RHSA-2009:1100 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: wireshark security update

Type/Severity

Security Advisory: Moderate

Topic

Updated wireshark packages that fix several security issues are now
available for Red Hat Enterprise Linux 3, 4, and 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Description

Wireshark is a program for monitoring network traffic. Wireshark was
previously known as Ethereal.

A format string flaw was found in Wireshark. If Wireshark read a malformed
packet off a network or opened a malicious dump file, it could crash or,
possibly, execute arbitrary code as the user running Wireshark. (CVE-2009-1210)

Several denial of service flaws were found in Wireshark. Wireshark could
crash or stop responding if it read a malformed packet off a network, or
opened a malicious dump file. (CVE-2009-1268, CVE-2009-1269, CVE-2009-1829)

Users of wireshark should upgrade to these updated packages, which contain
Wireshark version 1.0.8, and resolve these issues. All running instances of
Wireshark must be restarted for the update to take effect.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

Red Hat Enterprise Linux Server 5 x86_64
Red Hat Enterprise Linux Server 5 ia64
Red Hat Enterprise Linux Server 5 i386
Red Hat Enterprise Linux Server 4 x86_64
Red Hat Enterprise Linux Server 4 ia64
Red Hat Enterprise Linux Server 4 i386
Red Hat Enterprise Linux Server 3 x86_64
Red Hat Enterprise Linux Server 3 ia64
Red Hat Enterprise Linux Server 3 i386
Red Hat Enterprise Linux Server - Extended Update Support 5.3 x86_64
Red Hat Enterprise Linux Server - Extended Update Support 5.3 ia64
Red Hat Enterprise Linux Server - Extended Update Support 5.3 i386
Red Hat Enterprise Linux Server - Extended Update Support 4.8 x86_64
Red Hat Enterprise Linux Server - Extended Update Support 4.8 ia64
Red Hat Enterprise Linux Server - Extended Update Support 4.8 i386
Red Hat Enterprise Linux Server - AUS 5.3 x86_64
Red Hat Enterprise Linux Server - AUS 5.3 ia64
Red Hat Enterprise Linux Server - AUS 5.3 i386
Red Hat Enterprise Linux Workstation 5 x86_64
Red Hat Enterprise Linux Workstation 5 i386
Red Hat Enterprise Linux Workstation 4 x86_64
Red Hat Enterprise Linux Workstation 4 ia64
Red Hat Enterprise Linux Workstation 4 i386
Red Hat Enterprise Linux Workstation 3 x86_64
Red Hat Enterprise Linux Workstation 3 ia64
Red Hat Enterprise Linux Workstation 3 i386
Red Hat Enterprise Linux Desktop 5 x86_64
Red Hat Enterprise Linux Desktop 5 i386
Red Hat Enterprise Linux Desktop 4 x86_64
Red Hat Enterprise Linux Desktop 4 i386
Red Hat Enterprise Linux Desktop 3 x86_64
Red Hat Enterprise Linux Desktop 3 i386
Red Hat Enterprise Linux for IBM z Systems 5 s390x
Red Hat Enterprise Linux for IBM z Systems 4 s390x
Red Hat Enterprise Linux for IBM z Systems 4 s390
Red Hat Enterprise Linux for IBM z Systems 3 s390x
Red Hat Enterprise Linux for IBM z Systems 3 s390
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 5.3 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.8 s390
Red Hat Enterprise Linux for Power, big endian 5 ppc
Red Hat Enterprise Linux for Power, big endian 4 ppc
Red Hat Enterprise Linux for Power, big endian 3 ppc
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 5.3 ppc
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.8 ppc
Red Hat Enterprise Linux Server from RHUI 5 x86_64
Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

BZ - 493973 - CVE-2009-1210 wireshark: format string in PROFINET dissector
BZ - 495119 - CVE-2009-1268 Wireshark CHAP dissector crash
BZ - 495121 - CVE-2009-1269 Wireshark Tektronix .rf5 file crash
BZ - 501929 - CVE-2009-1829 wireshark: PCNFSD dissector crash

CVEs

References

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 5

SRPM
wireshark-1.0.8-1.el5_3.1.src.rpm	SHA-256: 4dabc5cb336fb4a00379297c774eb57514ff5ab10c91eb7b597c23ef0065fc56
x86_64
wireshark-1.0.8-1.el5_3.1.x86_64.rpm	SHA-256: 5391a32b363905fcb668941691f67fb4675bd2f07665b26318405c3e36451c10
wireshark-gnome-1.0.8-1.el5_3.1.x86_64.rpm	SHA-256: f9d0f11eaa5eea6c9e1e8b7ce7735cc819a88b981f2541aabeba6d809c56de13
ia64
wireshark-1.0.8-1.el5_3.1.ia64.rpm	SHA-256: e453d849d2b9e704eda50d6b798d373ace6cd0bc8cadd980be6dbaf40e6f5d98
wireshark-gnome-1.0.8-1.el5_3.1.ia64.rpm	SHA-256: 8728037620047dfa37d5ef8883a6fe4368df69ba1a49f9465d0af9d89b80765a
i386
wireshark-1.0.8-1.el5_3.1.i386.rpm	SHA-256: 7ded5f88b4cafbfba920b6ec4bd085df8eee3214ce37560bcd18400a15ba4b82
wireshark-gnome-1.0.8-1.el5_3.1.i386.rpm	SHA-256: d2668d5f0e2ad20d70305f0790e63d957f7c587ddc669c05cf31484ea729eca7

Red Hat Enterprise Linux Server 4

SRPM
wireshark-1.0.8-1.el4_8.1.src.rpm	SHA-256: 25c5e41d3d3e5015a89c5d3df443133618a33ebc93b6e273edc71fdfd8c342cd
x86_64
wireshark-1.0.8-1.el4_8.1.x86_64.rpm	SHA-256: c62927d1e39d0622a044e96bb4795ce278a8256c4e70fa607cd76e6aa85d5b0c
wireshark-1.0.8-1.el4_8.1.x86_64.rpm	SHA-256: c62927d1e39d0622a044e96bb4795ce278a8256c4e70fa607cd76e6aa85d5b0c
wireshark-gnome-1.0.8-1.el4_8.1.x86_64.rpm	SHA-256: 9e271b66db4aaa17b12730b3179d49bbbab65fc1e323ecfc6c543a2ec67f0aa8
wireshark-gnome-1.0.8-1.el4_8.1.x86_64.rpm	SHA-256: 9e271b66db4aaa17b12730b3179d49bbbab65fc1e323ecfc6c543a2ec67f0aa8
ia64
wireshark-1.0.8-1.el4_8.1.ia64.rpm	SHA-256: 0c514b9b194f5d2c4496ca273e509a962703129b08a14ff1b5e393d7b6126ff2
wireshark-1.0.8-1.el4_8.1.ia64.rpm	SHA-256: 0c514b9b194f5d2c4496ca273e509a962703129b08a14ff1b5e393d7b6126ff2
wireshark-gnome-1.0.8-1.el4_8.1.ia64.rpm	SHA-256: 6e7b36daaf9c5274814d3c9401b2e38d44639229e623a0c034ae657b9377dd13
wireshark-gnome-1.0.8-1.el4_8.1.ia64.rpm	SHA-256: 6e7b36daaf9c5274814d3c9401b2e38d44639229e623a0c034ae657b9377dd13
i386
wireshark-1.0.8-1.el4_8.1.i386.rpm	SHA-256: aae6b25653a32e6e7e74420cae01706bb94512dade495f8d5f4b2ff1be90319b
wireshark-1.0.8-1.el4_8.1.i386.rpm	SHA-256: aae6b25653a32e6e7e74420cae01706bb94512dade495f8d5f4b2ff1be90319b
wireshark-gnome-1.0.8-1.el4_8.1.i386.rpm	SHA-256: 12df420b37cfa67ce98bc42156c7326bda4c64d46bc50bfaf3a915e1e2f37b71
wireshark-gnome-1.0.8-1.el4_8.1.i386.rpm	SHA-256: 12df420b37cfa67ce98bc42156c7326bda4c64d46bc50bfaf3a915e1e2f37b71

Red Hat Enterprise Linux Server - Extended Update Support 4.8

SRPM
wireshark-1.0.8-1.el4_8.1.src.rpm	SHA-256: 25c5e41d3d3e5015a89c5d3df443133618a33ebc93b6e273edc71fdfd8c342cd
x86_64
wireshark-1.0.8-1.el4_8.1.x86_64.rpm	SHA-256: c62927d1e39d0622a044e96bb4795ce278a8256c4e70fa607cd76e6aa85d5b0c
wireshark-1.0.8-1.el4_8.1.x86_64.rpm	SHA-256: c62927d1e39d0622a044e96bb4795ce278a8256c4e70fa607cd76e6aa85d5b0c
wireshark-gnome-1.0.8-1.el4_8.1.x86_64.rpm	SHA-256: 9e271b66db4aaa17b12730b3179d49bbbab65fc1e323ecfc6c543a2ec67f0aa8
wireshark-gnome-1.0.8-1.el4_8.1.x86_64.rpm	SHA-256: 9e271b66db4aaa17b12730b3179d49bbbab65fc1e323ecfc6c543a2ec67f0aa8
ia64
wireshark-1.0.8-1.el4_8.1.ia64.rpm	SHA-256: 0c514b9b194f5d2c4496ca273e509a962703129b08a14ff1b5e393d7b6126ff2
wireshark-1.0.8-1.el4_8.1.ia64.rpm	SHA-256: 0c514b9b194f5d2c4496ca273e509a962703129b08a14ff1b5e393d7b6126ff2
wireshark-gnome-1.0.8-1.el4_8.1.ia64.rpm	SHA-256: 6e7b36daaf9c5274814d3c9401b2e38d44639229e623a0c034ae657b9377dd13
wireshark-gnome-1.0.8-1.el4_8.1.ia64.rpm	SHA-256: 6e7b36daaf9c5274814d3c9401b2e38d44639229e623a0c034ae657b9377dd13
i386
wireshark-1.0.8-1.el4_8.1.i386.rpm	SHA-256: aae6b25653a32e6e7e74420cae01706bb94512dade495f8d5f4b2ff1be90319b
wireshark-1.0.8-1.el4_8.1.i386.rpm	SHA-256: aae6b25653a32e6e7e74420cae01706bb94512dade495f8d5f4b2ff1be90319b
wireshark-gnome-1.0.8-1.el4_8.1.i386.rpm	SHA-256: 12df420b37cfa67ce98bc42156c7326bda4c64d46bc50bfaf3a915e1e2f37b71
wireshark-gnome-1.0.8-1.el4_8.1.i386.rpm	SHA-256: 12df420b37cfa67ce98bc42156c7326bda4c64d46bc50bfaf3a915e1e2f37b71

Red Hat Enterprise Linux Workstation 5

SRPM
wireshark-1.0.8-1.el5_3.1.src.rpm	SHA-256: 4dabc5cb336fb4a00379297c774eb57514ff5ab10c91eb7b597c23ef0065fc56
x86_64
wireshark-1.0.8-1.el5_3.1.x86_64.rpm	SHA-256: 5391a32b363905fcb668941691f67fb4675bd2f07665b26318405c3e36451c10
wireshark-gnome-1.0.8-1.el5_3.1.x86_64.rpm	SHA-256: f9d0f11eaa5eea6c9e1e8b7ce7735cc819a88b981f2541aabeba6d809c56de13
i386
wireshark-1.0.8-1.el5_3.1.i386.rpm	SHA-256: 7ded5f88b4cafbfba920b6ec4bd085df8eee3214ce37560bcd18400a15ba4b82
wireshark-gnome-1.0.8-1.el5_3.1.i386.rpm	SHA-256: d2668d5f0e2ad20d70305f0790e63d957f7c587ddc669c05cf31484ea729eca7

Red Hat Enterprise Linux Workstation 4

SRPM
wireshark-1.0.8-1.el4_8.1.src.rpm	SHA-256: 25c5e41d3d3e5015a89c5d3df443133618a33ebc93b6e273edc71fdfd8c342cd
x86_64
wireshark-1.0.8-1.el4_8.1.x86_64.rpm	SHA-256: c62927d1e39d0622a044e96bb4795ce278a8256c4e70fa607cd76e6aa85d5b0c
wireshark-gnome-1.0.8-1.el4_8.1.x86_64.rpm	SHA-256: 9e271b66db4aaa17b12730b3179d49bbbab65fc1e323ecfc6c543a2ec67f0aa8
ia64
wireshark-1.0.8-1.el4_8.1.ia64.rpm	SHA-256: 0c514b9b194f5d2c4496ca273e509a962703129b08a14ff1b5e393d7b6126ff2
wireshark-gnome-1.0.8-1.el4_8.1.ia64.rpm	SHA-256: 6e7b36daaf9c5274814d3c9401b2e38d44639229e623a0c034ae657b9377dd13
i386
wireshark-1.0.8-1.el4_8.1.i386.rpm	SHA-256: aae6b25653a32e6e7e74420cae01706bb94512dade495f8d5f4b2ff1be90319b
wireshark-gnome-1.0.8-1.el4_8.1.i386.rpm	SHA-256: 12df420b37cfa67ce98bc42156c7326bda4c64d46bc50bfaf3a915e1e2f37b71

Red Hat Enterprise Linux Desktop 5

SRPM
wireshark-1.0.8-1.el5_3.1.src.rpm	SHA-256: 4dabc5cb336fb4a00379297c774eb57514ff5ab10c91eb7b597c23ef0065fc56
x86_64
wireshark-1.0.8-1.el5_3.1.x86_64.rpm	SHA-256: 5391a32b363905fcb668941691f67fb4675bd2f07665b26318405c3e36451c10
i386
wireshark-1.0.8-1.el5_3.1.i386.rpm	SHA-256: 7ded5f88b4cafbfba920b6ec4bd085df8eee3214ce37560bcd18400a15ba4b82

Red Hat Enterprise Linux Desktop 4

SRPM
wireshark-1.0.8-1.el4_8.1.src.rpm	SHA-256: 25c5e41d3d3e5015a89c5d3df443133618a33ebc93b6e273edc71fdfd8c342cd
x86_64
wireshark-1.0.8-1.el4_8.1.x86_64.rpm	SHA-256: c62927d1e39d0622a044e96bb4795ce278a8256c4e70fa607cd76e6aa85d5b0c
wireshark-gnome-1.0.8-1.el4_8.1.x86_64.rpm	SHA-256: 9e271b66db4aaa17b12730b3179d49bbbab65fc1e323ecfc6c543a2ec67f0aa8
i386
wireshark-1.0.8-1.el4_8.1.i386.rpm	SHA-256: aae6b25653a32e6e7e74420cae01706bb94512dade495f8d5f4b2ff1be90319b
wireshark-gnome-1.0.8-1.el4_8.1.i386.rpm	SHA-256: 12df420b37cfa67ce98bc42156c7326bda4c64d46bc50bfaf3a915e1e2f37b71

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
wireshark-1.0.8-1.el5_3.1.src.rpm	SHA-256: 4dabc5cb336fb4a00379297c774eb57514ff5ab10c91eb7b597c23ef0065fc56
s390x
wireshark-1.0.8-1.el5_3.1.s390x.rpm	SHA-256: eb24d6ca70e22ea1f81fb1d1673f6e30ee6564e7f3764544352e41d5ccdc5a93
wireshark-gnome-1.0.8-1.el5_3.1.s390x.rpm	SHA-256: 9617bd99ff4043732b3958335d442b47880233e059ed752febec38c1f1b2ed00

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
wireshark-1.0.8-1.el4_8.1.src.rpm	SHA-256: 25c5e41d3d3e5015a89c5d3df443133618a33ebc93b6e273edc71fdfd8c342cd
s390x
wireshark-1.0.8-1.el4_8.1.s390x.rpm	SHA-256: 1c7aff8f7a88c504f3d5bda011514ae81d11e97f1febcfefb9e4d9f7a963a648
wireshark-gnome-1.0.8-1.el4_8.1.s390x.rpm	SHA-256: 20c6f29a7af4110da2ef9b6aa54bdd11d81a23d1f0cb2d5555d0442bdde4035f
s390
wireshark-1.0.8-1.el4_8.1.s390.rpm	SHA-256: a0ecd737134675cab2fa810200172240148b00bda34f389a6c912db9ee6a330a
wireshark-gnome-1.0.8-1.el4_8.1.s390.rpm	SHA-256: 766dd4533cb17458ec441d9a8a1eb907cd7cbfd7b98c9a07650d0659a422e732

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.8

SRPM
wireshark-1.0.8-1.el4_8.1.src.rpm	SHA-256: 25c5e41d3d3e5015a89c5d3df443133618a33ebc93b6e273edc71fdfd8c342cd
s390x
wireshark-1.0.8-1.el4_8.1.s390x.rpm	SHA-256: 1c7aff8f7a88c504f3d5bda011514ae81d11e97f1febcfefb9e4d9f7a963a648
wireshark-gnome-1.0.8-1.el4_8.1.s390x.rpm	SHA-256: 20c6f29a7af4110da2ef9b6aa54bdd11d81a23d1f0cb2d5555d0442bdde4035f
s390
wireshark-1.0.8-1.el4_8.1.s390.rpm	SHA-256: a0ecd737134675cab2fa810200172240148b00bda34f389a6c912db9ee6a330a
wireshark-gnome-1.0.8-1.el4_8.1.s390.rpm	SHA-256: 766dd4533cb17458ec441d9a8a1eb907cd7cbfd7b98c9a07650d0659a422e732

Red Hat Enterprise Linux for Power, big endian 5

SRPM
wireshark-1.0.8-1.el5_3.1.src.rpm	SHA-256: 4dabc5cb336fb4a00379297c774eb57514ff5ab10c91eb7b597c23ef0065fc56
ppc
wireshark-1.0.8-1.el5_3.1.ppc.rpm	SHA-256: c9a8eee846db8aeea695ef8324f31f0552bb0b3786ae813c3ad74a4a88776383
wireshark-gnome-1.0.8-1.el5_3.1.ppc.rpm	SHA-256: 37d12fe2791014a08713d84b938164ec54f8fd973ed368208fd51ec7b3bf614e

Red Hat Enterprise Linux for Power, big endian 4

SRPM
wireshark-1.0.8-1.el4_8.1.src.rpm	SHA-256: 25c5e41d3d3e5015a89c5d3df443133618a33ebc93b6e273edc71fdfd8c342cd
ppc
wireshark-1.0.8-1.el4_8.1.ppc.rpm	SHA-256: cf262b66a385dfa99ea59f2274f14d5acfee6850383ecf2f0b220c736b523505
wireshark-gnome-1.0.8-1.el4_8.1.ppc.rpm	SHA-256: f84db56185085a5621a1e03a1cd7a1b66d43ab24edd0ea7bb5bc71e1bcdb866f

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.8

SRPM
wireshark-1.0.8-1.el4_8.1.src.rpm	SHA-256: 25c5e41d3d3e5015a89c5d3df443133618a33ebc93b6e273edc71fdfd8c342cd
ppc
wireshark-1.0.8-1.el4_8.1.ppc.rpm	SHA-256: cf262b66a385dfa99ea59f2274f14d5acfee6850383ecf2f0b220c736b523505
wireshark-gnome-1.0.8-1.el4_8.1.ppc.rpm	SHA-256: f84db56185085a5621a1e03a1cd7a1b66d43ab24edd0ea7bb5bc71e1bcdb866f

Red Hat Enterprise Linux Server from RHUI 5

SRPM
wireshark-1.0.8-1.el5_3.1.src.rpm	SHA-256: 4dabc5cb336fb4a00379297c774eb57514ff5ab10c91eb7b597c23ef0065fc56
x86_64
wireshark-1.0.8-1.el5_3.1.x86_64.rpm	SHA-256: 5391a32b363905fcb668941691f67fb4675bd2f07665b26318405c3e36451c10
wireshark-gnome-1.0.8-1.el5_3.1.x86_64.rpm	SHA-256: f9d0f11eaa5eea6c9e1e8b7ce7735cc819a88b981f2541aabeba6d809c56de13
i386
wireshark-1.0.8-1.el5_3.1.i386.rpm	SHA-256: 7ded5f88b4cafbfba920b6ec4bd085df8eee3214ce37560bcd18400a15ba4b82
wireshark-gnome-1.0.8-1.el5_3.1.i386.rpm	SHA-256: d2668d5f0e2ad20d70305f0790e63d957f7c587ddc669c05cf31484ea729eca7

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.