Skip to navigation

Security Advisory Low: wireshark security update

Advisory: RHSA-2007:0710-2
Type: Security Advisory
Severity: Low
Issued on: 2007-11-07
Last updated on: 2007-11-07
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
CVEs (cve.mitre.org): CVE-2007-3389
CVE-2007-3390
CVE-2007-3391
CVE-2007-3392
CVE-2007-3393

Details

New Wireshark packages that fix various security vulnerabilities are now
available for Red Hat Enterprise Linux 5. Wireshark was previously known
as Ethereal.

This update has been rated as having low security impact by the Red Hat
Security Response Team.

Wireshark is a program for monitoring network traffic.

Several denial of service bugs were found in Wireshark's HTTP, iSeries, DCP
ETSI, SSL, MMS, DHCP and BOOTP protocol dissectors. It was possible for
Wireshark to crash or stop responding if it read a malformed packet off the
network. (CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392,
CVE-2007-3393)

Users of Wireshark and Ethereal should upgrade to these updated packages,
containing Wireshark version 0.99.6, which is not vulnerable to these
issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
wireshark-0.99.6-1.el5.src.rpm
File outdated by:  RHSA-2014:0341
    MD5: f49fa8d0277d49cd8eaca3cab3d72990
 
IA-32:
wireshark-gnome-0.99.6-1.el5.i386.rpm
File outdated by:  RHSA-2014:0341
    MD5: b9b63d2c30c0100d5f573ebc81bd4023
 
x86_64:
wireshark-gnome-0.99.6-1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0341
    MD5: 8fc46b79d4d74c5434b5a673c38d80d0
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
wireshark-0.99.6-1.el5.src.rpm
File outdated by:  RHSA-2014:0341
    MD5: f49fa8d0277d49cd8eaca3cab3d72990
 
IA-32:
wireshark-0.99.6-1.el5.i386.rpm
File outdated by:  RHSA-2014:0341
    MD5: 47debd82ab5bc864a3cdd9dd64484282
wireshark-gnome-0.99.6-1.el5.i386.rpm
File outdated by:  RHSA-2014:0341
    MD5: b9b63d2c30c0100d5f573ebc81bd4023
 
IA-64:
wireshark-0.99.6-1.el5.ia64.rpm
File outdated by:  RHSA-2014:0341
    MD5: 9803781c960202e93b07c15edfac733c
wireshark-gnome-0.99.6-1.el5.ia64.rpm
File outdated by:  RHSA-2014:0341
    MD5: 3711e4d1653c0aac43ee7b08f5149304
 
PPC:
wireshark-0.99.6-1.el5.ppc.rpm
File outdated by:  RHSA-2014:0341
    MD5: 598a710138caa4c174306ba4930201d4
wireshark-gnome-0.99.6-1.el5.ppc.rpm
File outdated by:  RHSA-2014:0341
    MD5: 7560565717c181cf210eab9438ae5f29
 
s390x:
wireshark-0.99.6-1.el5.s390x.rpm
File outdated by:  RHSA-2014:0341
    MD5: 25ac5e44a7a5dcd87c77292999b2501c
wireshark-gnome-0.99.6-1.el5.s390x.rpm
File outdated by:  RHSA-2014:0341
    MD5: 2238fbab472c7f05b7b3ac801f8652dc
 
x86_64:
wireshark-0.99.6-1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0341
    MD5: a28ed04bd22158d7cf68bc71589b82c4
wireshark-gnome-0.99.6-1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0341
    MD5: 8fc46b79d4d74c5434b5a673c38d80d0
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
wireshark-0.99.6-1.el5.src.rpm
File outdated by:  RHSA-2014:0341
    MD5: f49fa8d0277d49cd8eaca3cab3d72990
 
IA-32:
wireshark-0.99.6-1.el5.i386.rpm
File outdated by:  RHSA-2014:0341
    MD5: 47debd82ab5bc864a3cdd9dd64484282
 
x86_64:
wireshark-0.99.6-1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0341
    MD5: a28ed04bd22158d7cf68bc71589b82c4
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

245796 - CVE-2007-3389 Wireshark crashes when inspecting HTTP traffic
245797 - CVE-2007-3391 Wireshark loops infinitely when inspecting DCP ETSI traffic
245798 - CVE-2007-3392 Wireshark loops infinitely when inspecting SSL traffic
246221 - CVE-2007-3393 Wireshark corrupts the stack when inspecting BOOTP traffic
246225 - CVE-2007-3390 Wireshark crashes when inspecting iSeries traffic
246229 - CVE-2007-3392 Wireshark crashes when inspecting MMS traffic


References


Keywords

BOOTP, crash, DCP, DHCP, DoS, ETSI, HTTP, iSeries, loop, MMS, SSL


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/