2011年3月 3日

[installer 2708] wireshark-1.2.15, 1.4.4

wireshark-1.2.15, 1.4.4 出ています。

いつも通り?セキュリティホールの修正が含まれています。
http://www.wireshark.org/security/wnpa-sec-2011-03.html
http://www.wireshark.org/security/wnpa-sec-2011-04.html
http://www.kb.cert.org/vuls/id/215900
参照のこと。

☆ wireshark-1.2.15
http://www.wireshark.org/
http://www.wireshark.org/download.html
http://sourceforge.net/projects/wireshark/
http://sourceforge.net/projects/wireshark/files/

What's New

Bug Fixes

The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.

o Huzaifa Sidhpurwala of the Red Hat Security Response Team
discovered that Wireshark could free an uninitialized pointer
while reading a malformed pcap-ng file. (Bug 5652)

Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3.

CVE-2011-0538

o Huzaifa Sidhpurwala of the Red Hat Security Response Team
discovered that a large packet length in a pcap-ng file could
crash Wireshark. (Bug 5661)

Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3.

o Wireshark could overflow a buffer while reading a Nokia DCT3
trace file. (Bug 5661)

Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3.

CVE-2011-0713

o joernchen of Phenoelit discovered that the LDAP and SMB
dissectors could overflow the stack. (Bug 5717)

Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. (Prior
versions including 1.0.x are also affected.)

o Xiaopeng Zhang of Fortinet's Fortiguard Labs discovered that
large LDAP Filter strings can consume excessive amounts of
memory. (Bug 5732)

Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. (Prior
versions including 1.0.x are also affected.)

The following bugs have been fixed:

o Wireshark Crashing by pressing 2 Buttons. (Bug 4645)

o Potential access violation when writing to LANalyzer files.
(Bug 5698)

New and Updated Features

There are no new features in this release.

New Protocol Support

There are no new protocols in this release.

Updated Protocol Support

LDAP, SMB

Updated Capture File Support

LANalyzer, Nokia DCT3, Pcap-ng


☆ wireshark-1.4.4
http://www.wireshark.org/
http://www.wireshark.org/download.html
http://sourceforge.net/projects/wireshark/
http://sourceforge.net/projects/wireshark/files/

What's New

Bug Fixes

The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.

o Huzaifa Sidhpurwala of the Red Hat Security Response Team
discovered that Wireshark could free an uninitialized pointer
while reading a malformed pcap-ng file. (Bug 5652)

Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3.

CVE-2011-0538

o Huzaifa Sidhpurwala of the Red Hat Security Response Team
discovered that a large packet length in a pcap-ng file could
crash Wireshark. (Bug 5661)

Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3.

o Wireshark could overflow a buffer while reading a Nokia DCT3
trace file. (Bug 5661)

Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3.

CVE-2011-0713

o Paul Makowski working for SEI/CERT discovered that Wireshark
on 32 bit systems could crash while reading a malformed
6LoWPAN packet. (Bug 5661)

Versions affected: 1.4.0 to 1.4.3.

o joernchen of Phenoelit discovered that the LDAP and SMB
dissectors could overflow the stack. (Bug 5717)

Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. (Prior
versions including 1.0.x are also affected.)

o Xiaopeng Zhang of Fortinet's Fortiguard Labs discovered that
large LDAP Filter strings can consume excessive amounts of
memory. (Bug 5732)

Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. (Prior
versions including 1.0.x are also affected.)

The following bugs have been fixed:

o A TCP stream would not always be recognized as the same
stream. (Bug 2907)

o Wireshark Crashing by pressing 2 Buttons. (Bug 4645)

o A crash can occur in the NTLMSSP dissector. (Bug 5157)

o The column texts from a Lua dissector could be mangled. (Bug
5326) (Bug 5630)

o Corrections to ANSI MAP ASN.1 specifications. (Bug 5584)

o When searching in packet bytes, the field and bytes are not
immediately shown. (Bug 5585)

o Malformed Packet: ULP reported when dissecting ULP SessionID
PDU. (Bug 5593)

o Wrong IEI in container of decode_gtp_mm_cntxt. (Bug 5598)

o Display filter does not work for expressions of type BASE_DEC,
BASE_DEC_HEX and BASE_HEX_DEC. (Bug 5606)

o NTLMSSP dissector may fail to compile due to space embedded in
C comment delimiters. (Bug 5614)

o Allow for name resolution of link-scope and multicast IPv6
addresses from local host file. (Bug 5615)

o DHCPv6 dissector formats DUID_LLT time incorrectly. (Bug 5627)

o Allow for IEEE 802.3bc-2009 style PoE TLVs. (Bug 5639)

o Various fixes to the HIP packet dissector. (Bug 5646)

o Display "Day of Year" for January 1 as 1, not 0. (Bug 5653)

o Accommodate the CMake build on Ubuntu 10.10. (Bug 5665)

o E.212 MCC 260 Poland update according to local national
regulatory. (Bug 5668)

o IPP on ports other than 631 not recognized. (Bug 5677)

o Potential access violation when writing to LANalyzer files.
(Bug 5698)

o IEEE 802.15.4 Superframe Specification - Final CAP Slot always
0. (Bug 5700)

o Peer SRC and DST AS numbers are swapped for cflow. (Bug 5702)

o dumpcap: -q option behavior doesn't match documentation. (Bug
5716)

New and Updated Features

There are no new features in this release.

New Protocol Support

There are no new protocols in this release.

Updated Protocol Support

ANSI MAP, BitTorrent, DCM, DHCPv6, DTAP, DTPT, E.212, GSM
Management, GTP, HIP, IEEE 802.15.4, IPP, LDAP, LLDP, Netflow,
NTLMSSP, P_Mul, Quake, Skinny, SMB, SNMP, ULP

New and Updated Capture File Support

LANalyzer, Nokia DCT3, Pcap-ng

----
こがよういちろう


投稿者 xml-rpc : 2011年3月 3日 10:00
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/102391
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。