FrSIRT - Fedora Security Update Fixes Wireshark Multiple Protocol Vulnerabilities / Exploit (Security Advisories)

French Security Incident Response Team

French

English

Fedora Security Update Fixes Wireshark Multiple Protocol Vulnerabilities

Title : Fedora Security Update Fixes Wireshark Multiple Protocol Vulnerabilities
Advisory ID : FrSIRT/ADV-2007-4292
CVE ID : CVE-2007-6111 - CVE-2007-6112 - CVE-2007-6113 - CVE-2007-6114 - CVE-2007-6115 - CVE-2007-6116 - CVE-2007-6117 - CVE-2007-6118 - CVE-2007-6119 - CVE-2007-6120 - CVE-2007-6121
Rated as : Moderate Risk

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-12-21

Advisory Details

Description

Affected Products

Solution

References

Technical Description

Multiple vulnerabilities have been identified in Fedora, which could be exploited by remote attackers to cause a denial of service or potentially compromise a vulnerable system [...]

Solution

Upgrade the affected packages :

4fc5af06da3cd3278eb7461f4a08b63a670f60ee wireshark-debuginfo-0.99.7-2.fc8.ppc64.rpm
fe2a1501d6c13636ec744886d1b6df4c678c0a6a wireshark-gnome-0.99.7-2.fc8.ppc64.rpm
3c9b6a8e3d0a5cce3ca661c31fc3486699b76037 wireshark-0.99.7-2.fc8.ppc64.rpm
1ebd4f4cb84dfa82f95c44da4fe5b3e54899f0c7 wireshark-debuginfo-0.99.7-2.fc8.i386.rpm
18cbfd5f0879ad7e1bffb8fb25f00c1a13e713c9 wireshark-gnome-0.99.7-2.fc8.i386.rpm
83101d900cfe86a3ae6d3804d010f83352a36520 wireshark-0.99.7-2.fc8.i386.rpm
d9aa4fdd2affa2574331c2ee76cf4c99d4b8973b wireshark-debuginfo-0.99.7-2.fc8.x86_64.rpm
a0b60b2e61291c6575b3c616d29b6a31a88a104a wireshark-gnome-0.99.7-2.fc8.x86_64.rpm
70891b92b4bab5d92862f4a3e052a260f5d0d436 wireshark-0.99.7-2.fc8.x86_64.rpm
f265a7d18dce619f65a4c981928fed5719f61d0e wireshark-debuginfo-0.99.7-2.fc8.ppc.rpm
01ba22327a1854509870688c425e6fb9d25fc22e wireshark-gnome-0.99.7-2.fc8.ppc.rpm
e0f2ac3fe54472998c396fc4d9d1a593d84a3743 wireshark-0.99.7-2.fc8.ppc.rpm
471a55e6231eb882b6c833fbfbec4f89071c89ed wireshark-0.99.7-2.fc8.src.rpm

9aac239b5b46b7353f230c40f52b2199e6f1f067 wireshark-debuginfo-0.99.7-1.fc7.ppc64.rpm
ee6f2bf1951f514ccf2414a535150745c165edbb wireshark-gnome-0.99.7-1.fc7.ppc64.rpm
cf446986541456f5bd5c92ffa875da07097662b7 wireshark-0.99.7-1.fc7.ppc64.rpm
49a2a22c292d56311b22d686e5a621b71aa8d514 wireshark-debuginfo-0.99.7-1.fc7.i386.rpm
a71d41e4592e3c0452c10c5140c8487107eb08ee wireshark-gnome-0.99.7-1.fc7.i386.rpm
d0f407c78fc336b20f372bb6412f08d03e131c0c wireshark-0.99.7-1.fc7.i386.rpm
b782b7a7c445c9daf4776a49e687c50348f2dfbc wireshark-debuginfo-0.99.7-1.fc7.x86_64.rpm
a58439d77627e6bbc2f31297cb984db04e317a3e wireshark-gnome-0.99.7-1.fc7.x86_64.rpm
8f4393b94063992570a2e161feb8a6f9d5886934 wireshark-0.99.7-1.fc7.x86_64.rpm
bdf9f8f4a7faaf2418a2d1d830705e30a827b35f wireshark-debuginfo-0.99.7-1.fc7.ppc.rpm
c8e11e948d7d136131c5b11b9383737c335e3bf1 wireshark-gnome-0.99.7-1.fc7.ppc.rpm
639225f920e9db387a146bd75614f74d9fb498e3 wireshark-0.99.7-1.fc7.ppc.rpm
f8e5d23030b7111f3149ac0f3fcb82de71d43235 wireshark-0.99.7-1.fc7.src.rpm

ChangeLog

2007-12-21 : Initial release
2007-12-24 : Updated Solution

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.

Mailinglist

	Mozilla Products Code Execution and Security Bypass Vulnerabilities
	Mozilla Firefox Shortcut Handlingg Information Disclosure Vulnerability
	Mozilla Products Code Execution and Security Bypass Vulnerabilities
	Mozilla Firefox for Mac OS X GIF Rendering Code Execution Vulnerability
	Mozilla Products Remote Code Execution and Security Bypass Issues
	Mozilla Products Code Execution and Injection Vulnerabilities
	Mozilla JavaScript Garbage Collector Code Execution Vulnerability

	Oracle and BEA Products Multiple Code Execution Vulnerabilities
	Oracle Products Multiple Code Execution and Security Bypass Issues
	Oracle Products Command Execution and SQL Injection Vulnerabilities
	Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities
	Oracle Database "PITRIG_DROPMETADATA" Buffer Overflow Vulnerability
	Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities
	Oracle JInitiator ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities

	Microsoft XML Core Services Multiple Remote Vulnerabilities (MS08-069)
	Microsoft Windows SMB Credential Reflection Vulnerability (MS08-068)
	Microsoft Windows Server Service Vulnerability (MS08-067)
	Microsoft Windows "afd.sys" Privilege Escalation Vulnerability (MS08-066)
	Microsoft Windows MSMQ Code Execution Vulnerability (MS08-065)
	Microsoft Windows VADs Privilege Escalation Vulnerability (MS08-064)
	Microsoft Windows SMB Code Execution Vulnerability (MS08-063)