Lucene search

DebianDEBIAN:DSA-3719-1:09113

HistoryNov 21, 2016 - 8:59 a.m.

[SECURITY] [DSA 3719-1] wireshark security update

2016-11-2108:59:41

lists.debian.org

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.3

Confidence

High

EPSS

0.005

Percentile

76.7%

JSON

Debian Security Advisory DSA-3719-1 [email protected]
https://www.debian.org/security/ Sebastien Delafond
November 21, 2016 https://www.debian.org/security/faq

Package : wireshark
CVE ID : CVE-2016-9373 CVE-2016-9374 CVE-2016-9375 CVE-2016-9376

It was discovered that wireshark, a network protocol analyzer,
contained several vulnerabilities in the dissectors for DCERPC,
AllJoyn, DTN, and OpenFlow, that could lead to various crashes,
denial-of-service, or execution of arbitrary code.

For the stable distribution (jessie), these problems have been fixed in
version 1.12.1+g01b65bf-4+deb8u10.

For the unstable distribution (sid), these problems have been fixed in
version 2.2.2+g9c5aae3-1.

We recommend that you upgrade your wireshark packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian8mipsellibwiretap-dev< 1.12.1+g01b65bf-4+deb8u10libwiretap-dev_1.12.1+g01b65bf-4+deb8u10_mipsel.deb
Debian8kfreebsd-amd64tshark< 1.12.1+g01b65bf-4+deb8u10tshark_1.12.1+g01b65bf-4+deb8u10_kfreebsd-amd64.deb
Debian8s390xlibwsutil4< 1.12.1+g01b65bf-4+deb8u10libwsutil4_1.12.1+g01b65bf-4+deb8u10_s390x.deb
Debian8mipswireshark-common< 1.12.1+g01b65bf-4+deb8u10wireshark-common_1.12.1+g01b65bf-4+deb8u10_mips.deb
Debian8s390xwireshark-common< 1.12.1+g01b65bf-4+deb8u10wireshark-common_1.12.1+g01b65bf-4+deb8u10_s390x.deb
Debian8kfreebsd-amd64wireshark< 1.12.1+g01b65bf-4+deb8u10wireshark_1.12.1+g01b65bf-4+deb8u10_kfreebsd-amd64.deb
Debian8kfreebsd-i386libwiretap4< 1.12.1+g01b65bf-4+deb8u10libwiretap4_1.12.1+g01b65bf-4+deb8u10_kfreebsd-i386.deb
Debian8arm64wireshark-qt< 1.12.1+g01b65bf-4+deb8u10wireshark-qt_1.12.1+g01b65bf-4+deb8u10_arm64.deb
Debian8i386libwiretap4< 1.12.1+g01b65bf-4+deb8u10libwiretap4_1.12.1+g01b65bf-4+deb8u10_i386.deb
Debian8kfreebsd-amd64libwireshark5< 1.12.1+g01b65bf-4+deb8u10libwireshark5_1.12.1+g01b65bf-4+deb8u10_kfreebsd-amd64.deb

OS	Version	Architecture	Package	Version	Filename
Debian	8	mipsel	libwiretap-dev	< 1.12.1+g01b65bf-4+deb8u10	libwiretap-dev_1.12.1+g01b65bf-4+deb8u10_mipsel.deb
Debian	8	kfreebsd-amd64	tshark	< 1.12.1+g01b65bf-4+deb8u10	tshark_1.12.1+g01b65bf-4+deb8u10_kfreebsd-amd64.deb
Debian	8	s390x	libwsutil4	< 1.12.1+g01b65bf-4+deb8u10	libwsutil4_1.12.1+g01b65bf-4+deb8u10_s390x.deb
Debian	8	mips	wireshark-common	< 1.12.1+g01b65bf-4+deb8u10	wireshark-common_1.12.1+g01b65bf-4+deb8u10_mips.deb
Debian	8	s390x	wireshark-common	< 1.12.1+g01b65bf-4+deb8u10	wireshark-common_1.12.1+g01b65bf-4+deb8u10_s390x.deb
Debian	8	kfreebsd-amd64	wireshark	< 1.12.1+g01b65bf-4+deb8u10	wireshark_1.12.1+g01b65bf-4+deb8u10_kfreebsd-amd64.deb
Debian	8	kfreebsd-i386	libwiretap4	< 1.12.1+g01b65bf-4+deb8u10	libwiretap4_1.12.1+g01b65bf-4+deb8u10_kfreebsd-i386.deb
Debian	8	arm64	wireshark-qt	< 1.12.1+g01b65bf-4+deb8u10	wireshark-qt_1.12.1+g01b65bf-4+deb8u10_arm64.deb
Debian	8	i386	libwiretap4	< 1.12.1+g01b65bf-4+deb8u10	libwiretap4_1.12.1+g01b65bf-4+deb8u10_i386.deb
Debian	8	kfreebsd-amd64	libwireshark5	< 1.12.1+g01b65bf-4+deb8u10	libwireshark5_1.12.1+g01b65bf-4+deb8u10_kfreebsd-amd64.deb