Executive Summary
Summary | |
---|---|
Title | wireshark security update |
Informations | |||
---|---|---|---|
Name | RHSA-2008:0890 | First vendor Publication | 2008-10-01 |
Vendor | RedHat | Last vendor Modification | 2008-10-01 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in Wireshark. If Wireshark read a malformed packet off a network, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2008-3146) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malformed dump file. (CVE-2008-1070, CVE-2008-1071, CVE-2008-1072, CVE-2008-1561, CVE-2008-1562, CVE-2008-1563, CVE-2008-3137, CVE-2008-3138, CVE-2008-3141, CVE-2008-3145, CVE-2008-3932, CVE-2008-3933, CVE-2008-3934) Additionally, this update changes the default Pluggable Authentication Modules (PAM) configuration to always prompt for the root password before each start of Wireshark. This avoids unintentionally running Wireshark with root privileges. Users of wireshark should upgrade to these updated packages, which contain Wireshark version 1.0.3, and resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 435481 - CVE-2008-1070 wireshark: SCTP dissector crash 435482 - CVE-2008-1071 wireshark: SNMP dissector crash 435483 - CVE-2008-1072 wireshark: TFTP dissector crash 439943 - CVE-2008-1563 wireshark: crash in SCCP dissector 440014 - CVE-2008-1561 wireshark: crash in X.509sat and Roofnet dissectors 440015 - CVE-2008-1562 wireshark: crash in LDAP dissector 448584 - Don't automatically use stored privileges 454970 - CVE-2008-3137 wireshark: crash in the GSM SMS dissector 454971 - CVE-2008-3138 wireshark: unexpected exit in the PANA and KISMET dissectors 454975 - CVE-2008-3141 wireshark: memory disclosure in the RMI dissector 454984 - CVE-2008-3145 wireshark: crash in the packet reassembling 461242 - CVE-2008-3146 wireshark: multiple buffer overflows in NCP dissector 461243 - CVE-2008-3932 wireshark: infinite loop in the NCP dissector 461244 - CVE-2008-3933 wireshark: crash triggered by zlib-compressed packet data 461245 - CVE-2008-3934 wireshark: crash via crafted Tektronix .rf5 file |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2008-0890.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
60 % | CWE-20 | Improper Input Validation |
20 % | CWE-200 | Information Exposure |
10 % | CWE-399 | Resource Management Errors |
10 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10188 | |||
Oval ID: | oval:org.mitre.oval:def:10188 | ||
Title: | The TFTP dissector in Wireshark (formerly Ethereal) 0.6.0 through 0.99.7, when running on Ubuntu 7.10, allows remote attackers to cause a denial of service (crash or memory consumption) via a malformed packet, possibly related to a Cairo library bug. | ||
Description: | The TFTP dissector in Wireshark (formerly Ethereal) 0.6.0 through 0.99.7, when running on Ubuntu 7.10, allows remote attackers to cause a denial of service (crash or memory consumption) via a malformed packet, possibly related to a Cairo library bug. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1072 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10238 | |||
Oval ID: | oval:org.mitre.oval:def:10238 | ||
Title: | The "decode as" feature in packet-bssap.c in the SCCP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||
Description: | The "decode as" feature in packet-bssap.c in the SCCP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1563 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10536 | |||
Oval ID: | oval:org.mitre.oval:def:10536 | ||
Title: | The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0 allow remote attackers to cause a denial of service (application stop) via unknown vectors. | ||
Description: | The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0 allow remote attackers to cause a denial of service (application stop) via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3138 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10624 | |||
Oval ID: | oval:org.mitre.oval:def:10624 | ||
Title: | Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used. | ||
Description: | Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3146 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10860 | |||
Oval ID: | oval:org.mitre.oval:def:10860 | ||
Title: | The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors. | ||
Description: | The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3137 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11273 | |||
Oval ID: | oval:org.mitre.oval:def:11273 | ||
Title: | Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop. | ||
Description: | Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3932 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11324 | |||
Oval ID: | oval:org.mitre.oval:def:11324 | ||
Title: | Unspecified vulnerability in the RMI dissector in Wireshark (formerly Ethereal) 0.9.5 through 1.0.0 allows remote attackers to read system memory via unspecified vectors. | ||
Description: | Unspecified vulnerability in the RMI dissector in Wireshark (formerly Ethereal) 0.9.5 through 1.0.0 allows remote attackers to read system memory via unspecified vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3141 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11378 | |||
Oval ID: | oval:org.mitre.oval:def:11378 | ||
Title: | The SCTP dissector in Wireshark (formerly Ethereal) 0.99.5 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet. | ||
Description: | The SCTP dissector in Wireshark (formerly Ethereal) 0.99.5 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1070 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11633 | |||
Oval ID: | oval:org.mitre.oval:def:11633 | ||
Title: | The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet. | ||
Description: | The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1071 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14549 | |||
Oval ID: | oval:org.mitre.oval:def:14549 | ||
Title: | LDAP dissector vulnerability in Wireshark 0.99.2 through 0.99.8 | ||
Description: | The LDAP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet, a different vulnerability than CVE-2006-5740. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-1562 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14784 | |||
Oval ID: | oval:org.mitre.oval:def:14784 | ||
Title: | SNMP dissector vulnerability in Wireshark 0.99.6 through 0.99.7 | ||
Description: | The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-1071 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14898 | |||
Oval ID: | oval:org.mitre.oval:def:14898 | ||
Title: | Vulnerability in PANA and KISMET dissectors in Wireshark 0.99.3 through 1.0.0 | ||
Description: | The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0 allow remote attackers to cause a denial of service (application stop) via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-3138 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14995 | |||
Oval ID: | oval:org.mitre.oval:def:14995 | ||
Title: | SCTP dissector vulnerability in Wireshark 0.99.5 through 0.99.7 | ||
Description: | The SCTP dissector in Wireshark (formerly Ethereal) 0.99.5 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-1070 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15068 | |||
Oval ID: | oval:org.mitre.oval:def:15068 | ||
Title: | GSM SMS dissector vulnerability in Wireshark 0.99.2 through 1.0.0 | ||
Description: | The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-3137 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15074 | |||
Oval ID: | oval:org.mitre.oval:def:15074 | ||
Title: | SCCP dissector vulnerability in Wireshark 0.99.6 through 0.99.8 | ||
Description: | The "decode as" feature in packet-bssap.c in the SCCP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-1563 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15087 | |||
Oval ID: | oval:org.mitre.oval:def:15087 | ||
Title: | Unspecified vulnerability in Wireshark 0.99.6 through 1.0.2 | ||
Description: | Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-3934 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15089 | |||
Oval ID: | oval:org.mitre.oval:def:15089 | ||
Title: | Multiple unspecified vulnerabilities in Wireshark 0.99.5 through 0.99.8 | ||
Description: | Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) 0.99.5 through 0.99.8 allow remote attackers to cause a denial of service (application crash) via a malformed packet to the (1) X.509sat or (2) Roofnet dissectors. NOTE: Vector 2 might also lead to a hang. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-1561 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21972 | |||
Oval ID: | oval:org.mitre.oval:def:21972 | ||
Title: | ELSA-2008:0890: wireshark security update (Moderate) | ||
Description: | Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0890-01 CVE-2008-1070 CVE-2008-1071 CVE-2008-1072 CVE-2008-1561 CVE-2008-1562 CVE-2008-1563 CVE-2008-3137 CVE-2008-3138 CVE-2008-3141 CVE-2008-3145 CVE-2008-3146 CVE-2008-3932 CVE-2008-3933 CVE-2008-3934 | Version: | 61 |
Platform(s): | Oracle Linux 5 | Product(s): | wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26105 | |||
Oval ID: | oval:org.mitre.oval:def:26105 | ||
Title: | Denial of service vulnerability in Wireshark via crafted zlib-compressed data | ||
Description: | Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-3933 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26171 | |||
Oval ID: | oval:org.mitre.oval:def:26171 | ||
Title: | Denial of service vulnerability in Wireshark via crafted NCP packet | ||
Description: | Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-3932 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26349 | |||
Oval ID: | oval:org.mitre.oval:def:26349 | ||
Title: | Denial of service vulnerability in Wireshark via fragmented packets | ||
Description: | The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-3145 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26384 | |||
Oval ID: | oval:org.mitre.oval:def:26384 | ||
Title: | Unspecified vulnerability in Wireshark via RMI dissector | ||
Description: | Unspecified vulnerability in the RMI dissector in Wireshark (formerly Ethereal) 0.9.5 through 1.0.0 allows remote attackers to read system memory via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-3141 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26438 | |||
Oval ID: | oval:org.mitre.oval:def:26438 | ||
Title: | Multiple buffer overflows vulnerabilities in packet_ncp2222.inc in Wireshark via a crafted NCP packet | ||
Description: | Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-3146 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29012 | |||
Oval ID: | oval:org.mitre.oval:def:29012 | ||
Title: | RHSA-2008:0890 -- wireshark security update (Moderate) | ||
Description: | Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in Wireshark. If Wireshark read a malformed packet off a network, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2008-3146) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0890 CESA-2008:0890-CentOS 3 CESA-2008:0890-CentOS 5 CVE-2008-1070 CVE-2008-1071 CVE-2008-1072 CVE-2008-1561 CVE-2008-1562 CVE-2008-1563 CVE-2008-3137 CVE-2008-3138 CVE-2008-3141 CVE-2008-3145 CVE-2008-3146 CVE-2008-3932 CVE-2008-3933 CVE-2008-3934 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 3 CentOS Linux 5 | Product(s): | wireshark |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9020 | |||
Oval ID: | oval:org.mitre.oval:def:9020 | ||
Title: | The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read. | ||
Description: | The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3145 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9315 | |||
Oval ID: | oval:org.mitre.oval:def:9315 | ||
Title: | Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) 0.99.5 through 0.99.8 allow remote attackers to cause a denial of service (application crash) via a malformed packet to the (1) X.509sat or (2) Roofnet dissectors. NOTE: Vector 2 might also lead to a hang. | ||
Description: | Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) 0.99.5 through 0.99.8 allow remote attackers to cause a denial of service (application crash) via a malformed packet to the (1) X.509sat or (2) Roofnet dissectors. NOTE: Vector 2 might also lead to a hang. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1561 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9318 | |||
Oval ID: | oval:org.mitre.oval:def:9318 | ||
Title: | The LDAP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet, a different vulnerability than CVE-2006-5740. | ||
Description: | The LDAP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet, a different vulnerability than CVE-2006-5740. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1562 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9620 | |||
Oval ID: | oval:org.mitre.oval:def:9620 | ||
Title: | Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function. | ||
Description: | Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3933 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9920 | |||
Oval ID: | oval:org.mitre.oval:def:9920 | ||
Title: | Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. | ||
Description: | Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3934 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-13 | Name : SLES10: Security update for ethereal File : nvt/sles10_ethereal2.nasl |
2009-10-13 | Name : SLES10: Security update for ethereal File : nvt/sles10_ethereal0.nasl |
2009-10-10 | Name : SLES9: Security update for ethereal File : nvt/sles9p5040200.nasl |
2009-10-10 | Name : SLES9: Security update for ethereal File : nvt/sles9p5033780.nasl |
2009-04-09 | Name : Mandriva Update for wireshark MDVSA-2008:199 (wireshark) File : nvt/gb_mandriva_MDVSA_2008_199.nasl |
2009-04-09 | Name : Mandriva Update for wireshark MDVSA-2008:152 (wireshark) File : nvt/gb_mandriva_MDVSA_2008_152.nasl |
2009-04-09 | Name : Mandriva Update for wireshark MDVSA-2008:091 (wireshark) File : nvt/gb_mandriva_MDVSA_2008_091.nasl |
2009-04-09 | Name : Mandriva Update for wireshark MDVSA-2008:057 (wireshark) File : nvt/gb_mandriva_MDVSA_2008_057.nasl |
2009-03-06 | Name : RedHat Update for wireshark RHSA-2008:0890-01 File : nvt/gb_RHSA-2008_0890-01_wireshark.nasl |
2009-02-27 | Name : CentOS Update for wireshark CESA-2008:0890 centos3 i386 File : nvt/gb_CESA-2008_0890_wireshark_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for wireshark CESA-2008:0890 centos3 x86_64 File : nvt/gb_CESA-2008_0890_wireshark_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for wireshark CESA-2008:0890 centos4 i386 File : nvt/gb_CESA-2008_0890_wireshark_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for wireshark CESA-2008:0890 centos4 x86_64 File : nvt/gb_CESA-2008_0890_wireshark_centos4_x86_64.nasl |
2009-02-17 | Name : Fedora Update for wireshark FEDORA-2008-7936 File : nvt/gb_fedora_2008_7936_wireshark_fc9.nasl |
2009-02-17 | Name : Fedora Update for wireshark FEDORA-2008-6645 File : nvt/gb_fedora_2008_6645_wireshark_fc8.nasl |
2009-02-17 | Name : Fedora Update for wireshark FEDORA-2008-6440 File : nvt/gb_fedora_2008_6440_wireshark_fc9.nasl |
2009-02-17 | Name : Fedora Update for wireshark FEDORA-2008-3040 File : nvt/gb_fedora_2008_3040_wireshark_fc8.nasl |
2009-02-17 | Name : Fedora Update for wireshark FEDORA-2008-7894 File : nvt/gb_fedora_2008_7894_wireshark_fc8.nasl |
2009-02-16 | Name : Fedora Update for wireshark FEDORA-2008-2941 File : nvt/gb_fedora_2008_2941_wireshark_fc7.nasl |
2009-01-20 | Name : SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 10.3) File : nvt/suse_sr_2009_001b.nasl |
2009-01-20 | Name : SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 11.0) File : nvt/suse_sr_2009_001a.nasl |
2009-01-20 | Name : SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 11.1) File : nvt/suse_sr_2009_001.nasl |
2008-12-03 | Name : Debian Security Advisory DSA 1673-1 (wireshark) File : nvt/deb_1673_1.nasl |
2008-09-28 | Name : Gentoo Security Advisory GLSA 200809-17 (wireshark) File : nvt/glsa_200809_17.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200808-04 (wireshark) File : nvt/glsa_200808_04.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200805-05 (wireshark) File : nvt/glsa_200805_05.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200803-32 (wireshark) File : nvt/glsa_200803_32.nasl |
2008-09-10 | Name : Wireshark Multiple Vulnerabilities - Sept08 (Linux) File : nvt/secpod_wireshark_mult_vuln_sept08_lin_900213.nasl |
2008-09-10 | Name : Wireshark Multiple Vulnerabilities - Sept-08 (Win) File : nvt/secpod_wireshark_mult_vuln_sept08_win_900212.nasl |
2008-08-22 | Name : Wireshark Multiple Vulnerabilities - July08 (Win) File : nvt/secpod_wireshark_mult_vuln_july08_win_900010.nasl |
2008-08-22 | Name : Wireshark Multiple Vulnerabilities - July08 (Linux) File : nvt/secpod_wireshark_mult_vuln_july08_lin_900011.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
47934 | Wireshark Tektronix .rf5 File Handling DoS Wireshark contains a flaw that may allow a local denial of service. The issue is triggered when a specially crafted .rf5 file is read, and will result in loss of availability for the application. |
47933 | Wireshark zlib-compressed Packet Data Uncompression DoS Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when specially crafted zlib-compressed packets are uncompressed, and will result in loss of availability for the application. |
47932 | Wireshark NCP Dissector Unspecified Infinite Loop DoS |
47931 | Wireshark NCP Dissector Multiple Unspecified Overflows |
46927 | Wireshark reassemble.c Packet Reassembly Unspecified Remote DoS |
46650 | Wireshark RMI Dissector Unspecified System Memory Disclosure |
46648 | Wireshark KISMET Dissector Unspecified DoS |
46647 | Wireshark PANA Dissector Unspecified DoS |
46646 | Wireshark GSM SMS Dissector Unspecified DoS |
43841 | Wireshark SCCP Dissector Decode As Feature Unspecified DoS |
43840 | Wireshark LDAP Dissector Unspecified DoS |
43839 | Wireshark Roofnet Dissector Unspecified DoS |
43838 | Wireshark X.509sat Dissector Unspecified DoS |
42577 | Wireshark TFTP Dissector Malformed Packet Handling Remote DoS |
42576 | Wireshark SNMP Dissector Malformed Packet Handling Remote DoS |
42575 | Wireshark SCTP Dissector Malformed Packet Handling Remote DoS Wireshark SCTP dissector contains a flaw that may allow a remote denial of service. The issue is triggered when malformed packets or trace files are loaded, and will result in loss of availability for the service. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0890.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081001_wireshark_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_ethereal-5866.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12323.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12225.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_wireshark-081220.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_wireshark-080814.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-199.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-152.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-091.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-057.nasl - Type : ACT_GATHER_INFO |
2008-12-26 | Name : The remote openSUSE host is missing a security update. File : suse_wireshark-5886.nasl - Type : ACT_GATHER_INFO |
2008-12-01 | Name : The remote openSUSE host is missing a security update. File : suse_wireshark-5783.nasl - Type : ACT_GATHER_INFO |
2008-12-01 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1673.nasl - Type : ACT_GATHER_INFO |
2008-10-02 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0890.nasl - Type : ACT_GATHER_INFO |
2008-10-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0890.nasl - Type : ACT_GATHER_INFO |
2008-09-26 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200809-17.nasl - Type : ACT_GATHER_INFO |
2008-09-12 | Name : The remote Fedora host is missing a security update. File : fedora_2008-7936.nasl - Type : ACT_GATHER_INFO |
2008-09-12 | Name : The remote Fedora host is missing a security update. File : fedora_2008-7894.nasl - Type : ACT_GATHER_INFO |
2008-08-26 | Name : The remote openSUSE host is missing a security update. File : suse_wireshark-5515.nasl - Type : ACT_GATHER_INFO |
2008-08-26 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_ethereal-5520.nasl - Type : ACT_GATHER_INFO |
2008-08-07 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200808-04.nasl - Type : ACT_GATHER_INFO |
2008-07-23 | Name : The remote Fedora host is missing a security update. File : fedora_2008-6645.nasl - Type : ACT_GATHER_INFO |
2008-07-16 | Name : The remote Fedora host is missing a security update. File : fedora_2008-6440.nasl - Type : ACT_GATHER_INFO |
2008-05-09 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200805-05.nasl - Type : ACT_GATHER_INFO |
2008-04-11 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2941.nasl - Type : ACT_GATHER_INFO |
2008-04-11 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3040.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote openSUSE host is missing a security update. File : suse_wireshark-5145.nasl - Type : ACT_GATHER_INFO |
2008-03-26 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200803-32.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:51:58 |
|