Issued:
2014-10-21
Updated:
2014-10-21

RHSA-2014:1677 - Security Advisory

Synopsis

Moderate: wireshark security update

Type/Severity

Security Advisory: Moderate

Topic

Updated wireshark packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 5.

Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.

Description

Wireshark is a network protocol analyzer. It is used to capture and browse
the traffic running on a computer network.

Multiple flaws were found in Wireshark. If Wireshark read a malformed
packet off a network or opened a malicious dump file, it could crash or,
possibly, execute arbitrary code as the user running Wireshark.
(CVE-2014-6429, CVE-2014-6430, CVE-2014-6431, CVE-2014-6432)

Several denial of service flaws were found in Wireshark. Wireshark could
crash or stop responding if it read a malformed packet off a network, or
opened a malicious dump file. (CVE-2014-6421, CVE-2014-6422, CVE-2014-6423,
CVE-2014-6425, CVE-2014-6428)

All wireshark users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. All running instances
of Wireshark must be restarted for the update to take effect.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server 5 x86_64
  • Red Hat Enterprise Linux Server 5 ia64
  • Red Hat Enterprise Linux Server 5 i386
  • Red Hat Enterprise Linux Workstation 5 x86_64
  • Red Hat Enterprise Linux Workstation 5 i386
  • Red Hat Enterprise Linux Desktop 5 x86_64
  • Red Hat Enterprise Linux Desktop 5 i386
  • Red Hat Enterprise Linux for IBM z Systems 5 s390x
  • Red Hat Enterprise Linux for Power, big endian 5 ppc
  • Red Hat Enterprise Linux Server from RHUI 5 x86_64
  • Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

  • BZ - 1142602 - CVE-2014-6429 CVE-2014-6430 CVE-2014-6431 CVE-2014-6432 wireshark: DOS Sniffer file parser flaw (wnpa-sec-2014-19)
  • BZ - 1142603 - CVE-2014-6428 wireshark: SES dissector crash (wnpa-sec-2014-18)
  • BZ - 1142608 - CVE-2014-6425 wireshark: CUPS dissector crash (wnpa-sec-2014-15)
  • BZ - 1142610 - CVE-2014-6423 wireshark: MEGACO dissector infinite loop (wnpa-sec-2014-13)
  • BZ - 1142611 - CVE-2014-6421 CVE-2014-6422 wireshark: RTP dissector crash (wnpa-sec-2014-12)

CVEs

References

Red Hat Enterprise Linux Server 5

SRPM
wireshark-1.0.15-7.el5_11.src.rpm SHA-256: 1a85789f0daea4a917e8257e7bd903738641676f118fcab7bd2c6e8953c61109
x86_64
wireshark-1.0.15-7.el5_11.x86_64.rpm SHA-256: 3622158f5d40620075946daa9ec8634a934348370359a83c8b58bcf4947f1f74
wireshark-debuginfo-1.0.15-7.el5_11.x86_64.rpm SHA-256: c2b9485b57a2892c85f5d9659ebe577ff7da4ffb93927e38d14ae6c7944c9453
wireshark-gnome-1.0.15-7.el5_11.x86_64.rpm SHA-256: 7b8d755ddcf25d1861640aff54940222b3c00816b23437d7c39295b334a9bda3
ia64
wireshark-1.0.15-7.el5_11.ia64.rpm SHA-256: e17979b7c806c2e19f2b23a51917ede60ca60d051f0115be90b98a0ad24f5219
wireshark-debuginfo-1.0.15-7.el5_11.ia64.rpm SHA-256: 34523a8d100e9874d64f0d9b0a031f238f3295d6fe0bef5c4233babb4be5f513
wireshark-gnome-1.0.15-7.el5_11.ia64.rpm SHA-256: d105eb3056c862e0ec80eefc46bd62bc598d545d788fb5076ab69298db55d2d7
i386
wireshark-1.0.15-7.el5_11.i386.rpm SHA-256: 7999421cd2d9f4ac15ba8c0d60c3f02c957530b9a038a0942b502267537e5407
wireshark-debuginfo-1.0.15-7.el5_11.i386.rpm SHA-256: 69c60a002470930d3840098dc7af6521259aa11b8b8a01799e86e538d6ee9cbe
wireshark-gnome-1.0.15-7.el5_11.i386.rpm SHA-256: 5733a84739e52f3f97e6b224bd1f1f635229945f3de13b907b9abbb36b638c63

Red Hat Enterprise Linux Workstation 5

SRPM
wireshark-1.0.15-7.el5_11.src.rpm SHA-256: 1a85789f0daea4a917e8257e7bd903738641676f118fcab7bd2c6e8953c61109
x86_64
wireshark-1.0.15-7.el5_11.x86_64.rpm SHA-256: 3622158f5d40620075946daa9ec8634a934348370359a83c8b58bcf4947f1f74
wireshark-debuginfo-1.0.15-7.el5_11.x86_64.rpm SHA-256: c2b9485b57a2892c85f5d9659ebe577ff7da4ffb93927e38d14ae6c7944c9453
wireshark-debuginfo-1.0.15-7.el5_11.x86_64.rpm SHA-256: c2b9485b57a2892c85f5d9659ebe577ff7da4ffb93927e38d14ae6c7944c9453
wireshark-gnome-1.0.15-7.el5_11.x86_64.rpm SHA-256: 7b8d755ddcf25d1861640aff54940222b3c00816b23437d7c39295b334a9bda3
i386
wireshark-1.0.15-7.el5_11.i386.rpm SHA-256: 7999421cd2d9f4ac15ba8c0d60c3f02c957530b9a038a0942b502267537e5407
wireshark-debuginfo-1.0.15-7.el5_11.i386.rpm SHA-256: 69c60a002470930d3840098dc7af6521259aa11b8b8a01799e86e538d6ee9cbe
wireshark-debuginfo-1.0.15-7.el5_11.i386.rpm SHA-256: 69c60a002470930d3840098dc7af6521259aa11b8b8a01799e86e538d6ee9cbe
wireshark-gnome-1.0.15-7.el5_11.i386.rpm SHA-256: 5733a84739e52f3f97e6b224bd1f1f635229945f3de13b907b9abbb36b638c63

Red Hat Enterprise Linux Desktop 5

SRPM
wireshark-1.0.15-7.el5_11.src.rpm SHA-256: 1a85789f0daea4a917e8257e7bd903738641676f118fcab7bd2c6e8953c61109
x86_64
wireshark-1.0.15-7.el5_11.x86_64.rpm SHA-256: 3622158f5d40620075946daa9ec8634a934348370359a83c8b58bcf4947f1f74
wireshark-debuginfo-1.0.15-7.el5_11.x86_64.rpm SHA-256: c2b9485b57a2892c85f5d9659ebe577ff7da4ffb93927e38d14ae6c7944c9453
i386
wireshark-1.0.15-7.el5_11.i386.rpm SHA-256: 7999421cd2d9f4ac15ba8c0d60c3f02c957530b9a038a0942b502267537e5407
wireshark-debuginfo-1.0.15-7.el5_11.i386.rpm SHA-256: 69c60a002470930d3840098dc7af6521259aa11b8b8a01799e86e538d6ee9cbe

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
wireshark-1.0.15-7.el5_11.src.rpm SHA-256: 1a85789f0daea4a917e8257e7bd903738641676f118fcab7bd2c6e8953c61109
s390x
wireshark-1.0.15-7.el5_11.s390x.rpm SHA-256: 9a7b8dcf5d748b8a47557b9e0c6890ed834715b1c447526f97b5bc40051aef36
wireshark-debuginfo-1.0.15-7.el5_11.s390x.rpm SHA-256: 0b08b50e7f1b511c54c6a2c43be3c5605cdad726bb4fa6e08b046471ea894d67
wireshark-gnome-1.0.15-7.el5_11.s390x.rpm SHA-256: 7ba33d99a45c4ef1a2f8e0eb317ad3246758ea005e58892f16ed723c85690c07

Red Hat Enterprise Linux for Power, big endian 5

SRPM
wireshark-1.0.15-7.el5_11.src.rpm SHA-256: 1a85789f0daea4a917e8257e7bd903738641676f118fcab7bd2c6e8953c61109
ppc
wireshark-1.0.15-7.el5_11.ppc.rpm SHA-256: d3e62d232a8f6d8000f9aa8ac0453f482c7901eafe323a055bdc3fdb187c9e3a
wireshark-debuginfo-1.0.15-7.el5_11.ppc.rpm SHA-256: 7ff361dfdb5e211c6b23165adc4cc0db0e58dffb17c96e302a85d611a591fc42
wireshark-gnome-1.0.15-7.el5_11.ppc.rpm SHA-256: d36b41873c5607651c0e08a60d1b499453d2dad263f6bcb6af9dcc5e2d858a21

Red Hat Enterprise Linux Server from RHUI 5

SRPM
wireshark-1.0.15-7.el5_11.src.rpm SHA-256: 1a85789f0daea4a917e8257e7bd903738641676f118fcab7bd2c6e8953c61109
x86_64
wireshark-1.0.15-7.el5_11.x86_64.rpm SHA-256: 3622158f5d40620075946daa9ec8634a934348370359a83c8b58bcf4947f1f74
wireshark-debuginfo-1.0.15-7.el5_11.x86_64.rpm SHA-256: c2b9485b57a2892c85f5d9659ebe577ff7da4ffb93927e38d14ae6c7944c9453
wireshark-gnome-1.0.15-7.el5_11.x86_64.rpm SHA-256: 7b8d755ddcf25d1861640aff54940222b3c00816b23437d7c39295b334a9bda3
i386
wireshark-1.0.15-7.el5_11.i386.rpm SHA-256: 7999421cd2d9f4ac15ba8c0d60c3f02c957530b9a038a0942b502267537e5407
wireshark-debuginfo-1.0.15-7.el5_11.i386.rpm SHA-256: 69c60a002470930d3840098dc7af6521259aa11b8b8a01799e86e538d6ee9cbe
wireshark-gnome-1.0.15-7.el5_11.i386.rpm SHA-256: 5733a84739e52f3f97e6b224bd1f1f635229945f3de13b907b9abbb36b638c63

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.