Wireshark AirPcap 未明WEP KEY解析器漏洞

漏洞信息详情

Wireshark AirPcap 未明WEP KEY解析器漏洞

• CNNVD编号：CNNVD-200610-495
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2006-5595
  
• 漏洞类型：
  
  
  资料不足
  
• 发布时间：
  
  2006-10-27
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2006-10-31
  
• 厂        商：
  
  wireshark
• 漏洞来源：
  Wireshark※http://w…

Wireshark以前名为Ethereal，是一款非常流行的网络协议分析工具。

Wireshark的HTTP、LDAP、XOT、WBXML和MIME的协议解析器存在多个漏洞，Wireshark的AirPcap服务存在未明的漏洞,这个漏洞和WEP KEY解析有关。

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接：

Debian已经为此发布了一个安全公告(DSA-1201-1)以及相应补丁:

DSA-1201-1：New ethereal packages fix denial of service

链接：

http://www.debian.org/security/2005/dsa-1201

Debian GNU/Linux 3.1 (sarge)

Source:

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9.dsc

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9.diff.gz

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10.orig.tar.gz

Alpha:

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9_alpha.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge9_alpha.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge9_alpha.deb

http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge9_alpha.deb

AMD64:

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9_amd64.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge9_amd64.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge9_amd64.deb

http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge9_amd64.deb

ARM:

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9_arm.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge9_arm.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge9_arm.deb

http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge9_arm.deb

Intel IA-32:

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9_i386.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge9_i386.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge9_i386.deb

http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge9_i386.deb

Intel IA-64:

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9_ia64.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge9_ia64.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge9_ia64.deb

http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge9_ia64.deb

Motorola 680×0:

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9_m68k.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge9_m68k.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge9_m68k.deb

http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge9_m68k.deb

Big endian MIPS:

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9_mips.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge9_mips.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge9_mips.deb

http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge9_mips.deb

Little endian MIPS:

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9_mipsel.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge9_mipsel.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge9_mipsel.deb

http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge9_mipsel.deb

PowerPC:

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9_powerpc.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge9_powerpc.deb

http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge9_powerpc.deb

http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge9_powerpc.deb

IBM S/390:

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge9_

来源: www.wireshark.org

链接:http://www.wireshark.org/security/wnpa-sec-2006-03.html

来源: BID

名称: 20762

链接:http://www.securityfocus.com/bid/20762

来源: SECUNIA

名称: 22590

链接:http://secunia.com/advisories/22590