[SECURITY] [DSA 2590-1] wireshark security update

2012-12-2615:20:12

lists.debian.org

CVSS2

3.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.2

Confidence

Low

EPSS

0.003

Percentile

68.5%

JSON

Debian Security Advisory DSA-2590-1 [email protected]
http://www.debian.org/security/ Moritz Muehlenhoff
December 26, 2012 http://www.debian.org/security/faq

Package : wireshark
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-4048 CVE-2012-4296

Bjorn Mork and Laurent Butti discovered crashes in the PPP and RTPS2
dissectors, which could potentially result in the execution of arbitrary
code.

For the stable distribution (squeeze), these problems have been fixed in
version 1.2.11-6+squeeze8.

For the unstable distribution (sid), these problems have been fixed in
version 1.8.2-1.

We recommend that you upgrade your wireshark packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian6i386wireshark-common< 1.2.11-6+squeeze8wireshark-common_1.2.11-6+squeeze8_i386.deb
Debian6ia64wireshark-common< 1.2.11-6+squeeze8wireshark-common_1.2.11-6+squeeze8_ia64.deb
Debian6ia64wireshark-dbg< 1.2.11-6+squeeze8wireshark-dbg_1.2.11-6+squeeze8_ia64.deb
Debian6powerpctshark< 1.2.11-6+squeeze8tshark_1.2.11-6+squeeze8_powerpc.deb
Debian6ia64wireshark< 1.2.11-6+squeeze8wireshark_1.2.11-6+squeeze8_ia64.deb
Debian6i386tshark< 1.2.11-6+squeeze8tshark_1.2.11-6+squeeze8_i386.deb
Debian6mipselwireshark-dev< 1.2.11-6+squeeze8wireshark-dev_1.2.11-6+squeeze8_mipsel.deb
Debian6armelwireshark-common< 1.2.11-6+squeeze8wireshark-common_1.2.11-6+squeeze8_armel.deb
Debian6s390wireshark-common< 1.2.11-6+squeeze8wireshark-common_1.2.11-6+squeeze8_s390.deb
Debian6mipswireshark< 1.2.11-6+squeeze8wireshark_1.2.11-6+squeeze8_mips.deb

OS	Version	Architecture	Package	Version	Filename
Debian	6	i386	wireshark-common	< 1.2.11-6+squeeze8	wireshark-common_1.2.11-6+squeeze8_i386.deb
Debian	6	ia64	wireshark-common	< 1.2.11-6+squeeze8	wireshark-common_1.2.11-6+squeeze8_ia64.deb
Debian	6	ia64	wireshark-dbg	< 1.2.11-6+squeeze8	wireshark-dbg_1.2.11-6+squeeze8_ia64.deb
Debian	6	powerpc	tshark	< 1.2.11-6+squeeze8	tshark_1.2.11-6+squeeze8_powerpc.deb
Debian	6	ia64	wireshark	< 1.2.11-6+squeeze8	wireshark_1.2.11-6+squeeze8_ia64.deb
Debian	6	i386	tshark	< 1.2.11-6+squeeze8	tshark_1.2.11-6+squeeze8_i386.deb
Debian	6	mipsel	wireshark-dev	< 1.2.11-6+squeeze8	wireshark-dev_1.2.11-6+squeeze8_mipsel.deb
Debian	6	armel	wireshark-common	< 1.2.11-6+squeeze8	wireshark-common_1.2.11-6+squeeze8_armel.deb
Debian	6	s390	wireshark-common	< 1.2.11-6+squeeze8	wireshark-common_1.2.11-6+squeeze8_s390.deb
Debian	6	mips	wireshark	< 1.2.11-6+squeeze8	wireshark_1.2.11-6+squeeze8_mips.deb