Security Information / 2011 / Security Information -- DSA-2144-1 wireshark

Debian Security Advisory

DSA-2144-1 wireshark -- buffer overflow

Date Reported:

15 Jan 2011

Affected Packages:

wireshark

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2010-4538.

More information:

It was discovered that a buffer overflow in the ENTTEC dissector may lead to the execution of arbitrary code.

For the stable distribution (lenny), this problem has been fixed in version 1.0.2-3+lenny12.

For the testing distribution (squeeze), this problem has been fixed in version 1.2.11-6.

For the unstable distribution (sid), this problem has been fixed in version 1.2.11-6.

We recommend that you upgrade your wireshark packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/