Package wireshark updated to version 1.10.7-alt1 for branch sisyphus in task 118988.

Published: 2014-04-23

BDU:2015-00784

Уязвимость программного обеспечения Wireshark Network Protocol Analyzer, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

Severity: MEDIUM (4.3)

References:

CVE-2014-2907
ID:183340

Published: 2014-04-24
Modified: 2024-11-21

CVE-2014-2907

The srtp_add_address function in epan/dissectors/packet-rtp.c in the RTP dissector in Wireshark 1.10.x before 1.10.7 does not properly update SRTP conversation data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Severity: MEDIUM (4.3)

References:

openSUSE-SU-2014:0612
openSUSE-SU-2014:0612
http://www.wireshark.org/security/wnpa-sec-2014-06.html
http://www.wireshark.org/security/wnpa-sec-2014-06.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9885
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9885
https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=30ba425e7e95f7b61b3a3e5ff0c46e4be9d3d8d7
https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=30ba425e7e95f7b61b3a3e5ff0c46e4be9d3d8d7

Version: 2.1.0

Package wireshark update in sisyphus on 2014-04-29

ALT-PU-2014-1565-1

Closed vulnerabilities

BDU:2015-00784

CVE-2014-2907