Wireshark: Multiple vulnerabilities

Wireshark: Multiple vulnerabilities Multiple vulnerabilities in Wireshark allow for the remote execution of arbitrary code, or a Denial of Service condition. wireshark 2011-10-09 2011-10-09 323859 330479 339401 346191 350551 354197 357237 363895 369683 373961 381551 383823 386179 local, remote 1.4.9 1.4.9

Wireshark is a versatile network protocol analyzer.

Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details.

A remote attacker could send specially crafted packets on a network being monitored by Wireshark, entice a user to open a malformed packet trace file using Wireshark, or deploy a specially crafted Lua script for use by Wireshark, possibly resulting in the execution of arbitrary code, or a Denial of Service condition.

There is no known workaround at this time.

All Wireshark users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-1.4.9"

CVE-2010-2283 CVE-2010-2284 CVE-2010-2285 CVE-2010-2286 CVE-2010-2287 CVE-2010-2992 CVE-2010-2993 CVE-2010-2994 CVE-2010-2995 CVE-2010-3133 CVE-2010-3445 CVE-2010-4300 CVE-2010-4301 CVE-2010-4538 CVE-2011-0024 CVE-2011-0444 CVE-2011-0445 CVE-2011-0538 CVE-2011-0713 CVE-2011-1138 CVE-2011-1139 CVE-2011-1140 CVE-2011-1141 CVE-2011-1142 CVE-2011-1143 CVE-2011-1590 CVE-2011-1591 CVE-2011-1592 CVE-2011-1956 CVE-2011-1957 CVE-2011-1958 CVE-2011-1959 CVE-2011-2174 CVE-2011-2175 CVE-2011-2597 CVE-2011-2698 CVE-2011-3266 CVE-2011-3360 CVE-2011-3482 CVE-2011-3483 underling a3li