Executive Summary
Summary | |
---|---|
Title | New wireshark packages fix several vulnerabilities |
Informations | |||
---|---|---|---|
Name | DSA-1414 | First vendor Publication | 2007-11-27 |
Vendor | Debian | Last vendor Modification | 2007-11-27 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-6114 Stefan Esser discovered a buffer overflow in the SSL dissector. "Fabiodds" discovered a buffer overflow in the iSeries trace dissector. CVE-2007-6117 A programming error was discovered in the HTTP dissector, which may lead to denial of service. CVE-2007-6118 The MEGACO dissector could be tricked into ressource exhaustion. CVE-2007-6120 The Bluetooth SDP dissector could be tricked into an endless loop. CVE-2007-6121 The RPC portmap dissector could be tricked into dereferencing a NULL pointer. For the stable distribution (etch), these problems have been fixed in version 0.99.4-5.etch.1. Updates packages for sparc will be provided later. For the old stable distribution (sarge), these problems have been fixed in version 0.10.10-2sarge10. (In Sarge Wireshark used to be called Ethereal). Updates packages for sparc and m68k will be provided later. We recommend that you upgrade your wireshark/ethereal packages. |
Original Source
Url : http://www.debian.org/security/2007/dsa-1414 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
67 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
33 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10659 | |||
Oval ID: | oval:org.mitre.oval:def:10659 | ||
Title: | The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors. | ||
Description: | The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6118 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10708 | |||
Oval ID: | oval:org.mitre.oval:def:10708 | ||
Title: | Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser. | ||
Description: | Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6114 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11374 | |||
Oval ID: | oval:org.mitre.oval:def:11374 | ||
Title: | Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet. | ||
Description: | Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6121 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11508 | |||
Oval ID: | oval:org.mitre.oval:def:11508 | ||
Title: | Unspecified vulnerability in the HTTP dissector for Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted chunked messages. | ||
Description: | Unspecified vulnerability in the HTTP dissector for Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted chunked messages. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6117 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14802 | |||
Oval ID: | oval:org.mitre.oval:def:14802 | ||
Title: | Bluetooth SDP dissector vulnerability in Wireshark 0.99.2 to 0.99.6 | ||
Description: | The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-6120 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:18331 | |||
Oval ID: | oval:org.mitre.oval:def:18331 | ||
Title: | DSA-1414-1 wireshark - several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to denial of service or execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1414-1 CVE-2007-6114 CVE-2007-6117 CVE-2007-6118 CVE-2007-6120 CVE-2007-6121 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:9488 | |||
Oval ID: | oval:org.mitre.oval:def:9488 | ||
Title: | The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | ||
Description: | The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6120 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-04-09 | Name : Mandriva Update for wireshark MDVSA-2008:001-1 (wireshark) File : nvt/gb_mandriva_MDVSA_2008_001_1.nasl |
2009-04-09 | Name : Mandriva Update for wireshark MDVSA-2008:1 (wireshark) File : nvt/gb_mandriva_MDVSA_2008_1.nasl |
2009-03-06 | Name : RedHat Update for wireshark RHSA-2008:0058-01 File : nvt/gb_RHSA-2008_0058-01_wireshark.nasl |
2009-03-06 | Name : RedHat Update for wireshark RHSA-2008:0059-01 File : nvt/gb_RHSA-2008_0059-01_wireshark.nasl |
2009-02-27 | Name : CentOS Update for libsmi CESA-2008:0058 centos4 i386 File : nvt/gb_CESA-2008_0058_libsmi_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for libsmi CESA-2008:0058 centos4 x86_64 File : nvt/gb_CESA-2008_0058_libsmi_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for libsmi CESA-2008:0059 centos3 i386 File : nvt/gb_CESA-2008_0059_libsmi_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for libsmi CESA-2008:0059 centos3 x86_64 File : nvt/gb_CESA-2008_0059_libsmi_centos3_x86_64.nasl |
2009-02-27 | Name : Fedora Update for wireshark FEDORA-2007-4590 File : nvt/gb_fedora_2007_4590_wireshark_fc8.nasl |
2009-02-27 | Name : Fedora Update for wireshark FEDORA-2007-4690 File : nvt/gb_fedora_2007_4690_wireshark_fc7.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200712-23 (wireshark) File : nvt/glsa_200712_23.nasl |
2008-09-04 | Name : wireshark -- multiple vulnerabilities File : nvt/freebsd_wireshark0.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1414-1 (wireshark) File : nvt/deb_1414_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
40468 | Wireshark iSeries (OS/400) Communication Trace File Parser Unspecified Remote... |
40467 | Wireshark SSL Dissector Unspecified Remote Overflow |
40453 | Wireshark HTTP Dissector Chunked Message Handling Unspecified Remote Issue |
40452 | Wireshark MEGACO Dissector Unspecified Remote DoS |
40451 | Wireshark Malformed RPC Portmap Packet Handling Remote DoS |
40450 | Wireshark Bluetooth SDP Dissector Unspecified Infinite Loop Remote DoS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0058.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0059.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080121_wireshark_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0058.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-001.nasl - Type : ACT_GATHER_INFO |
2008-01-22 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0059.nasl - Type : ACT_GATHER_INFO |
2008-01-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0058.nasl - Type : ACT_GATHER_INFO |
2008-01-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0059.nasl - Type : ACT_GATHER_INFO |
2008-01-04 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1446.nasl - Type : ACT_GATHER_INFO |
2007-12-31 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200712-23.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote Fedora host is missing a security update. File : fedora_2007-4590.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote Fedora host is missing a security update. File : fedora_2007-4690.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_8a835235ae8411dca5f9001a4d49522b.nasl - Type : ACT_GATHER_INFO |
2007-11-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1414.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:27:02 |
|