VUL-1: wireshark: new updates fix two DoS issues
Wireshark version upgrade to 1.4.10 to fix various security
flaws and other non-security issues.
-
Submitted by
Adrian Schröter (adrianSuSE)
- Version 5431
Fixed bugs
bnc#706728
VUL-1: wireshark: new updates fix two DoS issues
CVE#CVE-2011-3266
The proto_tree_add_item function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service (infinite loop) via vectors involving a malformed IKE
CVE#CVE-2011-2597
The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service (infinite loop) via malformed packets.
