Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title wireshark security update
Informations
Name DSA-2700 First vendor Publication 2013-06-02
Vendor Debian Last vendor Modification 2013-06-02
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score 5 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple vulnerabilities were discovered in the dissectors for GTPv2, ASN.1 BER, PPP CCP, DCP ETSI, MPEG DSM-CC and Websocket, which could result in denial of service or the execution of arbitrary code.

The oldstable distribution (squeeze) is not affected.

For the stable distribution (wheezy), these problems have been fixed in version 1.8.2-5wheezy3.

For the unstable distribution (sid), these problems have been fixed in version 1.8.7-1.

We recommend that you upgrade your wireshark packages.

Original Source

Url : http://www.debian.org/security/2013/dsa-2700

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-189 Numeric Errors (CWE/SANS Top 25)
17 % CWE-134 Uncontrolled Format String (CWE/SANS Top 25)
17 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
17 % CWE-20 Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:16228
 
Oval ID: oval:org.mitre.oval:def:16228
Title: epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types
Description: epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet.
Family: windows Class: vulnerability
Reference(s): CVE-2013-3559
 Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
 Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16417
 
Oval ID: oval:org.mitre.oval:def:16417
Title: The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list
Description: The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
Family: windows Class: vulnerability
Reference(s): CVE-2013-3558
 Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
 Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16521
 
Oval ID: oval:org.mitre.oval:def:16521
Title: The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable
Description: The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
Family: windows Class: vulnerability
Reference(s): CVE-2013-3557
 Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
 Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16696
 
Oval ID: oval:org.mitre.oval:def:16696
Title: Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7
Description: Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet.
Family: windows Class: vulnerability
Reference(s): CVE-2013-3562
 Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
 Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16751
 
Oval ID: oval:org.mitre.oval:def:16751
Title: The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string
Description: The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
Family: windows Class: vulnerability
Reference(s): CVE-2013-3560
 Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
 Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16779
 
Oval ID: oval:org.mitre.oval:def:16779
Title: epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers
Description: epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
Family: windows Class: vulnerability
Reference(s): CVE-2013-3555
 Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
 Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19928
 
Oval ID: oval:org.mitre.oval:def:19928
Title: DSA-2700-1 wireshark - several
Description: Multiple vulnerabilities were discovered in the dissectors for GTPv2, ASN.1 BER, PPP CCP, DCP ETSI, MPEG DSM-CC and Websocket, which could result in denial of service or the execution of arbitrary code.
Family: unix Class: patch
Reference(s): DSA-2700-1
CVE-2013-3555
CVE-2013-3557
CVE-2013-3558
CVE-2013-3559
CVE-2013-3560
CVE-2013-3562
 Version: 5
Platform(s): Debian GNU/Linux 7
Debian GNU/kFreeBSD 7
 Product(s): wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25218
 
Oval ID: oval:org.mitre.oval:def:25218
Title: SUSE-SU-2013:1265-1 -- Security update for wireshark
Description: This wireshark version update to 1.8.8 includes several security and general bug fixes.
Family: unix Class: patch
Reference(s): SUSE-SU-2013:1265-1
CVE-2013-4074
CVE-2013-4075
CVE-2013-4076
CVE-2013-4077
CVE-2013-4078
CVE-2013-4079
CVE-2013-4080
CVE-2013-4081
CVE-2013-4082
CVE-2013-4083
CVE-2013-2486
CVE-2013-2487
CVE-2013-3555
CVE-2013-3556
CVE-2013-3557
CVE-2013-3558
CVE-2013-3559
CVE-2013-3560
CVE-2013-3561
CVE-2013-3562
 Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
 Product(s): wireshark
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 22
Os 2
Os 3

Nessus® Vulnerability Scanner

Date Description
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2013-1276-1.nasl - Type : ACT_GATHER_INFO
2015-01-19 Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_wireshark_20130924.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1569.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-536.nasl - Type : ACT_GATHER_INFO
2014-04-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0341.nasl - Type : ACT_GATHER_INFO
2014-04-01 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0341.nasl - Type : ACT_GATHER_INFO
2014-04-01 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0341.nasl - Type : ACT_GATHER_INFO
2014-04-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140331_wireshark_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-12-20 Name : The remote Fedora host is missing a security update.
File : fedora_2013-17635.nasl - Type : ACT_GATHER_INFO
2013-12-10 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20131121_wireshark_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-12-10 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2013-251.nasl - Type : ACT_GATHER_INFO
2013-11-27 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1569.nasl - Type : ACT_GATHER_INFO
2013-11-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1569.nasl - Type : ACT_GATHER_INFO
2013-10-03 Name : The remote Fedora host is missing a security update.
File : fedora_2013-17627.nasl - Type : ACT_GATHER_INFO
2013-09-28 Name : The remote Fedora host is missing a security update.
File : fedora_2013-17661.nasl - Type : ACT_GATHER_INFO
2013-08-29 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201308-05.nasl - Type : ACT_GATHER_INFO
2013-07-31 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_wireshark-8659.nasl - Type : ACT_GATHER_INFO
2013-07-28 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_wireshark-130711.nasl - Type : ACT_GATHER_INFO
2013-06-13 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-172.nasl - Type : ACT_GATHER_INFO
2013-06-03 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2700.nasl - Type : ACT_GATHER_INFO
2013-05-22 Name : The remote Windows host contains an application that is affected by multiple ...
File : wireshark_1_8_7.nasl - Type : ACT_GATHER_INFO
2013-05-22 Name : The remote Windows host contains an application that is affected by a denial ...
File : wireshark_1_6_15.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2014-02-17 11:31:57
  • Multiple Updates
2013-06-02 21:19:48
  • First insertion