Red Hat Product Errata RHSA-2007:0066 - Security Advisory
Issued:
2007-03-14
Updated:
2007-03-14

RHSA-2007:0066 - Security Advisory

Synopsis

Low: wireshark security update

Type/Severity

Security Advisory: Low

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

New Wireshark packages that fix various security vulnerabilities are now
available. Wireshark was previously known as Ethereal.

This update has been rated as having low security impact by the Red Hat
Security Response Team.

Description

Wireshark is a program for monitoring network traffic.

Several denial of service bugs were found in Wireshark's LLT, IEEE 802.11,
http, and tcp protocol dissectors. It was possible for Wireshark to crash
or stop responding if it read a malformed packet off the network.
(CVE-2007-0456, CVE-2007-0457, CVE-2007-0458, CVE-2007-0459)

Users of Wireshark should upgrade to these updated packages containing
Wireshark version 0.99.5, which is not vulnerable to these issues.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Affected Products

  • Red Hat Enterprise Linux Server 5 x86_64
  • Red Hat Enterprise Linux Server 5 ia64
  • Red Hat Enterprise Linux Server 5 i386
  • Red Hat Enterprise Linux Server 4 x86_64
  • Red Hat Enterprise Linux Server 4 ia64
  • Red Hat Enterprise Linux Server 4 i386
  • Red Hat Enterprise Linux Server 3 x86_64
  • Red Hat Enterprise Linux Server 3 ia64
  • Red Hat Enterprise Linux Server 3 i386
  • Red Hat Enterprise Linux Server 2 ia64
  • Red Hat Enterprise Linux Server 2 i386
  • Red Hat Enterprise Linux Workstation 5 x86_64
  • Red Hat Enterprise Linux Workstation 5 i386
  • Red Hat Enterprise Linux Workstation 4 x86_64
  • Red Hat Enterprise Linux Workstation 4 ia64
  • Red Hat Enterprise Linux Workstation 4 i386
  • Red Hat Enterprise Linux Workstation 3 x86_64
  • Red Hat Enterprise Linux Workstation 3 ia64
  • Red Hat Enterprise Linux Workstation 3 i386
  • Red Hat Enterprise Linux Workstation 2 ia64
  • Red Hat Enterprise Linux Workstation 2 i386
  • Red Hat Enterprise Linux Desktop 5 x86_64
  • Red Hat Enterprise Linux Desktop 5 i386
  • Red Hat Enterprise Linux Desktop 4 x86_64
  • Red Hat Enterprise Linux Desktop 4 i386
  • Red Hat Enterprise Linux Desktop 3 x86_64
  • Red Hat Enterprise Linux Desktop 3 i386
  • Red Hat Enterprise Linux for IBM z Systems 5 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390
  • Red Hat Enterprise Linux for IBM z Systems 3 s390x
  • Red Hat Enterprise Linux for IBM z Systems 3 s390
  • Red Hat Enterprise Linux for Power, big endian 5 ppc
  • Red Hat Enterprise Linux for Power, big endian 4 ppc
  • Red Hat Enterprise Linux for Power, big endian 3 ppc
  • Red Hat Enterprise Linux Server from RHUI 5 x86_64
  • Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

  • BZ - 225689 - CVE-2007-0456 Multiple Wireshark issues (CVE-2007-0457, CVE-2007-0458, CVE-2007-0459)
  • BZ - 225781 - CVE-2007-0456 Multiple Wireshark issues (CVE-2007-0457, CVE-2007-0458, CVE-2007-0459)

Red Hat Enterprise Linux Server 5

SRPM
x86_64
wireshark-0.99.5-1.el5.x86_64.rpm SHA-256: d02fc8a86b7d78c28a161a24d8df302ab0500e94b7a22b7c1d58824f0a35d1c9
wireshark-gnome-0.99.5-1.el5.x86_64.rpm SHA-256: ab9576aa4e3d78c4849054656e555bc91d190e5ffb72813ab4edc7873c23c39f
ia64
wireshark-0.99.5-1.el5.ia64.rpm SHA-256: d2089d6fa0bed4099e6e3b76948da7220f973ca989efb4714ae4f847005ba2a0
wireshark-gnome-0.99.5-1.el5.ia64.rpm SHA-256: 67d125e6553d5bab706c6f53a8de666e1dee7f4005181005ff026b91b5dd18ab
i386
wireshark-0.99.5-1.el5.i386.rpm SHA-256: 3814a9086ab9bbb01b5c5238a7d6daac5ed661e8ce54683ccd2783e4ed627c00
wireshark-gnome-0.99.5-1.el5.i386.rpm SHA-256: 770852be72419e23aa25af1c6cb47efc8fbfdb1788802130b39fd2e50fbb64c0

Red Hat Enterprise Linux Server 4

SRPM
x86_64
wireshark-0.99.5-EL4.1.x86_64.rpm SHA-256: ae255712211ec010dfb9adcfb2d0d0bf429189646eccb02af3605e4c7f117055
wireshark-0.99.5-EL4.1.x86_64.rpm SHA-256: ae255712211ec010dfb9adcfb2d0d0bf429189646eccb02af3605e4c7f117055
wireshark-gnome-0.99.5-EL4.1.x86_64.rpm SHA-256: 8f7c75abb84347dc2e7487ac994b9fad8cfaf6e5e6a8c0cbe748708ba9d1d392
wireshark-gnome-0.99.5-EL4.1.x86_64.rpm SHA-256: 8f7c75abb84347dc2e7487ac994b9fad8cfaf6e5e6a8c0cbe748708ba9d1d392
ia64
wireshark-0.99.5-EL4.1.ia64.rpm SHA-256: e099643e0cd171b860deac31cc614be4df0df359bd24fc72a2e09145febd900c
wireshark-0.99.5-EL4.1.ia64.rpm SHA-256: e099643e0cd171b860deac31cc614be4df0df359bd24fc72a2e09145febd900c
wireshark-gnome-0.99.5-EL4.1.ia64.rpm SHA-256: 3d0e3a19cd7fb81072ff6991adfaec927819a27d60250ce794fd00458d2392ee
wireshark-gnome-0.99.5-EL4.1.ia64.rpm SHA-256: 3d0e3a19cd7fb81072ff6991adfaec927819a27d60250ce794fd00458d2392ee
i386
wireshark-0.99.5-EL4.1.i386.rpm SHA-256: a7e99f0f39ab2dfb60ef0934de39edcec0b735a7c3b6773196c4b282ed441b49
wireshark-0.99.5-EL4.1.i386.rpm SHA-256: a7e99f0f39ab2dfb60ef0934de39edcec0b735a7c3b6773196c4b282ed441b49
wireshark-gnome-0.99.5-EL4.1.i386.rpm SHA-256: abc6028a2c19430dee8705a7a60880e093b32007acd2648448a3a2b1183c975c
wireshark-gnome-0.99.5-EL4.1.i386.rpm SHA-256: abc6028a2c19430dee8705a7a60880e093b32007acd2648448a3a2b1183c975c

Red Hat Enterprise Linux Server 3

SRPM
x86_64
ia64
i386

Red Hat Enterprise Linux Server 2

SRPM
ia64
i386

Red Hat Enterprise Linux Workstation 5

SRPM
x86_64
wireshark-0.99.5-1.el5.x86_64.rpm SHA-256: d02fc8a86b7d78c28a161a24d8df302ab0500e94b7a22b7c1d58824f0a35d1c9
wireshark-gnome-0.99.5-1.el5.x86_64.rpm SHA-256: ab9576aa4e3d78c4849054656e555bc91d190e5ffb72813ab4edc7873c23c39f
i386
wireshark-0.99.5-1.el5.i386.rpm SHA-256: 3814a9086ab9bbb01b5c5238a7d6daac5ed661e8ce54683ccd2783e4ed627c00
wireshark-gnome-0.99.5-1.el5.i386.rpm SHA-256: 770852be72419e23aa25af1c6cb47efc8fbfdb1788802130b39fd2e50fbb64c0

Red Hat Enterprise Linux Workstation 4

SRPM
x86_64
wireshark-0.99.5-EL4.1.x86_64.rpm SHA-256: ae255712211ec010dfb9adcfb2d0d0bf429189646eccb02af3605e4c7f117055
wireshark-gnome-0.99.5-EL4.1.x86_64.rpm SHA-256: 8f7c75abb84347dc2e7487ac994b9fad8cfaf6e5e6a8c0cbe748708ba9d1d392
ia64
wireshark-0.99.5-EL4.1.ia64.rpm SHA-256: e099643e0cd171b860deac31cc614be4df0df359bd24fc72a2e09145febd900c
wireshark-gnome-0.99.5-EL4.1.ia64.rpm SHA-256: 3d0e3a19cd7fb81072ff6991adfaec927819a27d60250ce794fd00458d2392ee
i386
wireshark-0.99.5-EL4.1.i386.rpm SHA-256: a7e99f0f39ab2dfb60ef0934de39edcec0b735a7c3b6773196c4b282ed441b49
wireshark-gnome-0.99.5-EL4.1.i386.rpm SHA-256: abc6028a2c19430dee8705a7a60880e093b32007acd2648448a3a2b1183c975c

Red Hat Enterprise Linux Workstation 3

SRPM
x86_64
ia64
i386

Red Hat Enterprise Linux Workstation 2

SRPM
ia64
i386

Red Hat Enterprise Linux Desktop 5

SRPM
x86_64
wireshark-0.99.5-1.el5.x86_64.rpm SHA-256: d02fc8a86b7d78c28a161a24d8df302ab0500e94b7a22b7c1d58824f0a35d1c9
i386
wireshark-0.99.5-1.el5.i386.rpm SHA-256: 3814a9086ab9bbb01b5c5238a7d6daac5ed661e8ce54683ccd2783e4ed627c00

Red Hat Enterprise Linux Desktop 4

SRPM
x86_64
wireshark-0.99.5-EL4.1.x86_64.rpm SHA-256: ae255712211ec010dfb9adcfb2d0d0bf429189646eccb02af3605e4c7f117055
wireshark-gnome-0.99.5-EL4.1.x86_64.rpm SHA-256: 8f7c75abb84347dc2e7487ac994b9fad8cfaf6e5e6a8c0cbe748708ba9d1d392
i386
wireshark-0.99.5-EL4.1.i386.rpm SHA-256: a7e99f0f39ab2dfb60ef0934de39edcec0b735a7c3b6773196c4b282ed441b49
wireshark-gnome-0.99.5-EL4.1.i386.rpm SHA-256: abc6028a2c19430dee8705a7a60880e093b32007acd2648448a3a2b1183c975c

Red Hat Enterprise Linux Desktop 3

SRPM
x86_64
i386

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
s390x
wireshark-0.99.5-1.el5.s390x.rpm SHA-256: 2d9fd8270d152df72ff1fd08ce8dbc1c42243217ba4075241fac7451b116cd7f
wireshark-gnome-0.99.5-1.el5.s390x.rpm SHA-256: 2b87de31b0b990f7f4e99238fd4c53720d9d4ce641f0db128651f35bada50b0f

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
s390x
wireshark-0.99.5-EL4.1.s390x.rpm SHA-256: bfbeae01aa3e92722296bb075e2c0510977188aca4fd9081f04ffab4cfc54e28
wireshark-gnome-0.99.5-EL4.1.s390x.rpm SHA-256: 5ae5a90d04ddca2823af1c8f19a4a53e494f2d893e8ef1f6b126876bb5646109
s390
wireshark-0.99.5-EL4.1.s390.rpm SHA-256: 144ce5061dcad507066417be1ab3e4b81e5fb38599b2ba36c26496363eac86a5
wireshark-gnome-0.99.5-EL4.1.s390.rpm SHA-256: b743884c869f98c5ea9ef00fa9d5b69760cc1151127de0197366a14771b035ce

Red Hat Enterprise Linux for IBM z Systems 3

SRPM
s390x
s390

Red Hat Enterprise Linux for Power, big endian 5

SRPM
ppc
wireshark-0.99.5-1.el5.ppc.rpm SHA-256: bf12189bf98e0562b38d7b504a9fce657f1833061781565c696e8a09d976cfa1
wireshark-gnome-0.99.5-1.el5.ppc.rpm SHA-256: 6019bc9e2513c2d5991b317592e52a4c9000caf96cde23a44938a9eaa06683fc

Red Hat Enterprise Linux for Power, big endian 4

SRPM
ppc
wireshark-0.99.5-EL4.1.ppc.rpm SHA-256: f3c748f252b1698ecb85ebfaf3a2f119ab068315d2dd7efa2057e9b92d5a715d
wireshark-gnome-0.99.5-EL4.1.ppc.rpm SHA-256: ec9ad15a3f4dfd094dc1eaeba20aef7d63d4cf69e575e917b68cc64925c63e24

Red Hat Enterprise Linux for Power, big endian 3

SRPM
ppc

Red Hat Enterprise Linux Server from RHUI 5

SRPM
x86_64
wireshark-0.99.5-1.el5.x86_64.rpm SHA-256: d02fc8a86b7d78c28a161a24d8df302ab0500e94b7a22b7c1d58824f0a35d1c9
wireshark-gnome-0.99.5-1.el5.x86_64.rpm SHA-256: ab9576aa4e3d78c4849054656e555bc91d190e5ffb72813ab4edc7873c23c39f
i386
wireshark-0.99.5-1.el5.i386.rpm SHA-256: 3814a9086ab9bbb01b5c5238a7d6daac5ed661e8ce54683ccd2783e4ed627c00
wireshark-gnome-0.99.5-1.el5.i386.rpm SHA-256: 770852be72419e23aa25af1c6cb47efc8fbfdb1788802130b39fd2e50fbb64c0

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.