4_7.i386.rpm
File outdated by:  RHSA-2011:0370		     MD5: 717f661dfd186159d495ccd946a69c85
wireshark-gnome-1.0.3-3.el4_7.i386.rpm
File outdated by:  RHSA-2011:0370		     MD5: ffd1a47c7c733a786090c0708a6acebb
 
IA-64:
wireshark-1.0.3-3.el4_7.ia64.rpm
File outdated by:  RHSA-2011:0370		     MD5: 80583e3eab6c3b271a7ee4e2b765ea3e
wireshark-gnome-1.0.3-3.el4_7.ia64.rpm
File outdated by:  RHSA-2011:0370		     MD5: df4c79fcc74da2508253fc66f9caca14
 
x86_64:
wireshark-1.0.3-3.el4_7.x86_64.rpm
File outdated by:  RHSA-2011:0370		     MD5: bea76860869826c5f2be129d153f344a
wireshark-gnome-1.0.3-3.el4_7.x86_64.rpm
File outdated by:  RHSA-2011:0370		     MD5: 9f66a8d1e9425406ba99d67bbacf778a
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

435481 - CVE-2008-1070 wireshark: SCTP dissector crash
435482 - CVE-2008-1071 wireshark: SNMP dissector crash
435483 - CVE-2008-1072 wireshark: TFTP dissector crash
439943 - CVE-2008-1563 wireshark: crash in SCCP dissector
440014 - CVE-2008-1561 wireshark: crash in X.509sat and Roofnet dissectors
440015 - CVE-2008-1562 wireshark: crash in LDAP dissector
448584 - Don't automatically use stored privileges
454970 - CVE-2008-3137 wireshark: crash in the GSM SMS dissector
454971 - CVE-2008-3138 wireshark: unexpected exit in the PANA and KISMET dissectors
454975 - CVE-2008-3141 wireshark: memory disclosure in the RMI dissector
454984 - CVE-2008-3145 wireshark: crash in the packet reassembling
461242 - CVE-2008-3146 wireshark: multiple buffer overflows in NCP dissector
461243 - CVE-2008-3932 wireshark: infinite loop in the NCP dissector
461244 - CVE-2008-3933 wireshark: crash triggered by zlib-compressed packet data
461245 - CVE-2008-3934 wireshark: crash via crafted Tektronix .rf5 file


References

https://www.redhat.com/security/data/cve/CVE-2008-1070.html
https://www.redhat.com/security/data/cve/CVE-2008-1071.html
https://www.redhat.com/security/data/cve/CVE-2008-1072.html
https://www.redhat.com/security/data/cve/CVE-2008-1561.html
https://www.redhat.com/security/data/cve/CVE-2008-1562.html
https://www.redhat.com/security/data/cve/CVE-2008-1563.html
https://www.redhat.com/security/data/cve/CVE-2008-3137.html
https://www.redhat.com/security/data/cve/CVE-2008-3138.html
https://www.redhat.com/security/data/cve/CVE-2008-3141.html
https://www.redhat.com/security/data/cve/CVE-2008-3145.html
https://www.redhat.com/security/data/cve/CVE-2008-3146.html
https://www.redhat.com/security/data/cve/CVE-2008-3932.html
https://www.redhat.com/security/data/cve/CVE-2008-3933.html
https://www.redhat.com/security/data/cve/CVE-2008-3934.html
http://www.redhat.com/security/updates/classification/#moderate
http://www.wireshark.org/docs/relnotes/
http://www.wireshark.org/security/

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/