advisories/10471-mga3.adv

type: security
subject: Updated wireshark packages fix multiple security vulnerabilities
CVE:
  - CVE-2013-4074
  - CVE-2013-4075
  - CVE-2013-4076
  - CVE-2013-4077
  - CVE-2013-4078
  - CVE-2013-4079
  - CVE-2013-4080
  - CVE-2013-4081
  - CVE-2013-4082
  - CVE-2013-4083
src:
  3:
   core:
    - wireshark-1.8.8-1.mga3
description: |
  The CAPWAP dissector could crash (CVE-2013-4074).

  The GMR-1 BCCH dissector could crash (CVE-2013-4075).

  The PPP dissector could crash (CVE-2013-4076).

  The NBAP dissector could crash (CVE-2013-4077).

  The RDP dissector could crash (CVE-2013-4078).

  The GSM CBCH dissector could crash (CVE-2013-4079).

  The Assa Abloy R3 dissector could consume excessive memory and CPU
  (CVE-2013-4080).

  The HTTP dissector could overrun the stack (CVE-2013-4081).

  The Ixia IxVeriWave file parser could overflow the heap (CVE-2013-4082).

  The DCP ETSI dissector could crash (CVE-2013-4083).
references:
  - http://www.wireshark.org/security/wnpa-sec-2013-32.html
  - http://www.wireshark.org/security/wnpa-sec-2013-33.html
  - http://www.wireshark.org/security/wnpa-sec-2013-34.html
  - http://www.wireshark.org/security/wnpa-sec-2013-35.html
  - http://www.wireshark.org/security/wnpa-sec-2013-36.html
  - http://www.wireshark.org/security/wnpa-sec-2013-37.html
  - http://www.wireshark.org/security/wnpa-sec-2013-38.html
  - http://www.wireshark.org/security/wnpa-sec-2013-39.html
  - http://www.wireshark.org/security/wnpa-sec-2013-40.html
  - http://www.wireshark.org/security/wnpa-sec-2013-41.html
  - http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html
  - http://www.wireshark.org/news/20130607.html
  - https://bugs.mageia.org/show_bug.cgi?id=10471
ID: MGASA-2013-0181
1	claire	75	type: security
2			subject: Updated wireshark packages fix multiple security vulnerabilities
3			CVE:
4			- CVE-2013-4074
5			- CVE-2013-4075
6			- CVE-2013-4076
7			- CVE-2013-4077
8			- CVE-2013-4078
9			- CVE-2013-4079
10			- CVE-2013-4080
11			- CVE-2013-4081
12			- CVE-2013-4082
13			- CVE-2013-4083
14			src:
15			3:
16			core:
17			- wireshark-1.8.8-1.mga3
18			description: \|
19			The CAPWAP dissector could crash (CVE-2013-4074).
20
21			The GMR-1 BCCH dissector could crash (CVE-2013-4075).
22
23			The PPP dissector could crash (CVE-2013-4076).
24
25			The NBAP dissector could crash (CVE-2013-4077).
26
27			The RDP dissector could crash (CVE-2013-4078).
28
29			The GSM CBCH dissector could crash (CVE-2013-4079).
30
31			The Assa Abloy R3 dissector could consume excessive memory and CPU
32			(CVE-2013-4080).
33
34			The HTTP dissector could overrun the stack (CVE-2013-4081).
35
36			The Ixia IxVeriWave file parser could overflow the heap (CVE-2013-4082).
37
38			The DCP ETSI dissector could crash (CVE-2013-4083).
39			references:
40			- http://www.wireshark.org/security/wnpa-sec-2013-32.html
41			- http://www.wireshark.org/security/wnpa-sec-2013-33.html
42			- http://www.wireshark.org/security/wnpa-sec-2013-34.html
43			- http://www.wireshark.org/security/wnpa-sec-2013-35.html
44			- http://www.wireshark.org/security/wnpa-sec-2013-36.html
45			- http://www.wireshark.org/security/wnpa-sec-2013-37.html
46			- http://www.wireshark.org/security/wnpa-sec-2013-38.html
47			- http://www.wireshark.org/security/wnpa-sec-2013-39.html
48			- http://www.wireshark.org/security/wnpa-sec-2013-40.html
49			- http://www.wireshark.org/security/wnpa-sec-2013-41.html
50			- http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html
51			- http://www.wireshark.org/news/20130607.html
52			- https://bugs.mageia.org/show_bug.cgi?id=10471
53	boklm	93	ID: MGASA-2013-0181