Executive Summary
| Summary | |
|---|---|
| Title | wireshark security update |
| Informations | |||
|---|---|---|---|
| Name | DSA-3002 | First vendor Publication | 2014-08-10 |
| Vendor | Debian | Last vendor Modification | 2014-08-10 |
| Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Multiple vulnerabilities were discovered in the dissectors for Catapult DCT2000, IrDA, GSM Management, RLC ASN.1 BER, which could result in denial of service. For the stable distribution (wheezy), these problems have been fixed in version 1.8.2-5wheezy11. For the unstable distribution (sid), these problems will be fixed soon. We recommend that you upgrade your wireshark packages. |
Original Source
| Url : http://www.debian.org/security/2014/dsa-3002 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:26018 | |||
| Oval ID: | oval:org.mitre.oval:def:26018 | ||
| Title: | DSA-3002-1 wireshark - security update | ||
| Description: | Multiple vulnerabilities were discovered in the dissectors for Catapult DCT2000, IrDA, GSM Management, RLC ASN.1 BER, which could result in denial of service. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-3002-1 CVE-2014-5161 CVE-2014-5162 CVE-2014-5163 CVE-2014-5164 CVE-2014-5165 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | wireshark |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27036 | |||
| Oval ID: | oval:org.mitre.oval:def:27036 | ||
| Title: | SUSE-SU-2014:1221-1 -- Security update for wireshark | ||
| Description: | The wireshark package was upgraded to 1.10.10 from 1.8.x as 1.8 was discontinued. This update fixes vulnerabilities that could allow an attacker to crash Wireshark or make it become unresponsive by sending specific packets onto the network or have them loaded via a capture file while the dissectors are running. It also contains a number of other bug fixes. * RTP dissector crash. (wnpa-sec-2014-12 CVE-2014-6421 CVE-2014-6422) * MEGACO dissector infinite loop. (wnpa-sec-2014-13 CVE-2014-6423) * Netflow dissector crash. (wnpa-sec-2014-14 CVE-2014-6424) * RTSP dissector crash. (wnpa-sec-2014-17 CVE-2014-6427) * SES dissector crash. (wnpa-sec-2014-18 CVE-2014-6428) * Sniffer file parser crash. (wnpa-sec-2014-19 CVE-2014-6429 CVE-2014-6430 CVE-2014-6431 CVE-2014-6432) * The Catapult DCT2000 and IrDA dissectors could underrun a buffer. (wnpa-sec-2014-08 CVE-2014-5161 CVE-2014-5162, bnc#889901) * The GSM Management dissector could crash. (wnpa-sec-2014-09 CVE-2014-5163, bnc#889906) * The RLC dissector could crash. (wnpa-sec-2014-10 CVE-2014-5164, bnc#889900) * The ASN.1 BER dissector could crash. (wnpa-sec-2014-11 CVE-2014-5165, bnc#889899) Further bug fixes as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.10.10.html <https://www.wireshark.org/docs/relnotes/wireshark-1.10.10.html> and https://www.wireshark.org/docs/relnotes/wireshark-1.10.9.html <https://www.wireshark.org/docs/relnotes/wireshark-1.10.9.html> . Security Issues: * CVE-2014-5161 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5161> * CVE-2014-5162 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5162> * CVE-2014-5163 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5163> * CVE-2014-5164 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5164> * CVE-2014-5165 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5165> * CVE-2014-6421 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6421> * CVE-2014-6422 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6422> * CVE-2014-6423 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6423> * CVE-2014-6424 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6424> * CVE-2014-6427 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6427> * CVE-2014-6428 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6428> * CVE-2014-6429 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6429> * CVE-2014-6430 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6430> * CVE-2014-6431 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6431> * CVE-2014-6432 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6432> | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2014:1221-1 CVE-2014-6421 CVE-2014-6422 CVE-2014-6423 CVE-2014-6424 CVE-2014-6427 CVE-2014-6428 CVE-2014-6429 CVE-2014-6430 CVE-2014-6431 CVE-2014-6432 CVE-2014-5161 CVE-2014-5162 CVE-2014-5163 CVE-2014-5164 CVE-2014-5165 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | wireshark |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2014-08-07 | IAVM : 2014-B-0104 - Multiple Denial of Service Vulnerabilities in Wireshark Severity : Category I - VMSKEY : V0053635 |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_wireshark_20140915.nasl - Type : ACT_GATHER_INFO |
| 2014-10-02 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-566.nasl - Type : ACT_GATHER_INFO |
| 2014-09-29 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_wireshark-140923.nasl - Type : ACT_GATHER_INFO |
| 2014-09-02 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201409-01.nasl - Type : ACT_GATHER_INFO |
| 2014-08-21 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-499.nasl - Type : ACT_GATHER_INFO |
| 2014-08-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3002.nasl - Type : ACT_GATHER_INFO |
| 2014-08-09 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-159.nasl - Type : ACT_GATHER_INFO |
| 2014-08-08 | Name : The remote Fedora host is missing a security update. File : fedora_2014-9112.nasl - Type : ACT_GATHER_INFO |
| 2014-08-04 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_10_9.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-08-12 13:24:02 |
|
| 2014-08-11 00:21:18 |
|
