Debian Security Advisory

DSA-2792-1 wireshark -- several vulnerabilities

Date Reported:
04 Nov 2013
Affected Packages:
wireshark
Vulnerable:
Yes
Security database references:
In Mitre's CVE dictionary: CVE-2013-6336, CVE-2013-6337, CVE-2013-6338, CVE-2013-6340.
More information:

Multiple vulnerabilities were discovered in the dissectors for IEEE 802.15.4, NBAP, SIP and TCP, which could result in denial of service.

The oldstable distribution (squeeze) is only affected by CVE-2013-6340. This problem has been fixed in version 1.2.11-6+squeeze13.

For the stable distribution (wheezy), these problems have been fixed in version 1.8.2-5wheezy7.

For the unstable distribution (sid), these problems have been fixed in version 1.10.3-1.

We recommend that you upgrade your wireshark packages.