Wireshark多个漏洞(MDVSA-2014:050)
Wireshark多个漏洞(MDVSA-2014:050)
发布日期:2014-03-10
更新日期:2014-03-12
受影响系统:
Wireshark Wireshark 1.8.0 - 1.8.12
Wireshark Wireshark 1.10.0 - 1.10.5
描述:
--------------------------------------------------------------------------------
CVE(CAN) ID: CVE-2014-2281,CVE-2014-2282,CVE-2014-2283,CVE-2014-2299
Wireshark是最流行的网络协议解析器。
Wireshark在NFS解析器、M3UA解析器、RLC解析器、MPEG文件解析器在实现上存在错误,可被恶意利用造成拒绝服务,也有可能执行任意代码。
<*来源:vendor
链接:http://secunia.com/advisories/57265/
*>
建议:
--------------------------------------------------------------------------------
厂商补丁:
Wireshark
---------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://www.wireshark.org
http://www.wireshark.org/docs/relnotes/wireshark-1.8.13.html
http://www.wireshark.org/docs/relnotes/wireshark-1.10.6.html
https://www.wireshark.org/security/wnpa-sec-2014-01.html
https://www.wireshark.org/security/wnpa-sec-2014-02.html
https://www.wireshark.org/security/wnpa-sec-2014-03.html
https://www.wireshark.org/security/wnpa-sec-2014-04.html
Wireshark 的详细介绍:请点这里
Wireshark 的下载地址:请点这里
网络抓包工具Wireshark的简单使用
Ubuntu 12.04 下安装Wireshark
Linux中从普通用户启动Wireshark抓包
评论暂时关闭