advisories/10145-mga3.adv

ID: MGASA-2013-0168
pubtime: 1370521473
type: security
src:
  3:
   core:
     - wireshark-1.8.7-1.mga3
CVE:
  - CVE-2013-2486
  - CVE-2013-2487
  - CVE-2013-3555
  - CVE-2013-3557
  - CVE-2013-3558
  - CVE-2013-3559
  - CVE-2013-3560
  - CVE-2013-3561
  - CVE-2013-3562
subject: Updated wireshark packages fix security vulnerabilities (Mageia 3)
description: |
  The RELOAD dissector could go into an infinite loop (CVE-2013-2486,
  CVE-2013-2487).

  The GTPv2 dissector could crash (CVE-2013-3555).

  The ASN.1 BER dissector could crash (CVE-2013-3557).

  The PPP CCP dissector could crash (CVE-2013-3558).

  The DCP ETSI dissector could crash (CVE-2013-3559).

  The MPEG DSM-CC dissector could crash (CVE-2013-3560).

  The Websocket dissector could crash. The MySQL dissector could go into an
  infinite loop. The ETCH dissector could go into a large loop (CVE-2013-3561,
  CVE-2013-3562).
references:
 - http://www.wireshark.org/security/wnpa-sec-2013-23.html
 - http://www.wireshark.org/security/wnpa-sec-2013-24.html
 - http://www.wireshark.org/security/wnpa-sec-2013-25.html
 - http://www.wireshark.org/security/wnpa-sec-2013-26.html
 - http://www.wireshark.org/security/wnpa-sec-2013-27.html
 - http://www.wireshark.org/security/wnpa-sec-2013-28.html
 - http://www.wireshark.org/security/wnpa-sec-2013-29.html
 - http://www.wireshark.org/security/wnpa-sec-2013-30.html
 - http://www.wireshark.org/security/wnpa-sec-2013-31.html
 - http://www.wireshark.org/docs/relnotes/wireshark-1.8.7.html
 - http://www.wireshark.org/news/20130517.html
 - http://openwall.com/lists/oss-security/2013/05/20/7
1	boklm	9	ID: MGASA-2013-0168
2			pubtime: 1370521473
3			type: security
4			src:
5			3:
6			core:
7			- wireshark-1.8.7-1.mga3
8			CVE:
9			- CVE-2013-2486
10			- CVE-2013-2487
11			- CVE-2013-3555
12			- CVE-2013-3557
13			- CVE-2013-3558
14			- CVE-2013-3559
15			- CVE-2013-3560
16			- CVE-2013-3561
17			- CVE-2013-3562
18			subject: Updated wireshark packages fix security vulnerabilities (Mageia 3)
19			description: \|
20			The RELOAD dissector could go into an infinite loop (CVE-2013-2486,
21			CVE-2013-2487).
22
23			The GTPv2 dissector could crash (CVE-2013-3555).
24
25			The ASN.1 BER dissector could crash (CVE-2013-3557).
26
27			The PPP CCP dissector could crash (CVE-2013-3558).
28
29			The DCP ETSI dissector could crash (CVE-2013-3559).
30
31			The MPEG DSM-CC dissector could crash (CVE-2013-3560).
32
33			The Websocket dissector could crash. The MySQL dissector could go into an
34			infinite loop. The ETCH dissector could go into a large loop (CVE-2013-3561,
35			CVE-2013-3562).
36			references:
37			- http://www.wireshark.org/security/wnpa-sec-2013-23.html
38			- http://www.wireshark.org/security/wnpa-sec-2013-24.html
39			- http://www.wireshark.org/security/wnpa-sec-2013-25.html
40			- http://www.wireshark.org/security/wnpa-sec-2013-26.html
41			- http://www.wireshark.org/security/wnpa-sec-2013-27.html
42			- http://www.wireshark.org/security/wnpa-sec-2013-28.html
43			- http://www.wireshark.org/security/wnpa-sec-2013-29.html
44			- http://www.wireshark.org/security/wnpa-sec-2013-30.html
45			- http://www.wireshark.org/security/wnpa-sec-2013-31.html
46			- http://www.wireshark.org/docs/relnotes/wireshark-1.8.7.html
47			- http://www.wireshark.org/news/20130517.html
48			- http://openwall.com/lists/oss-security/2013/05/20/7