Wireshark Multiple Vulnerabilities (MDVSA-2014: 050)
Release date:
Updated on:
Affected Systems:
Wireshark 1.8.0-1.8.12
Wireshark 1.10.0-1.10.5
Description:
--------------------------------------------------------------------------------
CVE (CAN) ID: CVE-2014-2281, CVE-2014-2282, CVE-2014-2283, CVE-2014-2299
Wireshark is the most popular network protocol parser.
Wireshark has errors in the implementation of NFS parser, M3UA parser, RLC parser, and MPEG file parser, which can be exploited to cause denial of service or arbitrary code execution.
<* Source: vendor
Link: http://secunia.com/advisories/57265/
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Wireshark
---------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.wireshark.org
Http://www.wireshark.org/docs/relnotes/wireshark-1.8.13.html
Http://www.wireshark.org/docs/relnotes/wireshark-1.10.6.html
Https://www.wireshark.org/security/wnpa-sec-2014-01.html
Https://www.wireshark.org/security/wnpa-sec-2014-02.html
Https://www.wireshark.org/security/wnpa-sec-2014-03.html
Https://www.wireshark.org/security/wnpa-sec-2014-04.html
Wireshark details: click here
Wireshark: click here
Simple use of Wireshark
Install Wireshark in Ubuntu 12.04
Starting Wireshark packet capture from common users in Linux