Several remote vulnerabilities have been discovered in network traffic analyzer Wireshark. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-3137 The GSM SMS dissector is vulnerable to denial of service. CVE-2008-3138 The PANA and KISMET dissectors are vulnerable to denial of service. CVE-2008-3141 The RMI dissector could disclose system memory. CVE-2008-3145 The packet reassembling module is vulnerable to denial of service. CVE-2008-3933 The zlib uncompression module is vulnerable to denial of service. CVE-2008-4683 The Bluetooth ACL dissector is vulnerable to denial of service. CVE-2008-4684 The PRP and MATE dissectors are vulnerable to denial of service. CVE-2008-4685 The Q931 dissector is vulnerable to denial of service. For the stable distribution (etch), these problems have been fixed in version 0.99.4-5.etch.3. For the upcoming stable distribution (lenny), these problems have been fixed in version 1.0.2-3+lenny2. For the unstable distribution (sid), these problems will be fixed soon. We recommend that you upgrade your wireshark packages.
Several remote vulnerabilities have been discovered in network traffic analyzer Wireshark. The Common Vulnerabilities and Exposures project identifies the following problems:
The GSM SMS dissector is vulnerable to denial of service.
The PANA and KISMET dissectors are vulnerable to denial of service.
The RMI dissector could disclose system memory.
The packet reassembling module is vulnerable to denial of service.
The zlib uncompression module is vulnerable to denial of service.
The Bluetooth ACL dissector is vulnerable to denial of service.
The PRP and MATE dissectors are vulnerable to denial of service.
The Q931 dissector is vulnerable to denial of service.
For the stable distribution (etch), these problems have been fixed in version 0.99.4-5.etch.3.
For the upcoming stable distribution (lenny), these problems have been fixed in version 1.0.2-3+lenny2.
For the unstable distribution (sid), these problems will be fixed soon.
We recommend that you upgrade your wireshark packages.
MD5 checksums of the listed files are available in the original advisory.