Executive Summary
Summary | |
---|---|
Title | New wireshark packages fix several vulnerabilities |
Informations | |||
---|---|---|---|
Name | DSA-1942 | First vendor Publication | 2009-11-29 |
Vendor | Debian | Last vendor Modification | 2009-11-29 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to the execution of arbitrary code or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2560 A NULL pointer dereference was found in the RADIUS dissector. CVE-2009-3550 A NULL pointer dereference was found in the DCERP/NT dissector. CVE-2009-3829 An integer overflow was discovered in the ERF parser. This update also includes fixes for three minor issues, which were scheduled for the next stable point update. (CVE-2008-1829, CVE-2009-2562, CVE-2009-3241). Also CVE-2009-1268 was fixed for Etch. Since this security update was issued prior to the release of the point update, the fixes were included. For the old stable distribution (etch), this problem has been fixed in version 0.99.4-5.etch.4. For the stable distribution (lenny), this problem has been fixed in version 1.0.2-3+lenny7. For the unstable distribution (sid) these problems have been fixed in version 1.2.3-1. We recommend that you upgrade your Wireshark packages. |
Original Source
Url : http://www.debian.org/security/2009/dsa-1942 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
50 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10103 | |||
Oval ID: | oval:org.mitre.oval:def:10103 | ||
Title: | The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party information. | ||
Description: | The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party information. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3550 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10403 | |||
Oval ID: | oval:org.mitre.oval:def:10403 | ||
Title: | Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissector. NOTE: it was later reported that the RADIUS issue also affects 0.10.13 through 1.0.9. | ||
Description: | Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissector. NOTE: it was later reported that the RADIUS issue also affects 0.10.13 through 1.0.9. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-2560 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10876 | |||
Oval ID: | oval:org.mitre.oval:def:10876 | ||
Title: | The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet. | ||
Description: | The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1268 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11643 | |||
Oval ID: | oval:org.mitre.oval:def:11643 | ||
Title: | Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. | ||
Description: | Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-2562 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13282 | |||
Oval ID: | oval:org.mitre.oval:def:13282 | ||
Title: | DSA-1942-1 wireshark -- several | ||
Description: | Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to the execution of arbitrary code or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2560 A NULL pointer dereference was found in the RADIUS dissector. CVE-2009-3550 A NULL pointer dereference was found in the DCERP/NT dissector. CVE-2009-3829 An integer overflow was discovered in the ERF parser. This update also includes fixes for three minor issues, which were scheduled for the next stable point update. Also CVE-2009-1268 was fixed for Etch. Since this security update was issued prior to the release of the point update, the fixes were included. For the old stable distribution, this problem has been fixed in version 0.99.4-5.etch.4. For the stable distribution, this problem has been fixed in version 1.0.2-3+lenny7. For the unstable distribution these problems have been fixed in version 1.2.3-1. We recommend that you upgrade your Wireshark packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1942-1 CVE-2009-1268 CVE-2008-1829 CVE-2009-2560 CVE-2009-2562 CVE-2009-3241 CVE-2009-3550 CVE-2009-3829 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | wireshark |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22056 | |||
Oval ID: | oval:org.mitre.oval:def:22056 | ||
Title: | ELSA-2009:1100: wireshark security update (Moderate) | ||
Description: | Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:1100-01 CVE-2009-1210 CVE-2009-1268 CVE-2009-1269 CVE-2009-1829 | Version: | 21 |
Platform(s): | Oracle Linux 5 | Product(s): | wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25945 | |||
Oval ID: | oval:org.mitre.oval:def:25945 | ||
Title: | Unspecified vulnerability in Wireshark via crafted PCNFSD packets | ||
Description: | Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-1829 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28894 | |||
Oval ID: | oval:org.mitre.oval:def:28894 | ||
Title: | RHSA-2009:1100 -- wireshark security update (Moderate) | ||
Description: | Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A format string flaw was found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2009-1210) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2009-1268, CVE-2009-1269, CVE-2009-1829) Users of wireshark should upgrade to these updated packages, which contain Wireshark version 1.0.8, and resolve these issues. All running instances of Wireshark must be restarted for the update to take effect. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:1100 CESA-2009:1100-CentOS 3 CESA-2009:1100-CentOS 5 CVE-2009-1210 CVE-2009-1268 CVE-2009-1269 CVE-2009-1829 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 3 CentOS Linux 5 | Product(s): | wireshark |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5335 | |||
Oval ID: | oval:org.mitre.oval:def:5335 | ||
Title: | Wireshark CPHAP dissector Denial of Service Vulnerability | ||
Description: | The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-1268 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5625 | |||
Oval ID: | oval:org.mitre.oval:def:5625 | ||
Title: | DOS vulnerability in the AFS dissector in Wireshark. | ||
Description: | Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2562 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5979 | |||
Oval ID: | oval:org.mitre.oval:def:5979 | ||
Title: | Wireshark Integer overflow vulnerability in wiretap/erf.c | ||
Description: | Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3829 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6005 | |||
Oval ID: | oval:org.mitre.oval:def:6005 | ||
Title: | Wireshark DoS Vulnerability due to the DCERPC/NT dissector | ||
Description: | The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party information. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3550 | Version: | 10 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6162 | |||
Oval ID: | oval:org.mitre.oval:def:6162 | ||
Title: | DOS vulnerability in the OpcUa (OPC UA) dissector in Wireshark. | ||
Description: | Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3241 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6416 | |||
Oval ID: | oval:org.mitre.oval:def:6416 | ||
Title: | Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause DOS. | ||
Description: | Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissector. NOTE: it was later reported that the RADIUS issue also affects 0.10.13 through 1.0.9. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2560 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7586 | |||
Oval ID: | oval:org.mitre.oval:def:7586 | ||
Title: | DSA-1942 wireshark -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to the execution of arbitrary code or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems: A NULL pointer dereference was found in the RADIUS dissector. A NULL pointer dereference was found in the DCERP/NT dissector. An integer overflow was discovered in the ERF parser. This update also includes fixes for three minor issues (CVE-2008-1829, CVE-2009-2562, CVE-2009-3241), which were scheduled for the next stable point update. Also CVE-2009-1268 was fixed for Etch. Since this security update was issued prior to the release of the point update, the fixes were included. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1942 CVE-2009-1268 CVE-2008-1829 CVE-2009-2560 CVE-2009-2562 CVE-2009-3241 CVE-2009-3550 CVE-2009-3829 | Version: | 3 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | wireshark |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9270 | |||
Oval ID: | oval:org.mitre.oval:def:9270 | ||
Title: | Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets. | ||
Description: | Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1829 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9945 | |||
Oval ID: | oval:org.mitre.oval:def:9945 | ||
Title: | Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability." | ||
Description: | Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3829 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for wireshark CESA-2010:0360 centos5 i386 File : nvt/gb_CESA-2010_0360_wireshark_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for wireshark CESA-2009:1100 centos3 i386 File : nvt/gb_CESA-2009_1100_wireshark_centos3_i386.nasl |
2011-08-09 | Name : CentOS Update for wireshark CESA-2009:1100 centos5 i386 File : nvt/gb_CESA-2009_1100_wireshark_centos5_i386.nasl |
2010-04-29 | Name : RedHat Update for wireshark RHSA-2010:0360-01 File : nvt/gb_RHSA-2010_0360-01_wireshark.nasl |
2010-04-29 | Name : CentOS Update for wireshark CESA-2010:0360 centos4 i386 File : nvt/gb_CESA-2010_0360_wireshark_centos4_i386.nasl |
2010-04-29 | Name : CentOS Update for wireshark CESA-2010:0360 centos3 i386 File : nvt/gb_CESA-2010_0360_wireshark_centos3_i386.nasl |
2009-12-14 | Name : SLES11: Security update for wireshark File : nvt/sles11_wireshark1.nasl |
2009-12-10 | Name : Debian Security Advisory DSA 1942-1 (wireshark) File : nvt/deb_1942_1.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:292-1 (wireshark) File : nvt/mdksa_2009_292_1.nasl |
2009-12-10 | Name : Fedora Core 10 FEDORA-2009-7998 (wireshark) File : nvt/fcore_2009_7998.nasl |
2009-12-03 | Name : Gentoo Security Advisory GLSA 200911-05 (wireshark) File : nvt/glsa_200911_05.nasl |
2009-12-03 | Name : SLES9: Security update for ethereal File : nvt/sles9p5063382.nasl |
2009-12-03 | Name : SLES10: Security update for ethereal File : nvt/sles10_ethereal4.nasl |
2009-11-11 | Name : Fedora Core 11 FEDORA-2009-9837 (wireshark) File : nvt/fcore_2009_9837.nasl |
2009-11-11 | Name : Mandriva Security Advisory MDVSA-2009:292 (wireshark) File : nvt/mdksa_2009_292.nasl |
2009-11-04 | Name : Wireshark 'DCERPC/NT' Dissector DOS Vulnerability - Nov09 (Linux) File : nvt/gb_wireshark_dcerpcnt_dos_vuln_nov09_lin.nasl |
2009-11-04 | Name : Wireshark 'DCERPC/NT' Dissector DOS Vulnerability - Nov09 (Win) File : nvt/gb_wireshark_dcerpcnt_dos_vuln_nov09_win.nasl |
2009-11-04 | Name : Wireshark 'wiretap/erf.c' Unsigned Integer Wrap Vulnerability - Nov09 (Linux) File : nvt/gb_wireshark_wiretap_dos_vuln_nov09_lin.nasl |
2009-11-04 | Name : Wireshark 'wiretap/erf.c' Unsigned Integer Wrap Vulnerability - Nov09 (Win) File : nvt/gb_wireshark_wiretap_dos_vuln_nov09_win.nasl |
2009-10-19 | Name : SuSE Security Summary SUSE-SR:2009:016 File : nvt/suse_sr_2009_016.nasl |
2009-10-19 | Name : Mandrake Security Advisory MDVSA-2009:270 (wireshark) File : nvt/mdksa_2009_270.nasl |
2009-10-13 | Name : SLES10: Security update for ethereal File : nvt/sles10_ethereal.nasl |
2009-10-13 | Name : SLES10: Security update for ethereal File : nvt/sles10_ethereal1.nasl |
2009-10-11 | Name : SLES11: Security update for ethereal and wireshark File : nvt/sles11_wireshark0.nasl |
2009-10-11 | Name : SLES11: Security update for wireshark File : nvt/sles11_wireshark.nasl |
2009-10-10 | Name : SLES9: Security update for ethereal File : nvt/sles9p5050540.nasl |
2009-10-10 | Name : SLES9: Security update for ethereal File : nvt/sles9p5056989.nasl |
2009-09-24 | Name : Wireshark OpcUa Dissector Denial of Service Vulnerability (Linux) File : nvt/secpod_wireshark_opcua_dos_vuln_lin.nasl |
2009-09-24 | Name : Wireshark OpcUa Dissector Denial of Service Vulnerability (Win) File : nvt/secpod_wireshark_opcua_dos_vuln_win.nasl |
2009-09-15 | Name : Gentoo Security Advisory GLSA 200909-16 (wireshark) File : nvt/glsa_200909_16.nasl |
2009-09-09 | Name : SuSE Security Summary SUSE-SR:2009:014 File : nvt/suse_sr_2009_014.nasl |
2009-08-17 | Name : Mandrake Security Advisory MDVSA-2009:194 (wireshark) File : nvt/mdksa_2009_194.nasl |
2009-07-22 | Name : Wireshark AFS Dissector Denial of Service Vulnerability (Linux) File : nvt/secpod_wireshark_afs_dos_vuln_lin.nasl |
2009-07-22 | Name : Wireshark AFS Dissector Denial of Service Vulnerability (Win) File : nvt/secpod_wireshark_afs_dos_vuln_win.nasl |
2009-07-22 | Name : Wireshark Multiple Vulnerabilities - July09 (Linux) File : nvt/secpod_wireshark_mult_vuln_jul09_lin.nasl |
2009-07-22 | Name : Wireshark Multiple Vulnerabilities - July09 (Win) File : nvt/secpod_wireshark_mult_vuln_jul09_win.nasl |
2009-07-06 | Name : Gentoo Security Advisory GLSA 200906-05 (wireshark) File : nvt/glsa_200906_05.nasl |
2009-06-23 | Name : CentOS Security Advisory CESA-2009:1100 (wireshark) File : nvt/ovcesa2009_1100.nasl |
2009-06-23 | Name : RedHat Security Advisory RHSA-2009:1100 File : nvt/RHSA_2009_1100.nasl |
2009-06-15 | Name : SuSE Security Summary SUSE-SR:2009:011 File : nvt/suse_sr_2009_011.nasl |
2009-06-05 | Name : Fedora Core 9 FEDORA-2009-5339 (wireshark) File : nvt/fcore_2009_5339.nasl |
2009-06-05 | Name : Fedora Core 10 FEDORA-2009-5382 (wireshark) File : nvt/fcore_2009_5382.nasl |
2009-06-05 | Name : Mandrake Security Advisory MDVSA-2009:125 (wireshark) File : nvt/mdksa_2009_125.nasl |
2009-06-05 | Name : wireshark -- PCNFSD Dissector Denial of Service Vulnerability File : nvt/freebsd_ethereal9.nasl |
2009-06-01 | Name : Wireshark PCNFSD Dissector Denial of Service Vulnerability (Win) File : nvt/secpod_wireshark_pcnfsd_dos_vuln_win.nasl |
2009-06-01 | Name : Wireshark PCNFSD Dissector Denial of Service Vulnerability (Linux) File : nvt/secpod_wireshark_pcnfsd_dos_vuln_lin.nasl |
2009-05-20 | Name : Fedora Core 10 FEDORA-2009-3599 (wireshark) File : nvt/fcore_2009_3599.nasl |
2009-05-11 | Name : FreeBSD Ports: wireshark, wireshark-lite File : nvt/freebsd_wireshark2.nasl |
2009-05-05 | Name : Debian Security Advisory DSA 1785-1 (wireshark) File : nvt/deb_1785_1.nasl |
2009-04-20 | Name : Wireshark Multiple Unspecified Vulnerability - Apr09 (Win) File : nvt/gb_wireshark_mult_vuln_apr09_win.nasl |
2009-04-20 | Name : Wireshark Multiple Unspecified Vulnerability - Apr09 (Linux) File : nvt/gb_wireshark_mult_vuln_apr09_lin.nasl |
2009-04-20 | Name : Ubuntu USN-759-1 (poppler) File : nvt/ubuntu_759_1.nasl |
2009-04-15 | Name : Mandrake Security Advisory MDVSA-2009:088 (wireshark) File : nvt/mdksa_2009_088.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
59478 | Wireshark wiretap/erf.c Unsigned Integer Wrap ERF File Handling Overflow |
59461 | Wireshark RADIUS Dissector Unspecified DoS Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when an unspecified error in the RADIUS dissector occurs, and will result in loss of availability for the service. |
59460 | Wireshark DCERPC/NT Dissector Unspecified DoS Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when a NULL pointer dereference error within the DCERPC/NT dissector occurs, and will result in loss of availability for the service. |
58157 | Wireshark OpcUa Dissector Unspecified Resource Exhaustion DoS Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when processing malformed OPCUA Service CallRequest packets, and will result in loss of availability for the service. |
56021 | Wireshark MIOP Dissector Unspecified DoS Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when the MIOP dissector processes packets with malformed Unique ID lengths (>=256 bytes), and will result in loss of availability for the service. |
56020 | Wireshark RADIUS Dissector Unspecified DoS Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when specially crafted RADIUS packets are dissected, and will result in loss of availability for the platform. |
56019 | Wireshark Bluetooth L2CAP Dissector Unspecified DoS Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when an unspecified condition occurs, and will result in loss of availability for the service. |
56017 | Wireshark AFS Dissector Unspecified DoS Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when an unspecified condition related to the AFS dissector occurs, and will result in loss of availability for the service. |
54629 | Wireshark PCNFSD Dissector Packet Handling DoS |
53670 | Wireshark CPHAP Dissector Crafted FWHA_MY_STATE Packet Handling DoS |
44483 | Oracle PeopleSoft HCM Recruiting HTTP Unspecified Remote Issue |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0360.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1100.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100420_wireshark_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090615_wireshark_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_ethereal-6628.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0360.nasl - Type : ACT_GATHER_INFO |
2010-04-22 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0360.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1942.nasl - Type : ACT_GATHER_INFO |
2009-12-09 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_wireshark-091125.nasl - Type : ACT_GATHER_INFO |
2009-12-07 | Name : The remote Fedora host is missing a security update. File : fedora_2009-7998.nasl - Type : ACT_GATHER_INFO |
2009-12-04 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-292.nasl - Type : ACT_GATHER_INFO |
2009-12-01 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12530.nasl - Type : ACT_GATHER_INFO |
2009-12-01 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_wireshark-091125.nasl - Type : ACT_GATHER_INFO |
2009-12-01 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_wireshark-091125.nasl - Type : ACT_GATHER_INFO |
2009-12-01 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_wireshark-091125.nasl - Type : ACT_GATHER_INFO |
2009-12-01 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_ethereal-6627.nasl - Type : ACT_GATHER_INFO |
2009-11-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200911-05.nasl - Type : ACT_GATHER_INFO |
2009-11-05 | Name : The remote Fedora host is missing a security update. File : fedora_2009-9837.nasl - Type : ACT_GATHER_INFO |
2009-10-13 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-270.nasl - Type : ACT_GATHER_INFO |
2009-10-08 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_wireshark-091006.nasl - Type : ACT_GATHER_INFO |
2009-10-08 | Name : The remote openSUSE host is missing a security update. File : suse_wireshark-6533.nasl - Type : ACT_GATHER_INFO |
2009-10-08 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_wireshark-091005.nasl - Type : ACT_GATHER_INFO |
2009-10-06 | Name : The remote openSUSE host is missing a security update. File : suse_wireshark-6444.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_ethereal-090818.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_wireshark-090525.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_ethereal-6269.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_ethereal-6443.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12424.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12485.nasl - Type : ACT_GATHER_INFO |
2009-09-21 | Name : The remote host has an application that is affected by multiple vulnerabilities. File : wireshark_1_0_9.nasl - Type : ACT_GATHER_INFO |
2009-09-16 | Name : The remote host has an application that is affected by multiple vulnerabilities. File : wireshark_1_2_2.nasl - Type : ACT_GATHER_INFO |
2009-09-14 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200909-16.nasl - Type : ACT_GATHER_INFO |
2009-09-02 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_wireshark-090818.nasl - Type : ACT_GATHER_INFO |
2009-09-02 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_wireshark-090818.nasl - Type : ACT_GATHER_INFO |
2009-08-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-194.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_wireshark-090525.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote host has an application that is affected by multiple vulnerabilities. File : wireshark_1_2_1.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_wireshark-090525.nasl - Type : ACT_GATHER_INFO |
2009-07-01 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200906-05.nasl - Type : ACT_GATHER_INFO |
2009-06-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1100.nasl - Type : ACT_GATHER_INFO |
2009-06-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1100.nasl - Type : ACT_GATHER_INFO |
2009-06-01 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_a2d4a3304d5411de88110030843d3802.nasl - Type : ACT_GATHER_INFO |
2009-06-01 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-125.nasl - Type : ACT_GATHER_INFO |
2009-05-27 | Name : The remote openSUSE host is missing a security update. File : suse_wireshark-6271.nasl - Type : ACT_GATHER_INFO |
2009-05-26 | Name : The remote Fedora host is missing a security update. File : fedora_2009-5382.nasl - Type : ACT_GATHER_INFO |
2009-05-26 | Name : The remote Fedora host is missing a security update. File : fedora_2009-5339.nasl - Type : ACT_GATHER_INFO |
2009-05-18 | Name : The remote Fedora host is missing a security update. File : fedora_2009-3599.nasl - Type : ACT_GATHER_INFO |
2009-05-11 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_defce06839aa11dea493001b77d09812.nasl - Type : ACT_GATHER_INFO |
2009-05-04 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1785.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-088.nasl - Type : ACT_GATHER_INFO |
2009-04-10 | Name : The remote host has an application that is affected by multiple vulnerabilities. File : wireshark_1_0_7.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:29:02 |
|