Multiple Denial of Service vulnerabilities have been discovered in Wireshark.
|Package||net-analyzer/wireshark on all architectures|
|Affected versions||< 1.0.3|
|Unaffected versions||>= 1.0.3|
Wireshark is a network protocol analyzer with a graphical front-end.
The following vulnerabilities were reported:
A remote attacker could exploit these vulnerabilities by sending specially crafted packets on a network being monitored by Wireshark or by enticing a user to read a malformed packet trace file, causing a Denial of Service.
There is no known workaround at this time.
All Wireshark users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-1.0.3"
September 25, 2008
September 25, 2008: 01