RHSA-2006:0726-01 Moderate: wireshark security update
Posted on: 11/09/2006 08:30 PM

A new update is available for Red Hat Enterprise Linux. Here the announcement:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Moderate: wireshark security update
Advisory ID: RHSA-2006:0726-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0726.html
Issue date: 2006-11-09
Updated on: 2006-11-09
Product: Red Hat Enterprise Linux
CVE Names: CVE-2006-4574 CVE-2006-4805 CVE-2006-5468
CVE-2006-5469 CVE-2006-5740
- ---------------------------------------------------------------------

1. Summary:

New Wireshark packages that fix various security vulnerabilities are now
available.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

Wireshark is a program for monitoring network traffic.

Several flaws were found in Wireshark's HTTP, WBXML, LDAP, and XOT protocol
dissectors. Wireshark could crash or stop responding if it read a malformed
packet off the network. (CVE-2006-4805, CVE-2006-5468, CVE-2006-5469,
CVE-2006-5740)

A single NULL byte heap based buffer overflow was found in Wireshark's MIME
Multipart dissector. Wireshark could crash or possibly execute arbitrary
arbitrary code as the user running Wireshark. (CVE-2006-4574)

Users of Wireshark should upgrade to these updated packages containing
Wireshark version 0.99.4, which is not vulnerable to these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

211993 - CVE-2006-4574 Multiple Wireshark issues (CVE-2006-4805, CVE-2006-5468, CVE-2006-5469, CVE-2006-5740)

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/RHEL/SRPMS/wireshark-0.99.4-AS21.1.src.rpm
0044a0fccca9671b0733bacd5953e56b wireshark-0.99.4-AS21.1.src.rpm

i386:
b74bd883b6fa0bd1c1aaa87fefb94f23 wireshark-0.99.4-AS21.1.i386.rpm
4240d003577952c65242b04388b664e6 wireshark-gnome-0.99.4-AS21.1.i386.rpm

ia64:
0b569ad061f9815fdb7a52959701852e wireshark-0.99.4-AS21.1.ia64.rpm
f33a6afaf448d5be1a91da35a2699b41 wireshark-gnome-0.99.4-AS21.1.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/RHEL/SRPMS/wireshark-0.99.4-AS21.1.src.rpm
0044a0fccca9671b0733bacd5953e56b wireshark-0.99.4-AS21.1.src.rpm

ia64:
0b569ad061f9815fdb7a52959701852e wireshark-0.99.4-AS21.1.ia64.rpm
f33a6afaf448d5be1a91da35a2699b41 wireshark-gnome-0.99.4-AS21.1.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/RHEL/SRPMS/wireshark-0.99.4-AS21.1.src.rpm
0044a0fccca9671b0733bacd5953e56b wireshark-0.99.4-AS21.1.src.rpm

i386:
b74bd883b6fa0bd1c1aaa87fefb94f23 wireshark-0.99.4-AS21.1.i386.rpm
4240d003577952c65242b04388b664e6 wireshark-gnome-0.99.4-AS21.1.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/RHEL/SRPMS/wireshark-0.99.4-AS21.1.src.rpm
0044a0fccca9671b0733bacd5953e56b wireshark-0.99.4-AS21.1.src.rpm

i386:
b74bd883b6fa0bd1c1aaa87fefb94f23 wireshark-0.99.4-AS21.1.i386.rpm
4240d003577952c65242b04388b664e6 wireshark-gnome-0.99.4-AS21.1.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/RHEL/SRPMS/wireshark-0.99.4-EL3.1.src.rpm
4d59c60c99a374f67ffcb7392783549a wireshark-0.99.4-EL3.1.src.rpm

i386:
f71c6c6b2c855f5576e907aeef50191e wireshark-0.99.4-EL3.1.i386.rpm
35a9915c3ae5a22ab1a76bd5d6d7c422 wireshark-debuginfo-0.99.4-EL3.1.i386.rpm
6861386ad3bbd70399012c74d7509e71 wireshark-gnome-0.99.4-EL3.1.i386.rpm

ia64:
03e212be1a5dc7434628fa234c31bfc6 wireshark-0.99.4-EL3.1.ia64.rpm
72b5a6647025addf98b7699a865834fc wireshark-debuginfo-0.99.4-EL3.1.ia64.rpm
5744bab221aeb6f132e1038c6690347a wireshark-gnome-0.99.4-EL3.1.ia64.rpm

ppc:
f20fd0fe2fd6aa43d504a7c237b6ee17 wireshark-0.99.4-EL3.1.ppc.rpm
fc5232d9c54292e069522e3b6a2bec97 wireshark-debuginfo-0.99.4-EL3.1.ppc.rpm
5c901cb605c1ce1868af805df479217f wireshark-gnome-0.99.4-EL3.1.ppc.rpm

s390:
01b7661dfef18533ba69210e66dc0b73 wireshark-0.99.4-EL3.1.s390.rpm
f37b3d3d51c5043fedc31d66dc197770 wireshark-debuginfo-0.99.4-EL3.1.s390.rpm
918a15ce4e05fe2be3556ed1e62c7d05 wireshark-gnome-0.99.4-EL3.1.s390.rpm

s390x:
8c93a7af1347075dbb663fcd26e2741d wireshark-0.99.4-EL3.1.s390x.rpm
87229e0ccd2cd2d9c4402b388f4546c8 wireshark-debuginfo-0.99.4-EL3.1.s390x.rpm
f44b0ee5d41d4ecd0622210fcf0ef6f4 wireshark-gnome-0.99.4-EL3.1.s390x.rpm

x86_64:
7bed2f6949e0764ecbd1363a69383b09 wireshark-0.99.4-EL3.1.x86_64.rpm
3d843711818a31fdc2a53b6e68f5dd1b wireshark-debuginfo-0.99.4-EL3.1.x86_64.rpm
41685c568cb33f8a98648ca637a2d7a4 wireshark-gnome-0.99.4-EL3.1.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/RHEL/SRPMS/wireshark-0.99.4-EL3.1.src.rpm
4d59c60c99a374f67ffcb7392783549a wireshark-0.99.4-EL3.1.src.rpm

i386:
f71c6c6b2c855f5576e907aeef50191e wireshark-0.99.4-EL3.1.i386.rpm
35a9915c3ae5a22ab1a76bd5d6d7c422 wireshark-debuginfo-0.99.4-EL3.1.i386.rpm
6861386ad3bbd70399012c74d7509e71 wireshark-gnome-0.99.4-EL3.1.i386.rpm

x86_64:
7bed2f6949e0764ecbd1363a69383b09 wireshark-0.99.4-EL3.1.x86_64.rpm
3d843711818a31fdc2a53b6e68f5dd1b wireshark-debuginfo-0.99.4-EL3.1.x86_64.rpm
41685c568cb33f8a98648ca637a2d7a4 wireshark-gnome-0.99.4-EL3.1.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/RHEL/SRPMS/wireshark-0.99.4-EL3.1.src.rpm
4d59c60c99a374f67ffcb7392783549a wireshark-0.99.4-EL3.1.src.rpm

i386:
f71c6c6b2c855f5576e907aeef50191e wireshark-0.99.4-EL3.1.i386.rpm
35a9915c3ae5a22ab1a76bd5d6d7c422 wireshark-debuginfo-0.99.4-EL3.1.i386.rpm
6861386ad3bbd70399012c74d7509e71 wireshark-gnome-0.99.4-EL3.1.i386.rpm

ia64:
03e212be1a5dc7434628fa234c31bfc6 wireshark-0.99.4-EL3.1.ia64.rpm
72b5a6647025addf98b7699a865834fc wireshark-debuginfo-0.99.4-EL3.1.ia64.rpm
5744bab221aeb6f132e1038c6690347a wireshark-gnome-0.99.4-EL3.1.ia64.rpm

x86_64:
7bed2f6949e0764ecbd1363a69383b09 wireshark-0.99.4-EL3.1.x86_64.rpm
3d843711818a31fdc2a53b6e68f5dd1b wireshark-debuginfo-0.99.4-EL3.1.x86_64.rpm
41685c568cb33f8a98648ca637a2d7a4 wireshark-gnome-0.99.4-EL3.1.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/RHEL/SRPMS/wireshark-0.99.4-EL3.1.src.rpm
4d59c60c99a374f67ffcb7392783549a wireshark-0.99.4-EL3.1.src.rpm

i386:
f71c6c6b2c855f5576e907aeef50191e wireshark-0.99.4-EL3.1.i386.rpm
35a9915c3ae5a22ab1a76bd5d6d7c422 wireshark-debuginfo-0.99.4-EL3.1.i386.rpm
6861386ad3bbd70399012c74d7509e71 wireshark-gnome-0.99.4-EL3.1.i386.rpm

ia64:
03e212be1a5dc7434628fa234c31bfc6 wireshark-0.99.4-EL3.1.ia64.rpm
72b5a6647025addf98b7699a865834fc wireshark-debuginfo-0.99.4-EL3.1.ia64.rpm
5744bab221aeb6f132e1038c6690347a wireshark-gnome-0.99.4-EL3.1.ia64.rpm

x86_64:
7bed2f6949e0764ecbd1363a69383b09 wireshark-0.99.4-EL3.1.x86_64.rpm
3d843711818a31fdc2a53b6e68f5dd1b wireshark-debuginfo-0.99.4-EL3.1.x86_64.rpm
41685c568cb33f8a98648ca637a2d7a4 wireshark-gnome-0.99.4-EL3.1.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/RHEL/SRPMS/wireshark-0.99.4-EL4.1.src.rpm
b1a38e3fa8fd9c7c48a0656379ab7d8f wireshark-0.99.4-EL4.1.src.rpm

i386:
c928c01ee33bc8bb911a7b0cae309211 wireshark-0.99.4-EL4.1.i386.rpm
d741948a5eab62bc83e4355e1dd7833a wireshark-debuginfo-0.99.4-EL4.1.i386.rpm
129275da7e12c989135c107493bfd1b6 wireshark-gnome-0.99.4-EL4.1.i386.rpm

ia64:
13015d70892b94b5c1ef57ad6c3d2a3e wireshark-0.99.4-EL4.1.ia64.rpm
eb2225ef824146be3c9fbfa65e79898e wireshark-debuginfo-0.99.4-EL4.1.ia64.rpm
9d3e24a1f93e3439817eae3403293ed6 wireshark-gnome-0.99.4-EL4.1.ia64.rpm

ppc:
b9b57ad476bf11236cc17db38c80011a wireshark-0.99.4-EL4.1.ppc.rpm
18b660267144802a5a4a63201368ece6 wireshark-debuginfo-0.99.4-EL4.1.ppc.rpm
5c8e0feb48e0b59a7ee7db132f2d0d0d wireshark-gnome-0.99.4-EL4.1.ppc.rpm

s390:
2ee68666a5c43132ba15d72d6edcd40f wireshark-0.99.4-EL4.1.s390.rpm
74c6c26f4e51ba06f63eab2613c8ab2e wireshark-debuginfo-0.99.4-EL4.1.s390.rpm
a0fe55b1d72438d52249191450eb833c wireshark-gnome-0.99.4-EL4.1.s390.rpm

s390x:
807c2940f8091242fe13e6278ec7b4b2 wireshark-0.99.4-EL4.1.s390x.rpm
903b1eb1e5d20288be64df9639ac5352 wireshark-debuginfo-0.99.4-EL4.1.s390x.rpm
005596f5c35bcef053c923be315a0610 wireshark-gnome-0.99.4-EL4.1.s390x.rpm

x86_64:
f6e29f056b7b6ec894ffa15f1e3c28a9 wireshark-0.99.4-EL4.1.x86_64.rpm
4041f21163382e20847cd2a1fa18bb1b wireshark-debuginfo-0.99.4-EL4.1.x86_64.rpm
775d4bd277c4a86edf54c7b87c15f167 wireshark-gnome-0.99.4-EL4.1.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/RHEL/SRPMS/wireshark-0.99.4-EL4.1.src.rpm
b1a38e3fa8fd9c7c48a0656379ab7d8f wireshark-0.99.4-EL4.1.src.rpm

i386:
c928c01ee33bc8bb911a7b0cae309211 wireshark-0.99.4-EL4.1.i386.rpm
d741948a5eab62bc83e4355e1dd7833a wireshark-debuginfo-0.99.4-EL4.1.i386.rpm
129275da7e12c989135c107493bfd1b6 wireshark-gnome-0.99.4-EL4.1.i386.rpm

x86_64:
f6e29f056b7b6ec894ffa15f1e3c28a9 wireshark-0.99.4-EL4.1.x86_64.rpm
4041f21163382e20847cd2a1fa18bb1b wireshark-debuginfo-0.99.4-EL4.1.x86_64.rpm
775d4bd277c4a86edf54c7b87c15f167 wireshark-gnome-0.99.4-EL4.1.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/RHEL/SRPMS/wireshark-0.99.4-EL4.1.src.rpm
b1a38e3fa8fd9c7c48a0656379ab7d8f wireshark-0.99.4-EL4.1.src.rpm

i386:
c928c01ee33bc8bb911a7b0cae309211 wireshark-0.99.4-EL4.1.i386.rpm
d741948a5eab62bc83e4355e1dd7833a wireshark-debuginfo-0.99.4-EL4.1.i386.rpm
129275da7e12c989135c107493bfd1b6 wireshark-gnome-0.99.4-EL4.1.i386.rpm

ia64:
13015d70892b94b5c1ef57ad6c3d2a3e wireshark-0.99.4-EL4.1.ia64.rpm
eb2225ef824146be3c9fbfa65e79898e wireshark-debuginfo-0.99.4-EL4.1.ia64.rpm
9d3e24a1f93e3439817eae3403293ed6 wireshark-gnome-0.99.4-EL4.1.ia64.rpm

x86_64:
f6e29f056b7b6ec894ffa15f1e3c28a9 wireshark-0.99.4-EL4.1.x86_64.rpm
4041f21163382e20847cd2a1fa18bb1b wireshark-debuginfo-0.99.4-EL4.1.x86_64.rpm
775d4bd277c4a86edf54c7b87c15f167 wireshark-gnome-0.99.4-EL4.1.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/RHEL/SRPMS/wireshark-0.99.4-EL4.1.src.rpm
b1a38e3fa8fd9c7c48a0656379ab7d8f wireshark-0.99.4-EL4.1.src.rpm

i386:
c928c01ee33bc8bb911a7b0cae309211 wireshark-0.99.4-EL4.1.i386.rpm
d741948a5eab62bc83e4355e1dd7833a wireshark-debuginfo-0.99.4-EL4.1.i386.rpm
129275da7e12c989135c107493bfd1b6 wireshark-gnome-0.99.4-EL4.1.i386.rpm

ia64:
13015d70892b94b5c1ef57ad6c3d2a3e wireshark-0.99.4-EL4.1.ia64.rpm
eb2225ef824146be3c9fbfa65e79898e wireshark-debuginfo-0.99.4-EL4.1.ia64.rpm
9d3e24a1f93e3439817eae3403293ed6 wireshark-gnome-0.99.4-EL4.1.ia64.rpm

x86_64:
f6e29f056b7b6ec894ffa15f1e3c28a9 wireshark-0.99.4-EL4.1.x86_64.rpm
4041f21163382e20847cd2a1fa18bb1b wireshark-debuginfo-0.99.4-EL4.1.x86_64.rpm
775d4bd277c4a86edf54c7b87c15f167 wireshark-gnome-0.99.4-EL4.1.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4574
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4805
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5740
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is lt;secalert@redhat.comgt;. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2006 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFFU32pXlSAg2UNWIIRAn8ZAJ9SdULy0YBgf5azB2lgH2HbfpecfwCfc7Ly
SpCUFYkaaMy8zgFm41ldlac=
=OPMj
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/rhsa_20060726_01_moderate_wireshark_security_update.html)