RHSA-2010:0625 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: wireshark security update

Type/Severity

Security Advisory: Moderate

Topic

Updated wireshark packages that fix several security issues are now
available for Red Hat Enterprise Linux 3, 4, and 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

Description

Wireshark is a program for monitoring network traffic. Wireshark was
previously known as Ethereal.

Multiple buffer overflow flaws were found in the Wireshark SigComp
Universal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read
a malformed packet off a network or opened a malicious dump file, it could
crash or, possibly, execute arbitrary code as the user running Wireshark.
(CVE-2010-2287, CVE-2010-2995)

Several denial of service flaws were found in Wireshark. Wireshark could
crash or stop responding if it read a malformed packet off a network, or
opened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284,
CVE-2010-2286)

Users of Wireshark should upgrade to these updated packages, which contain
Wireshark version 1.0.15, and resolve these issues. All running instances
of Wireshark must be restarted for the update to take effect.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

Red Hat Enterprise Linux Server 5 x86_64
Red Hat Enterprise Linux Server 5 ia64
Red Hat Enterprise Linux Server 5 i386
Red Hat Enterprise Linux Server 4 x86_64
Red Hat Enterprise Linux Server 4 ia64
Red Hat Enterprise Linux Server 4 i386
Red Hat Enterprise Linux Server 3 x86_64
Red Hat Enterprise Linux Server 3 ia64
Red Hat Enterprise Linux Server 3 i386
Red Hat Enterprise Linux Server - Extended Update Support 4.8 x86_64
Red Hat Enterprise Linux Server - Extended Update Support 4.8 ia64
Red Hat Enterprise Linux Server - Extended Update Support 4.8 i386
Red Hat Enterprise Linux Workstation 5 x86_64
Red Hat Enterprise Linux Workstation 5 i386
Red Hat Enterprise Linux Workstation 4 x86_64
Red Hat Enterprise Linux Workstation 4 ia64
Red Hat Enterprise Linux Workstation 4 i386
Red Hat Enterprise Linux Workstation 3 x86_64
Red Hat Enterprise Linux Workstation 3 ia64
Red Hat Enterprise Linux Workstation 3 i386
Red Hat Enterprise Linux Desktop 5 x86_64
Red Hat Enterprise Linux Desktop 5 i386
Red Hat Enterprise Linux Desktop 4 x86_64
Red Hat Enterprise Linux Desktop 4 i386
Red Hat Enterprise Linux Desktop 3 x86_64
Red Hat Enterprise Linux Desktop 3 i386
Red Hat Enterprise Linux for IBM z Systems 5 s390x
Red Hat Enterprise Linux for IBM z Systems 4 s390x
Red Hat Enterprise Linux for IBM z Systems 4 s390
Red Hat Enterprise Linux for IBM z Systems 3 s390x
Red Hat Enterprise Linux for IBM z Systems 3 s390
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.8 s390
Red Hat Enterprise Linux for Power, big endian 5 ppc
Red Hat Enterprise Linux for Power, big endian 4 ppc
Red Hat Enterprise Linux for Power, big endian 3 ppc
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.8 ppc
Red Hat Enterprise Linux Server from RHUI 5 x86_64
Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

BZ - 590613 - CVE-2010-1455 wireshark: DOCSIS dissector crash
BZ - 604290 - CVE-2010-2283 wireshark: SMB dissector NULL pointer dereference
BZ - 604292 - CVE-2010-2284 wireshark: ASN.1 BER dissector stack overrun
BZ - 604302 - CVE-2010-2286 wireshark: SigComp UDVM dissector infinite loop
BZ - 604308 - CVE-2010-2287 CVE-2010-2995 wireshark: SigComp UDVM dissector buffer overruns

CVEs

References

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 5

SRPM
wireshark-1.0.15-1.el5_5.1.src.rpm	SHA-256: e5ff9651141b3c426564cb4fbde9759bd3d661690ac785011c1e6ffedf797d69
x86_64
wireshark-1.0.15-1.el5_5.1.x86_64.rpm	SHA-256: bc84127ee8fbd616e9d33296ce4acb5bf8f5efefaef5c3702e8dd6a52efeddd7
wireshark-gnome-1.0.15-1.el5_5.1.x86_64.rpm	SHA-256: 131e0e6959db7ebb9eeb4beae20045a3c605144d544564c48b3d0192ed0ffe52
ia64
wireshark-1.0.15-1.el5_5.1.ia64.rpm	SHA-256: d1676f25966adb3d1d9b1f5a849c128bdd0d74788393082912b606513d31d83a
wireshark-gnome-1.0.15-1.el5_5.1.ia64.rpm	SHA-256: 982d1c4083ca8e47e3d79b4e01389593c0bebbc5428002ce1b67f5ea262a748d
i386
wireshark-1.0.15-1.el5_5.1.i386.rpm	SHA-256: d7173765a685b33b508b0abef3931cbfcedd4bf16b232435cb86cb60c04d68b3
wireshark-gnome-1.0.15-1.el5_5.1.i386.rpm	SHA-256: 1b080f4f2a864b3309576fc23cf820e43902fc4e65497a2497c867c99cd73971

Red Hat Enterprise Linux Server 4

SRPM
wireshark-1.0.15-1.el4_8.1.src.rpm	SHA-256: adc8603e877f0882f4edfa85ae679b9d6a62db4e12216fe7235d295dce6b65d5
x86_64
wireshark-1.0.15-1.el4_8.1.x86_64.rpm	SHA-256: ac44d485eede156e8fbc77992938fa9570307d7d485fd5a72fa65d209757650c
wireshark-1.0.15-1.el4_8.1.x86_64.rpm	SHA-256: ac44d485eede156e8fbc77992938fa9570307d7d485fd5a72fa65d209757650c
wireshark-gnome-1.0.15-1.el4_8.1.x86_64.rpm	SHA-256: f62e388544e4d62e75573b4c8adf51d1d1d8d78a528e86cdd22a54e54558e045
wireshark-gnome-1.0.15-1.el4_8.1.x86_64.rpm	SHA-256: f62e388544e4d62e75573b4c8adf51d1d1d8d78a528e86cdd22a54e54558e045
ia64
wireshark-1.0.15-1.el4_8.1.ia64.rpm	SHA-256: e5aef2e4e4b2698f5ef24b7e9f15fd83d5887489c98b6c1ae897491fbf13ce63
wireshark-1.0.15-1.el4_8.1.ia64.rpm	SHA-256: e5aef2e4e4b2698f5ef24b7e9f15fd83d5887489c98b6c1ae897491fbf13ce63
wireshark-gnome-1.0.15-1.el4_8.1.ia64.rpm	SHA-256: c89cfb3af897ae576b541dd6f09177cd626fb51d47334f885c3b654927acccf9
wireshark-gnome-1.0.15-1.el4_8.1.ia64.rpm	SHA-256: c89cfb3af897ae576b541dd6f09177cd626fb51d47334f885c3b654927acccf9
i386
wireshark-1.0.15-1.el4_8.1.i386.rpm	SHA-256: a01c31cdb767400f5b921046ce3ba9471d5664f16b9393243cb440b30ac5f11f
wireshark-1.0.15-1.el4_8.1.i386.rpm	SHA-256: a01c31cdb767400f5b921046ce3ba9471d5664f16b9393243cb440b30ac5f11f
wireshark-gnome-1.0.15-1.el4_8.1.i386.rpm	SHA-256: 53438dbad73331aea77b08fd145116d8c863ab12ff0d7636c38850c0382a6498
wireshark-gnome-1.0.15-1.el4_8.1.i386.rpm	SHA-256: 53438dbad73331aea77b08fd145116d8c863ab12ff0d7636c38850c0382a6498

Red Hat Enterprise Linux Server - Extended Update Support 4.8

SRPM
wireshark-1.0.15-1.el4_8.1.src.rpm	SHA-256: adc8603e877f0882f4edfa85ae679b9d6a62db4e12216fe7235d295dce6b65d5
x86_64
wireshark-1.0.15-1.el4_8.1.x86_64.rpm	SHA-256: ac44d485eede156e8fbc77992938fa9570307d7d485fd5a72fa65d209757650c
wireshark-1.0.15-1.el4_8.1.x86_64.rpm	SHA-256: ac44d485eede156e8fbc77992938fa9570307d7d485fd5a72fa65d209757650c
wireshark-gnome-1.0.15-1.el4_8.1.x86_64.rpm	SHA-256: f62e388544e4d62e75573b4c8adf51d1d1d8d78a528e86cdd22a54e54558e045
wireshark-gnome-1.0.15-1.el4_8.1.x86_64.rpm	SHA-256: f62e388544e4d62e75573b4c8adf51d1d1d8d78a528e86cdd22a54e54558e045
ia64
wireshark-1.0.15-1.el4_8.1.ia64.rpm	SHA-256: e5aef2e4e4b2698f5ef24b7e9f15fd83d5887489c98b6c1ae897491fbf13ce63
wireshark-1.0.15-1.el4_8.1.ia64.rpm	SHA-256: e5aef2e4e4b2698f5ef24b7e9f15fd83d5887489c98b6c1ae897491fbf13ce63
wireshark-gnome-1.0.15-1.el4_8.1.ia64.rpm	SHA-256: c89cfb3af897ae576b541dd6f09177cd626fb51d47334f885c3b654927acccf9
wireshark-gnome-1.0.15-1.el4_8.1.ia64.rpm	SHA-256: c89cfb3af897ae576b541dd6f09177cd626fb51d47334f885c3b654927acccf9
i386
wireshark-1.0.15-1.el4_8.1.i386.rpm	SHA-256: a01c31cdb767400f5b921046ce3ba9471d5664f16b9393243cb440b30ac5f11f
wireshark-1.0.15-1.el4_8.1.i386.rpm	SHA-256: a01c31cdb767400f5b921046ce3ba9471d5664f16b9393243cb440b30ac5f11f
wireshark-gnome-1.0.15-1.el4_8.1.i386.rpm	SHA-256: 53438dbad73331aea77b08fd145116d8c863ab12ff0d7636c38850c0382a6498
wireshark-gnome-1.0.15-1.el4_8.1.i386.rpm	SHA-256: 53438dbad73331aea77b08fd145116d8c863ab12ff0d7636c38850c0382a6498

Red Hat Enterprise Linux Workstation 5

SRPM
wireshark-1.0.15-1.el5_5.1.src.rpm	SHA-256: e5ff9651141b3c426564cb4fbde9759bd3d661690ac785011c1e6ffedf797d69
x86_64
wireshark-1.0.15-1.el5_5.1.x86_64.rpm	SHA-256: bc84127ee8fbd616e9d33296ce4acb5bf8f5efefaef5c3702e8dd6a52efeddd7
wireshark-gnome-1.0.15-1.el5_5.1.x86_64.rpm	SHA-256: 131e0e6959db7ebb9eeb4beae20045a3c605144d544564c48b3d0192ed0ffe52
i386
wireshark-1.0.15-1.el5_5.1.i386.rpm	SHA-256: d7173765a685b33b508b0abef3931cbfcedd4bf16b232435cb86cb60c04d68b3
wireshark-gnome-1.0.15-1.el5_5.1.i386.rpm	SHA-256: 1b080f4f2a864b3309576fc23cf820e43902fc4e65497a2497c867c99cd73971

Red Hat Enterprise Linux Workstation 4

SRPM
wireshark-1.0.15-1.el4_8.1.src.rpm	SHA-256: adc8603e877f0882f4edfa85ae679b9d6a62db4e12216fe7235d295dce6b65d5
x86_64
wireshark-1.0.15-1.el4_8.1.x86_64.rpm	SHA-256: ac44d485eede156e8fbc77992938fa9570307d7d485fd5a72fa65d209757650c
wireshark-gnome-1.0.15-1.el4_8.1.x86_64.rpm	SHA-256: f62e388544e4d62e75573b4c8adf51d1d1d8d78a528e86cdd22a54e54558e045
ia64
wireshark-1.0.15-1.el4_8.1.ia64.rpm	SHA-256: e5aef2e4e4b2698f5ef24b7e9f15fd83d5887489c98b6c1ae897491fbf13ce63
wireshark-gnome-1.0.15-1.el4_8.1.ia64.rpm	SHA-256: c89cfb3af897ae576b541dd6f09177cd626fb51d47334f885c3b654927acccf9
i386
wireshark-1.0.15-1.el4_8.1.i386.rpm	SHA-256: a01c31cdb767400f5b921046ce3ba9471d5664f16b9393243cb440b30ac5f11f
wireshark-gnome-1.0.15-1.el4_8.1.i386.rpm	SHA-256: 53438dbad73331aea77b08fd145116d8c863ab12ff0d7636c38850c0382a6498

Red Hat Enterprise Linux Desktop 5

SRPM
wireshark-1.0.15-1.el5_5.1.src.rpm	SHA-256: e5ff9651141b3c426564cb4fbde9759bd3d661690ac785011c1e6ffedf797d69
x86_64
wireshark-1.0.15-1.el5_5.1.x86_64.rpm	SHA-256: bc84127ee8fbd616e9d33296ce4acb5bf8f5efefaef5c3702e8dd6a52efeddd7
i386
wireshark-1.0.15-1.el5_5.1.i386.rpm	SHA-256: d7173765a685b33b508b0abef3931cbfcedd4bf16b232435cb86cb60c04d68b3

Red Hat Enterprise Linux Desktop 4

SRPM
wireshark-1.0.15-1.el4_8.1.src.rpm	SHA-256: adc8603e877f0882f4edfa85ae679b9d6a62db4e12216fe7235d295dce6b65d5
x86_64
wireshark-1.0.15-1.el4_8.1.x86_64.rpm	SHA-256: ac44d485eede156e8fbc77992938fa9570307d7d485fd5a72fa65d209757650c
wireshark-gnome-1.0.15-1.el4_8.1.x86_64.rpm	SHA-256: f62e388544e4d62e75573b4c8adf51d1d1d8d78a528e86cdd22a54e54558e045
i386
wireshark-1.0.15-1.el4_8.1.i386.rpm	SHA-256: a01c31cdb767400f5b921046ce3ba9471d5664f16b9393243cb440b30ac5f11f
wireshark-gnome-1.0.15-1.el4_8.1.i386.rpm	SHA-256: 53438dbad73331aea77b08fd145116d8c863ab12ff0d7636c38850c0382a6498

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
wireshark-1.0.15-1.el5_5.1.src.rpm	SHA-256: e5ff9651141b3c426564cb4fbde9759bd3d661690ac785011c1e6ffedf797d69
s390x
wireshark-1.0.15-1.el5_5.1.s390x.rpm	SHA-256: 976b16b25991e2b328803d22b6ec20f9d7077f2a7d0fac86e3a22f2e6c4ab35d
wireshark-gnome-1.0.15-1.el5_5.1.s390x.rpm	SHA-256: 6ef77a33b0b31a4485a255726943138e4435c1ff704ec9bc662fc3cb26af5535

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
wireshark-1.0.15-1.el4_8.1.src.rpm	SHA-256: adc8603e877f0882f4edfa85ae679b9d6a62db4e12216fe7235d295dce6b65d5
s390x
wireshark-1.0.15-1.el4_8.1.s390x.rpm	SHA-256: 112d9be0312fa28f3a109849c6b2925468493aff735d5f8ea02f0d2f0fbffa0e
wireshark-gnome-1.0.15-1.el4_8.1.s390x.rpm	SHA-256: 90180c167538f6b7234c2d66a883b31a07bdcdf616fdb6e2310599085892605d
s390
wireshark-1.0.15-1.el4_8.1.s390.rpm	SHA-256: 375e41b8d1350aa06d2f02e8d07acce3e2c72b7104e3781cf3027323d1262966
wireshark-gnome-1.0.15-1.el4_8.1.s390.rpm	SHA-256: 7dd43ac4a79d7d5f603d77582faa4f519a09951d07529a6f174e2fabcfde715c

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.8

SRPM
wireshark-1.0.15-1.el4_8.1.src.rpm	SHA-256: adc8603e877f0882f4edfa85ae679b9d6a62db4e12216fe7235d295dce6b65d5
s390x
wireshark-1.0.15-1.el4_8.1.s390x.rpm	SHA-256: 112d9be0312fa28f3a109849c6b2925468493aff735d5f8ea02f0d2f0fbffa0e
wireshark-gnome-1.0.15-1.el4_8.1.s390x.rpm	SHA-256: 90180c167538f6b7234c2d66a883b31a07bdcdf616fdb6e2310599085892605d
s390
wireshark-1.0.15-1.el4_8.1.s390.rpm	SHA-256: 375e41b8d1350aa06d2f02e8d07acce3e2c72b7104e3781cf3027323d1262966
wireshark-gnome-1.0.15-1.el4_8.1.s390.rpm	SHA-256: 7dd43ac4a79d7d5f603d77582faa4f519a09951d07529a6f174e2fabcfde715c

Red Hat Enterprise Linux for Power, big endian 5

SRPM
wireshark-1.0.15-1.el5_5.1.src.rpm	SHA-256: e5ff9651141b3c426564cb4fbde9759bd3d661690ac785011c1e6ffedf797d69
ppc
wireshark-1.0.15-1.el5_5.1.ppc.rpm	SHA-256: 2b0a33ab7c8267d66880eaa5ef9152221ecdf112357316938a8bf844f25debe7
wireshark-gnome-1.0.15-1.el5_5.1.ppc.rpm	SHA-256: 183076cb9a48ff535818032f22cce938b74265540c83663ed199557a9ab0922b

Red Hat Enterprise Linux for Power, big endian 4

SRPM
wireshark-1.0.15-1.el4_8.1.src.rpm	SHA-256: adc8603e877f0882f4edfa85ae679b9d6a62db4e12216fe7235d295dce6b65d5
ppc
wireshark-1.0.15-1.el4_8.1.ppc.rpm	SHA-256: 655ad70a8d8cba327c739f707b43abe59e17bfa1fd878195d8c3e65983715e19
wireshark-gnome-1.0.15-1.el4_8.1.ppc.rpm	SHA-256: 961119431f085058f45f6d0cfebd4d7f90d7f6b3b1ffd40953c1515aa88b1c45

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.8

SRPM
wireshark-1.0.15-1.el4_8.1.src.rpm	SHA-256: adc8603e877f0882f4edfa85ae679b9d6a62db4e12216fe7235d295dce6b65d5
ppc
wireshark-1.0.15-1.el4_8.1.ppc.rpm	SHA-256: 655ad70a8d8cba327c739f707b43abe59e17bfa1fd878195d8c3e65983715e19
wireshark-gnome-1.0.15-1.el4_8.1.ppc.rpm	SHA-256: 961119431f085058f45f6d0cfebd4d7f90d7f6b3b1ffd40953c1515aa88b1c45

Red Hat Enterprise Linux Server from RHUI 5

SRPM
wireshark-1.0.15-1.el5_5.1.src.rpm	SHA-256: e5ff9651141b3c426564cb4fbde9759bd3d661690ac785011c1e6ffedf797d69
x86_64
wireshark-1.0.15-1.el5_5.1.x86_64.rpm	SHA-256: bc84127ee8fbd616e9d33296ce4acb5bf8f5efefaef5c3702e8dd6a52efeddd7
wireshark-gnome-1.0.15-1.el5_5.1.x86_64.rpm	SHA-256: 131e0e6959db7ebb9eeb4beae20045a3c605144d544564c48b3d0192ed0ffe52
i386
wireshark-1.0.15-1.el5_5.1.i386.rpm	SHA-256: d7173765a685b33b508b0abef3931cbfcedd4bf16b232435cb86cb60c04d68b3
wireshark-gnome-1.0.15-1.el5_5.1.i386.rpm	SHA-256: 1b080f4f2a864b3309576fc23cf820e43902fc4e65497a2497c867c99cd73971

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.