漏洞信息详情
Wireshark分析器IPMI多个未明拒绝服务攻击漏洞
- CNNVD编号:CNNVD-200907-311
- 危害等级: 中危
- CVE编号: CVE-2009-2560
- 漏洞类型: 资料不足
- 发布时间: 2009-07-21
- 威胁类型: 远程
- 更新时间: 2009-10-31
- 厂 商: wireshark
- 漏洞来源: Wireshark http://w...
漏洞简介
Wireshark之前名为Ethereal,是一款非常流行的网络协议分析工具。 Wireshark的Bluetooth L2CAP、RADIUS、MIOP协议解析模块中存在拒绝服务漏洞。如果用户受骗从网络抓取了恶意的报文或读取了恶意抓包文件的话,就会导致解析模块崩溃。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Debian Linux 5.0 ia-64
Debian tshark_1.0.2-3+lenny7_ia64.deb
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2- 3+lenny7_ia64.deb
Debian wireshark-common_1.0.2-3+lenny7_ia64.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-com mon_1.0.2-3+lenny7_ia64.deb
Debian wireshark-dev_1.0.2-3+lenny7_ia64.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev _1.0.2-3+lenny7_ia64.deb
Debian wireshark_1.0.2-3+lenny7_ia64.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0 .2-3+lenny7_ia64.deb
Debian Linux 5.0 alpha
Debian tshark_1.0.2-3+lenny7_alpha.deb
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2- 3+lenny7_alpha.deb
Debian wireshark-common_1.0.2-3+lenny7_alpha.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-com mon_1.0.2-3+lenny7_alpha.deb
Debian wireshark-dev_1.0.2-3+lenny7_alpha.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev _1.0.2-3+lenny7_alpha.deb
Debian wireshark_1.0.2-3+lenny7_alpha.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0 .2-3+lenny7_alpha.deb
MandrakeSoft Linux Mandrake 2008.0 x86_64
Mandriva dumpcap-1.0.10-0.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/
Mandriva lib64wireshark-devel-1.0.10-0.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/
Mandriva lib64wireshark0-1.0.10-0.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/
Mandriva rawshark-1.0.10-0.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/
Mandriva tshark-1.0.10-0.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/
Mandriva wireshark-1.0.10-0.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/
Mandriva wireshark-tools-1.0.10-0.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/
MandrakeSoft Linux Mandrake 2008.0
Mandriva dumpcap-1.0.10-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva libwireshark-devel-1.0.10-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva libwireshark0-1.0.10-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva rawshark-1.0.10-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva tshark-1.0.10-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva wireshark-1.0.10-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva wireshark-tools-1.0.10-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/
Debian Linux 5.0 mipsel
Debian tshark_1.0.2-3+lenny7_mipsel.deb
http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2- 3+lenny7_mipsel.deb
Debian wireshark-common_1.0.2-3+lenny7_mipsel.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-com mon_1.0.2-3+lenny7_mipsel.deb
Debian wireshark-dev_1.0.2-3+lenny7_mipsel.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev _1.0.2-3+lenny7_mipsel.deb
Debian wireshark_1.0.2-3+lenny7_mipsel.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0 .2-3+lenny7_mipsel.deb
Debian Linux 4.0 amd64
Debian ethereal-common_0.99.4-5.etch.4_amd64.deb
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-comm on_0.99.4-5.etch.4_amd64.deb
Debian ethereal-dev_0.99.4-5.etch.4_amd64.deb
http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_ 0.99.4-5.etch.4_amd64.deb
Debian ethereal_0.99.4-5.etch.4_amd64.deb
http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99 .4-5.etch.4_amd64.deb
Debian tethereal_0.99.4-5.etch.4_amd64.deb
http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.9 9.4-5.etch.4_amd64.deb
Debian tshark_0.99.4-5.etch.4_amd64.deb
http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4 -5.etch.4_amd64.deb
Debian wireshark-common_0.99.4-5.etch.4_amd64.deb
http://security.debian.org/pool/updates/main/w/wireshark/wireshark-com mon_0.99.4-5.etch.4_amd64.deb
Debian wireshark-dev_0.99.4-5.etch.4_amd64.deb
http://security.de
参考网址
来源: www.wireshark.org
链接:http://www.wireshark.org/security/wnpa-sec-2009-04.HTML
来源: BID
名称: 35748
链接:http://www.securityfocus.com/bid/35748
来源: XF
名称: wireshark-radius-dissector-dos(54019)
链接:http://xforce.iss.net/xforce/xfdb/54019
来源: www.wireshark.org
链接:http://www.wireshark.org/security/wnpa-sec-2009-08.HTML
来源: www.wireshark.org
链接:http://www.wireshark.org/docs/relnotes/wireshark-1.0.10.HTML
来源: VUPEN
名称: ADV-2009-3061
链接:http://www.vupen.com/english/advisories/2009/3061
来源: VUPEN
名称: ADV-2009-1970
链接:http://www.vupen.com/english/advisories/2009/1970
来源: BID
名称: 36846
链接:http://www.securityfocus.com/bid/36846
来源: MLIST
名称: [oss-security] 20090722 Re: CVE request: Wireshark <1.2.1 multiple="">
链接:http://www.openwall.com/lists/oss-security/2009/07/22/2
来源: MANDRIVA
名称: MDVSA-2009:194
链接:http://www.mandriva.com/security/advisories?name=MDVSA-2009:194
来源: SECUNIA
名称: 37175
链接:http://secunia.com/advisories/37175
来源: SECUNIA
名称: 35884
链接:http://secunia.com/advisories/35884
受影响实体
- Wireshark Wireshark:1.0.0
- Wireshark Wireshark:1.0.3
- Wireshark Wireshark:1.0.2
- Wireshark Wireshark:1.0.9
- Wireshark Wireshark:1.0.7
补丁
暂无
![weinxin](http://zone.ci/zone_ci_images/zone.ci.png)
评论