Multiple Denial of Service vulnerabilities have been discovered in Wireshark.
|Package||net-analyzer/wireshark on all architectures|
|Affected versions||< 1.0.0|
|Unaffected versions||>= 1.0.0|
Wireshark is a network protocol analyzer with a graphical front-end.
Errors exist in:
A remote attacker could exploit these vulnerabilities by sending a malformed packet or enticing a user to read a malformed packet trace file, causing a Denial of Service.
Disable the X.509sat, Roofnet, LDAP, and SCCP dissectors.
All Wireshark users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-1.0.0"
May 07, 2008
May 07, 2008: 01