Security Information / 2013 / Security Information -- DSA-2792-1 wireshark

Debian Security Advisory

DSA-2792-1 wireshark -- several vulnerabilities

Date Reported:

04 Nov 2013

Affected Packages:

wireshark

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2013-6336, CVE-2013-6337, CVE-2013-6338, CVE-2013-6340.

More information:

Multiple vulnerabilities were discovered in the dissectors for IEEE 802.15.4, NBAP, SIP and TCP, which could result in denial of service.

The oldstable distribution (squeeze) is only affected by CVE-2013-6340. This problem has been fixed in version 1.2.11-6+squeeze13.

For the stable distribution (wheezy), these problems have been fixed in version 1.8.2-5wheezy7.

For the unstable distribution (sid), these problems have been fixed in version 1.10.3-1.

We recommend that you upgrade your wireshark packages.