Debian Security Advisory

DSA-2144-1 wireshark -- buffer overflow

Date Reported:
15 Jan 2011
Affected Packages:
wireshark
Vulnerable:
Yes
Security database references:
In Mitre's CVE dictionary: CVE-2010-4538.
More information:

It was discovered that a buffer overflow in the ENTTEC dissector may lead to the execution of arbitrary code.

For the stable distribution (lenny), this problem has been fixed in version 1.0.2-3+lenny12.

For the testing distribution (squeeze), this problem has been fixed in version 1.2.11-6.

For the unstable distribution (sid), this problem has been fixed in version 1.2.11-6.

We recommend that you upgrade your wireshark packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/