Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title wireshark security, bug fix, and enhancement update
Informations
Name RHSA-2013:1569 First vendor Publication 2013-11-21
Vendor RedHat Last vendor Modification 2013-11-21
Severity (Vendor) Moderate Revision 02

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated wireshark packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64

3. Description:

Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network.

Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2013-3559, CVE-2013-4083)

Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2012-2392, CVE-2012-3825, CVE-2012-4285, CVE-2012-4288, CVE-2012-4289, CVE-2012-4290, CVE-2012-4291, CVE-2012-4292, CVE-2012-5595, CVE-2012-5597, CVE-2012-5598, CVE-2012-5599, CVE-2012-5600, CVE-2012-6056, CVE-2012-6059, CVE-2012-6060, CVE-2012-6061, CVE-2012-6062, CVE-2013-3557, CVE-2013-3561, CVE-2013-4081, CVE-2013-4927, CVE-2013-4931, CVE-2013-4932, CVE-2013-4933, CVE-2013-4934, CVE-2013-4935, CVE-2013-4936, CVE-2013-5721)

The wireshark packages have been upgraded to upstream version 1.8.10, which provides a number of bug fixes and enhancements over the previous versions. For more information on the bugs fixed, enhancements included, and supported protocols introduced, refer to the Wireshark Release Notes, linked to in the References. (BZ#711024)

This update also fixes the following bugs:

* Previously, Wireshark did not parse the RECLAIM-COMPLETE opcode when inspecting traffic generated by NFSv4.1. A patch has been provided to enable the parsing of the RECLAIM_COMPLETE opcode, and Wireshark is now able to properly dissect and handle NFSv4.1 traffic. (BZ#750712)

* Prior to this update, frame arrival times in a text file were reported one hour ahead from the timestamps in the packet capture file. This resulted in various failures being reported by the dfilter-test.py test suite. To fix this bug, frame arrival timestamps have been shifted by one hour, thus fixing this bug. (BZ#832021)

* The "tshark -D" command returned output to STDERR instead of STDOUT, which could break scripts that are parsing the "tshark -D" output. This bug has been fixed, and the "tshark -D" command now writes output data to a correct standard stream. (BZ#1004636)

* Due to an array overrun, Wireshark could experience undefined program behavior or could unexpectedly terminate. With this update, proper array handling ensures Wireshark no longer crashes in the described scenario. (BZ#715560)

* Previously, the dftest and randpkt command line utilities lacked manual pages. This update adds proper manual pages for both utilities. (BZ#659661)

In addition, this update adds the following enhancements:

* With this update, Wireshark is able to properly dissect and handle InfiniBand and GlusterFS traffic. (BZ#699636, BZ#858976)

All Wireshark users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements. All running instances of Wireshark must be restarted for the update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

659661 - dftest and randpkt does not have a man page 711024 - Rebase wireshark to latest upstream stable release 715560 - Defects revealed by Coverity scan 750712 - NFS4.1: parse RECLAIM_COMPLETE opcode 824411 - CVE-2012-2392 wireshark: Infinite and large loops in ANSI MAP, ASF, IEEE 802.11, IEEE 802.3, and LTP dissectors (wnpa-sec-2012-08) 832021 - Frame arrival times (pcap) are 1 hour more than timestamps in txt 836960 - CVE-2012-3825 wireshark: Integer overflows in BACapp and Bluetooth HCI dissectors, leading to DoS (wnpa-sec-2012-08) 848541 - CVE-2012-4285 wireshark: crash due to zero division in DCP ETSI dissector (wnpa-sec-2012-13) 848548 - CVE-2012-4288 wireshark: DoS via excessive resource consumption in XTP dissector (wnpa-sec-2012-15) 848561 - CVE-2012-4289 wireshark: DoS via excessive CPU consumption in AFP dissector (wnpa-sec-2012-17) 848572 - CVE-2012-4291 wireshark: DoS via excessive system resource consumption in CIP dissector (wnpa-sec-2012-20) 848575 - CVE-2012-4292 wireshark: crash in STUN dissector (wnpa-sec-2012-21) 848578 - CVE-2012-4290 wireshark: DoS via excessive CPU consumption in CTDB dissector (wnpa-sec-2012-23) 881742 - CVE-2012-5600 CVE-2012-6062 wireshark: DoS (infinite loop) in the RTCP dissector (wnpa-sec-2012-38) 881748 - CVE-2012-5599 CVE-2012-6061 wireshark: DoS (infinite loop) in the WTP dissector (wnpa-sec-2012-37) 881771 - CVE-2012-5598 CVE-2012-6060 wireshark: DoS (infinite loop) in the iSCSI dissector (wnpa-sec-2012-36) 881790 - CVE-2012-5597 CVE-2012-6059 wireshark: DoS (crash) in the ISAKMP dissector (wnpa-sec-2012-35) 881809 - CVE-2012-5595 CVE-2012-6056 wireshark: DoS (infinite loop) in the SCTP dissector (wnpa-sec-2012-33) 889346 - The NFSv4.1dissectors need to updated to the latest upstream release 965190 - CVE-2013-3559 wireshark: DoS (crash) in the DCP ETSI dissector (wnpa-sec-2013-27, upstream #8231, #8540, #8541) 965193 - CVE-2013-3557 wireshark: DoS (crash) in the ASN.1 BER dissector (wnpa-sec-2013-25, upstream #8599) 966331 - CVE-2013-3561 wireshark: Multiple Denial of Service flaws 972686 - CVE-2013-4081 wireshark: DoS (infinite loop) in the HTTP dissector (wnpa-sec-2013-39) 972688 - CVE-2013-4083 wireshark: Invalid free in the DCP ETSI dissector (wnpa-sec-2013-41) 990166 - CVE-2013-4927 wireshark: Integer signedness error in the Bluetooth SDP dissector (wnpa-sec-2013-45) 990170 - CVE-2013-4931 wireshark: DoS (infinite loop) in the GSM RR dissector (wnpa-sec-2013-49) 990172 - CVE-2013-4932 wireshark: Multiple array index errors in the GSM A Common dissector (wnpa-sec-2013-50) 990175 - CVE-2013-4933 wireshark: DoS (application crash) in the Netmon file parser (wnpa-sec-2013-51) 990178 - CVE-2013-4934 wireshark: DoS (application crash) in the Netmon file parser (wnpa-sec-2013-51) (A different flaw than CVE-2013-4933) 990179 - CVE-2013-4935 wireshark: DoS (application crash) in the ASN.1 PER dissector (wnpa-sec-2013-52) 990180 - CVE-2013-4936 wireshark: DoS (NULL pointer dereference, crash) in the PROFINET Real-Time dissector (wnpa-sec-2013-53) 1007197 - CVE-2013-5721 wireshark: MQ dissector crash (wnpa-sec-2013-58, upstream bug 9079)

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2013-1569.html

CWE : Common Weakness Enumeration

% Id Name
40 % CWE-189 Numeric Errors (CWE/SANS Top 25)
24 % CWE-20 Improper Input Validation
20 % CWE-399 Resource Management Errors
16 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:14963
 
Oval ID: oval:org.mitre.oval:def:14963
Title: epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a large number of ACL entries
Description: epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a large number of ACL entries.
Family: windows Class: vulnerability
Reference(s): CVE-2012-4289
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15158
 
Oval ID: oval:org.mitre.oval:def:15158
Title: The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library
Description: The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
Family: windows Class: vulnerability
Reference(s): CVE-2012-4292
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15239
 
Oval ID: oval:org.mitre.oval:def:15239
Title: The dissect_isakmp function in epan/dissectors/packet-isakmp.c in the ISAKMP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data structure to determine IKEv2 decryption parameters
Description: The dissect_isakmp function in epan/dissectors/packet-isakmp.c in the ISAKMP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data structure to determine IKEv2 decryption parameters, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
Family: windows Class: vulnerability
Reference(s): CVE-2012-6059
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15253
 
Oval ID: oval:org.mitre.oval:def:15253
Title: The dissect_wtp_common function in epan/dissectors/packet-wtp.c in the WTP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data type for a certain length field
Description: The dissect_wtp_common function in epan/dissectors/packet-wtp.c in the WTP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data type for a certain length field, which allows remote attackers to cause a denial of service (integer overflow and infinite loop) via a crafted value in a packet.
Family: windows Class: vulnerability
Reference(s): CVE-2012-6061
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15478
 
Oval ID: oval:org.mitre.oval:def:15478
Title: Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 via vectors related to the (1) BACapp and (2) Bluetooth HCI dissectors
Description: Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) BACapp and (2) Bluetooth HCI dissectors, a different vulnerability than CVE-2012-2392.
Family: windows Class: vulnerability
Reference(s): CVE-2012-3825
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15604
 
Oval ID: oval:org.mitre.oval:def:15604
Title: Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) ANSI MAP, (2) ASF, (3) IEEE 802.11, (4) IEEE 802.3, and (5) LTP dissectors
Description: Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) ANSI MAP, (2) ASF, (3) IEEE 802.11, (4) IEEE 802.3, and (5) LTP dissectors.
Family: windows Class: vulnerability
Reference(s): CVE-2012-2392
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15619
 
Oval ID: oval:org.mitre.oval:def:15619
Title: The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a malformed packet
Description: The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a malformed packet.
Family: windows Class: vulnerability
Reference(s): CVE-2012-4290
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15712
 
Oval ID: oval:org.mitre.oval:def:15712
Title: The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a zero-length message
Description: The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a zero-length message.
Family: windows Class: vulnerability
Reference(s): CVE-2012-4285
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15789
 
Oval ID: oval:org.mitre.oval:def:15789
Title: Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop or application crash) via a large value for a span length
Description: Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop or application crash) via a large value for a span length.
Family: windows Class: vulnerability
Reference(s): CVE-2012-4288
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15813
 
Oval ID: oval:org.mitre.oval:def:15813
Title: The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet
Description: The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.
Family: windows Class: vulnerability
Reference(s): CVE-2012-4291
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15894
 
Oval ID: oval:org.mitre.oval:def:15894
Title: The dissect_rtcp_app function in epan/dissectors/packet-rtcp.c in the RTCP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet
Description: The dissect_rtcp_app function in epan/dissectors/packet-rtcp.c in the RTCP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
Family: windows Class: vulnerability
Reference(s): CVE-2012-6062
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16038
 
Oval ID: oval:org.mitre.oval:def:16038
Title: Integer overflow in the dissect_iscsi_pdu function in epan/dissectors/packet-iscsi.c in the iSCSI dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4
Description: Integer overflow in the dissect_iscsi_pdu function in epan/dissectors/packet-iscsi.c in the iSCSI dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
Family: windows Class: vulnerability
Reference(s): CVE-2012-6060
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16139
 
Oval ID: oval:org.mitre.oval:def:16139
Title: Integer overflow in the dissect_sack_chunk function in epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.8.x before 1.8.4
Description: Integer overflow in the dissect_sack_chunk function in epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted Duplicate TSN count.
Family: windows Class: vulnerability
Reference(s): CVE-2012-6056
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16228
 
Oval ID: oval:org.mitre.oval:def:16228
Title: epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types
Description: epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet.
Family: windows Class: vulnerability
Reference(s): CVE-2013-3559
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16375
 
Oval ID: oval:org.mitre.oval:def:16375
Title: The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet
Description: The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Family: windows Class: vulnerability
Reference(s): CVE-2013-4083
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16521
 
Oval ID: oval:org.mitre.oval:def:16521
Title: The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable
Description: The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
Family: windows Class: vulnerability
Reference(s): CVE-2013-3557
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16755
 
Oval ID: oval:org.mitre.oval:def:16755
Title: Multiple integer overflows in Wireshark 1.8.x before 1.8.7
Description: Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.
Family: windows Class: vulnerability
Reference(s): CVE-2013-3561
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16820
 
Oval ID: oval:org.mitre.oval:def:16820
Title: The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet
Description: The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet.
Family: windows Class: vulnerability
Reference(s): CVE-2013-4081
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16971
 
Oval ID: oval:org.mitre.oval:def:16971
Title: The dissect_smtp function in epan/dissectors/packet-smtp.c in the PROFINET Real-Time dissector in Wireshark 1.10.x before 1.10.1 does not initialize certain structure members
Description: The IsDFP_Frame function in plugins/profinet/packet-pn-rt.c in the PROFINET Real-Time dissector in Wireshark 1.10.x before 1.10.1 does not validate MAC addresses, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
Family: windows Class: vulnerability
Reference(s): CVE-2013-4936
Version: 4
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17260
 
Oval ID: oval:org.mitre.oval:def:17260
Title: Multiple array index errors in epan/dissectors/packet-gsm_a_common.c in the GSM A Common dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1
Description: Multiple array index errors in epan/dissectors/packet-gsm_a_common.c in the GSM A Common dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allow remote attackers to cause a denial of service (application crash) via a crafted packet.
Family: windows Class: vulnerability
Reference(s): CVE-2013-4932
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17325
 
Oval ID: oval:org.mitre.oval:def:17325
Title: epan/proto.c in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop) via a crafted packet that is not properly handled by the GSM RR dissector
Description: epan/proto.c in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop) via a crafted packet that is not properly handled by the GSM RR dissector.
Family: windows Class: vulnerability
Reference(s): CVE-2013-4931
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17412
 
Oval ID: oval:org.mitre.oval:def:17412
Title: The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory
Description: The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file.
Family: windows Class: vulnerability
Reference(s): CVE-2013-4933
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17417
 
Oval ID: oval:org.mitre.oval:def:17417
Title: The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations
Description: The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Family: windows Class: vulnerability
Reference(s): CVE-2013-4935
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17584
 
Oval ID: oval:org.mitre.oval:def:17584
Title: The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members
Description: The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file.
Family: windows Class: vulnerability
Reference(s): CVE-2013-4934
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17636
 
Oval ID: oval:org.mitre.oval:def:17636
Title: Integer signedness error in the get_type_length function in epan/dissectors/packet-btsdp.c in the Bluetooth SDP dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1
Description: Integer signedness error in the get_type_length function in epan/dissectors/packet-btsdp.c in the Bluetooth SDP dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet.
Family: windows Class: vulnerability
Reference(s): CVE-2013-4927
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18499
 
Oval ID: oval:org.mitre.oval:def:18499
Title: DSA-2709-1 wireshark - several
Description: Multiple vulnerabilities were discovered in the dissectors for CAPWAP, GMR-1 BCCH, PPP, NBAP, RDP, HTTP, DCP ETSI and in the Ixia IxVeriWave file parser, which could result in denial of service or the execution of arbitrary code.
Family: unix Class: patch
Reference(s): DSA-2709-1
CVE-2013-4074
CVE-2013-4075
CVE-2013-4076
CVE-2013-4077
CVE-2013-4078
CVE-2013-4081
CVE-2013-4082
CVE-2013-4083
Version: 8
Platform(s): Debian GNU/Linux 7
Debian GNU/kFreeBSD 7
Product(s): wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18518
 
Oval ID: oval:org.mitre.oval:def:18518
Title: The dissect_mq_rr function in epan/dissectors/packet-mq.c in the MQ dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not properly determine when to enter a certain loop
Description: The dissect_mq_rr function in epan/dissectors/packet-mq.c in the MQ dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not properly determine when to enter a certain loop, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5721
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18881
 
Oval ID: oval:org.mitre.oval:def:18881
Title: DSA-2734-1 wireshark - several
Description: Multiple vulnerabilities were discovered in the dissectors for DVB-CI, GSM A Common and ASN.1 PER and in the Netmon file parser.
Family: unix Class: patch
Reference(s): DSA-2734-1
CVE-2013-4930
CVE-2013-4932
CVE-2013-4933
CVE-2013-4934
CVE-2013-4935
Version: 8
Platform(s): Debian GNU/Linux 6.0
Debian GNU/Linux 7
Debian GNU/kFreeBSD 6.0
Debian GNU/kFreeBSD 7
Product(s): wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20890
 
Oval ID: oval:org.mitre.oval:def:20890
Title: RHSA-2013:0125: wireshark security, bug fix, and enhancement update (Moderate)
Description: The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.
Family: unix Class: patch
Reference(s): RHSA-2013:0125-00
CESA-2013:0125
CVE-2011-1958
CVE-2011-1959
CVE-2011-2175
CVE-2011-2698
CVE-2011-4102
CVE-2012-0041
CVE-2012-0042
CVE-2012-0066
CVE-2012-0067
CVE-2012-4285
CVE-2012-4289
CVE-2012-4290
CVE-2012-4291
Version: 185
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23298
 
Oval ID: oval:org.mitre.oval:def:23298
Title: ELSA-2013:0125: wireshark security, bug fix, and enhancement update (Moderate)
Description: The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.
Family: unix Class: patch
Reference(s): ELSA-2013:0125-00
CVE-2011-1958
CVE-2011-1959
CVE-2011-2175
CVE-2011-2698
CVE-2011-4102
CVE-2012-0041
CVE-2012-0042
CVE-2012-0066
CVE-2012-0067
CVE-2012-4285
CVE-2012-4289
CVE-2012-4290
CVE-2012-4291
Version: 57
Platform(s): Oracle Linux 5
Product(s): wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26946
 
Oval ID: oval:org.mitre.oval:def:26946
Title: RHSA-2013:1569 -- wireshark security, bug fix, and enhancement update (Moderate)
Description: Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2013-3559, CVE-2013-4083) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2012-2392, CVE-2012-3825, CVE-2012-4285, CVE-2012-4288, CVE-2012-4289, CVE-2012-4290, CVE-2012-4291, CVE-2012-4292, CVE-2012-5595, CVE-2012-5597, CVE-2012-5598, CVE-2012-5599, CVE-2012-5600, CVE-2012-6056, CVE-2012-6059, CVE-2012-6060, CVE-2012-6061, CVE-2012-6062, CVE-2013-3557, CVE-2013-3561, CVE-2013-4081, CVE-2013-4927, CVE-2013-4931, CVE-2013-4932, CVE-2013-4933, CVE-2013-4934, CVE-2013-4935, CVE-2013-4936, CVE-2013-5721) The wireshark packages have been upgraded to upstream version 1.8.10, which provides a number of bug fixes and enhancements over the previous versions. For more information on the bugs fixed, enhancements included, and supported protocols introduced, refer to the Wireshark Release Notes, linked to in the References. (BZ#711024) This update also fixes the following bugs: * Previously, Wireshark did not parse the RECLAIM-COMPLETE opcode when inspecting traffic generated by NFSv4.1. A patch has been provided to enable the parsing of the RECLAIM_COMPLETE opcode, and Wireshark is now able to properly dissect and handle NFSv4.1 traffic. (BZ#750712) * Prior to this update, frame arrival times in a text file were reported one hour ahead from the timestamps in the packet capture file. This resulted in various failures being reported by the dfilter-test.py test suite. To fix this bug, frame arrival timestamps have been shifted by one hour, thus fixing this bug. (BZ#832021) * The "tshark -D" command returned output to STDERR instead of STDOUT, which could break scripts that are parsing the "tshark -D" output. This bug has been fixed, and the "tshark -D" command now writes output data to a correct standard stream. (BZ#1004636) * Due to an array overrun, Wireshark could experience undefined program behavior or could unexpectedly terminate. With this update, proper array handling ensures Wireshark no longer crashes in the described scenario. (BZ#715560) * Previously, the dftest and randpkt command line utilities lacked manual pages. This update adds proper manual pages for both utilities. (BZ#659661) In addition, this update adds the following enhancements: * With this update, Wireshark is able to properly dissect and handle InfiniBand and GlusterFS traffic. (BZ#699636, BZ#858976) All Wireshark users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements. All running instances of Wireshark must be restarted for the update to take effect.
Family: unix Class: patch
Reference(s): RHSA-2013:1569
CESA-2013:1569
CVE-2012-2392
CVE-2012-3825
CVE-2012-4285
CVE-2012-4288
CVE-2012-4289
CVE-2012-4290
CVE-2012-4291
CVE-2012-4292
CVE-2012-5595
CVE-2012-5597
CVE-2012-5598
CVE-2012-5599
CVE-2012-5600
CVE-2012-6056
CVE-2012-6059
CVE-2012-6060
CVE-2012-6061
CVE-2012-6062
CVE-2013-3557
CVE-2013-3559
CVE-2013-3561
CVE-2013-4081
CVE-2013-4083
CVE-2013-4927
CVE-2013-4931
CVE-2013-4932
CVE-2013-4933
CVE-2013-4934
CVE-2013-4935
CVE-2013-4936
CVE-2013-5721
Version: 3
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27258
 
Oval ID: oval:org.mitre.oval:def:27258
Title: ELSA-2013-1569 -- wireshark security, bug fix, and enhancement update (moderate)
Description: [1.8.10-4.0.1.el6] - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect
Family: unix Class: patch
Reference(s): ELSA-2013-1569
CVE-2012-4285
CVE-2012-4289
CVE-2012-4290
CVE-2012-4291
CVE-2012-2392
CVE-2012-3825
CVE-2012-4288
CVE-2012-4292
CVE-2012-5595
CVE-2012-5597
CVE-2012-5598
CVE-2012-5599
CVE-2012-5600
CVE-2012-6056
CVE-2012-6059
CVE-2012-6060
CVE-2012-6061
CVE-2012-6062
CVE-2013-3557
CVE-2013-3559
CVE-2013-3561
CVE-2013-4081
CVE-2013-4083
CVE-2013-4927
CVE-2013-4931
CVE-2013-4932
CVE-2013-4933
CVE-2013-4934
CVE-2013-4935
CVE-2013-4936
CVE-2013-5721
Version: 3
Platform(s): Oracle Linux 6
Product(s): wireshark
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27311
 
Oval ID: oval:org.mitre.oval:def:27311
Title: DEPRECATED: ELSA-2013-0125 -- wireshark security, bug fix, and enhancement update (moderate)
Description: [1.0.15-5.0.1.el5] - Added oracle-ocfs2-network.patch - increase max packet size to 65536 (Herbert van den Bergh) [orabug 13542633] [1.0.15-5] - fixed CVE-2012-4285, CVE-2012-4289, CVE-2012-4291 and CVE-2012-4290 (#849521)
Family: unix Class: patch
Reference(s): ELSA-2013-0125
CVE-2011-1958
CVE-2011-1959
CVE-2011-2175
CVE-2011-2698
CVE-2011-4102
CVE-2012-0041
CVE-2012-0042
CVE-2012-0066
CVE-2012-0067
CVE-2012-4285
CVE-2012-4289
CVE-2012-4290
CVE-2012-4291
Version: 4
Platform(s): Oracle Linux 5
Product(s): wireshark
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 43
Os 2
Os 4
Os 1
Os 1

OpenVAS Exploits

Date Description
2012-12-28 Name : Wireshark Multiple Vulnerabilities-01 Dec 2012 (Mac OS X)
File : nvt/gb_wireshark_mult_vuln01_dec12_macosx.nasl
2012-12-10 Name : Wireshark Multiple Dissector Multiple Vulnerabilities - Dec12 (Mac OS X)
File : nvt/gb_wireshark_mult_vuln_dec12_macosx.nasl
2012-12-10 Name : Wireshark Multiple Dissector Multiple Vulnerabilities - Dec12 (Windows)
File : nvt/gb_wireshark_mult_vuln_dec12_win.nasl
2012-12-07 Name : Wireshark Multiple Dissector Multiple DoS Vulnerabilities - Dec12 (Mac OS X)
File : nvt/gb_wireshark_mult_dos_vuln_dec12_macosx.nasl
2012-12-07 Name : Wireshark Multiple Dissector Multiple DoS Vulnerabilities - Dec12 (Windows)
File : nvt/gb_wireshark_mult_dos_vuln_dec12_win.nasl
2012-08-30 Name : FreeBSD Ports: wireshark
File : nvt/freebsd_wireshark7.nasl
2012-08-30 Name : Fedora Update for wireshark FEDORA-2012-12085
File : nvt/gb_fedora_2012_12085_wireshark_fc16.nasl
2012-08-30 Name : Fedora Update for wireshark FEDORA-2012-12091
File : nvt/gb_fedora_2012_12091_wireshark_fc17.nasl
2012-08-21 Name : Wireshark Multiple Vulnerabilities - August 2012 (Windows)
File : nvt/gb_wireshark_mult_vuln_aug12_win.nasl
2012-08-17 Name : Mandriva Update for wireshark MDVSA-2012:134 (wireshark)
File : nvt/gb_mandriva_MDVSA_2012_134.nasl
2012-08-03 Name : Mandriva Update for wireshark MDVSA-2012:015 (wireshark)
File : nvt/gb_mandriva_MDVSA_2012_015.nasl
2012-08-03 Name : Mandriva Update for wireshark MDVSA-2012:042 (wireshark)
File : nvt/gb_mandriva_MDVSA_2012_042.nasl
2012-08-03 Name : Mandriva Update for wireshark MDVSA-2012:080 (wireshark)
File : nvt/gb_mandriva_MDVSA_2012_080.nasl
2012-07-16 Name : Fedora Update for wireshark FEDORA-2012-10175
File : nvt/gb_fedora_2012_10175_wireshark_fc16.nasl
2012-07-05 Name : Wireshark Multiple Denial of Service Vulnerabilities - July 12 (Mac OS X)
File : nvt/gb_wireshark_mult_dos_vuln_macosx_jul12.nasl
2012-07-05 Name : Wireshark Multiple Denial of Service Vulnerabilities - July 12 (Windows)
File : nvt/gb_wireshark_mult_dos_vuln_win_jul12.nasl

Information Assurance Vulnerability Management (IAVM)

Date Description
2013-09-19 IAVM : 2013-B-0105 - Multiple Vulnerabilities in Wireshark
Severity : Category I - VMSKEY : V0040375

Nessus® Vulnerability Scanner

Date Description
2016-06-01 Name : The remote Debian host is missing a security update.
File : debian_DLA-497.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2013-1276-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2013-0238-1.nasl - Type : ACT_GATHER_INFO
2015-01-19 Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_wireshark_20121120.nasl - Type : ACT_GATHER_INFO
2015-01-19 Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_wireshark_20131210.nasl - Type : ACT_GATHER_INFO
2015-01-19 Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_wireshark_20130924_2.nasl - Type : ACT_GATHER_INFO
2015-01-19 Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_wireshark_20130924.nasl - Type : ACT_GATHER_INFO
2015-01-19 Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_wireshark_20130521.nasl - Type : ACT_GATHER_INFO
2014-11-28 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15868.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1569.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-540.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-844.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-536.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-626.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-714.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-526.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-297.nasl - Type : ACT_GATHER_INFO
2014-04-01 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0341.nasl - Type : ACT_GATHER_INFO
2014-04-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140331_wireshark_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-04-01 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0341.nasl - Type : ACT_GATHER_INFO
2014-04-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0341.nasl - Type : ACT_GATHER_INFO
2013-12-20 Name : The remote Fedora host is missing a security update.
File : fedora_2013-17635.nasl - Type : ACT_GATHER_INFO
2013-12-17 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201312-13.nasl - Type : ACT_GATHER_INFO
2013-12-10 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2013-251.nasl - Type : ACT_GATHER_INFO
2013-12-10 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20131121_wireshark_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-11-27 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1569.nasl - Type : ACT_GATHER_INFO
2013-11-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1569.nasl - Type : ACT_GATHER_INFO
2013-10-03 Name : The remote Fedora host is missing a security update.
File : fedora_2013-17627.nasl - Type : ACT_GATHER_INFO
2013-09-28 Name : The remote Fedora host is missing a security update.
File : fedora_2013-17661.nasl - Type : ACT_GATHER_INFO
2013-09-20 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-238.nasl - Type : ACT_GATHER_INFO
2013-09-17 Name : The remote Fedora host is missing a security update.
File : fedora_2013-16696.nasl - Type : ACT_GATHER_INFO
2013-09-14 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_wireshark-130812.nasl - Type : ACT_GATHER_INFO
2013-09-14 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_wireshark-130814.nasl - Type : ACT_GATHER_INFO
2013-09-13 Name : The remote Windows host contains an application that is affected by multiple ...
File : wireshark_1_8_10.nasl - Type : ACT_GATHER_INFO
2013-09-13 Name : The remote Windows host contains an application that is affected by multiple ...
File : wireshark_1_10_2.nasl - Type : ACT_GATHER_INFO
2013-09-12 Name : The remote Fedora host is missing a security update.
File : fedora_2013-16362.nasl - Type : ACT_GATHER_INFO
2013-08-29 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201308-05.nasl - Type : ACT_GATHER_INFO
2013-08-07 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2734.nasl - Type : ACT_GATHER_INFO
2013-07-31 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-204.nasl - Type : ACT_GATHER_INFO
2013-07-31 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_wireshark-8659.nasl - Type : ACT_GATHER_INFO
2013-07-29 Name : The remote Windows host contains an application that is affected by multiple ...
File : wireshark_1_8_9.nasl - Type : ACT_GATHER_INFO
2013-07-29 Name : The remote Windows host contains an application that is affected by multiple ...
File : wireshark_1_10_1.nasl - Type : ACT_GATHER_INFO
2013-07-28 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_wireshark-130711.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-0125.nasl - Type : ACT_GATHER_INFO
2013-06-18 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2709.nasl - Type : ACT_GATHER_INFO
2013-06-14 Name : The remote Windows host contains an application that is affected by multiple ...
File : wireshark_1_6_16.nasl - Type : ACT_GATHER_INFO
2013-06-14 Name : The remote Windows host contains an application that is affected by multiple ...
File : wireshark_1_8_8.nasl - Type : ACT_GATHER_INFO
2013-06-13 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-172.nasl - Type : ACT_GATHER_INFO
2013-06-03 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2700.nasl - Type : ACT_GATHER_INFO
2013-05-22 Name : The remote Windows host contains an application that is affected by a denial ...
File : wireshark_1_6_15.nasl - Type : ACT_GATHER_INFO
2013-05-22 Name : The remote Windows host contains an application that is affected by multiple ...
File : wireshark_1_8_7.nasl - Type : ACT_GATHER_INFO
2013-04-29 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_wireshark-8500.nasl - Type : ACT_GATHER_INFO
2013-04-20 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-055.nasl - Type : ACT_GATHER_INFO
2013-03-13 Name : The remote Windows host contains an application that is affected by multiple ...
File : wireshark_1_6_14.nasl - Type : ACT_GATHER_INFO
2013-02-05 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_wireshark-130116.nasl - Type : ACT_GATHER_INFO
2013-01-25 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_wireshark-120831.nasl - Type : ACT_GATHER_INFO
2013-01-17 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-0125.nasl - Type : ACT_GATHER_INFO
2013-01-17 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130108_wireshark_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-01-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0125.nasl - Type : ACT_GATHER_INFO
2012-11-29 Name : The remote Windows host contains an application that is affected by multiple ...
File : wireshark_1_6_12.nasl - Type : ACT_GATHER_INFO
2012-11-29 Name : The remote Windows host contains an application that is affected by multiple ...
File : wireshark_1_8_4.nasl - Type : ACT_GATHER_INFO
2012-09-14 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_wireshark-8267.nasl - Type : ACT_GATHER_INFO
2012-09-06 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2012-080.nasl - Type : ACT_GATHER_INFO
2012-09-06 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2012-015.nasl - Type : ACT_GATHER_INFO
2012-09-06 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2012-134.nasl - Type : ACT_GATHER_INFO
2012-08-28 Name : The remote Fedora host is missing a security update.
File : fedora_2012-12091.nasl - Type : ACT_GATHER_INFO
2012-08-28 Name : The remote Fedora host is missing a security update.
File : fedora_2012-12085.nasl - Type : ACT_GATHER_INFO
2012-08-20 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_4cdfe875e8d611e1bea0002354ed89bc.nasl - Type : ACT_GATHER_INFO
2012-08-17 Name : The remote Windows host contains an application that is affected by multiple ...
File : wireshark_1_8_2.nasl - Type : ACT_GATHER_INFO
2012-08-17 Name : The remote Windows host contains an application that is affected by multiple ...
File : wireshark_1_4_15.nasl - Type : ACT_GATHER_INFO
2012-08-17 Name : The remote Windows host contains an application that is affected by multiple ...
File : wireshark_1_6_10.nasl - Type : ACT_GATHER_INFO
2012-07-11 Name : The remote Fedora host is missing a security update.
File : fedora_2012-10175.nasl - Type : ACT_GATHER_INFO
2012-05-23 Name : The remote Windows host contains an application that is affected by multiple ...
File : wireshark_1_6_8.nasl - Type : ACT_GATHER_INFO
2012-05-23 Name : The remote Windows host contains an application that is affected by multiple ...
File : wireshark_1_4_13.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2014-11-13 13:27:20
  • Multiple Updates
2014-02-17 11:57:36
  • Multiple Updates
2013-11-21 09:18:21
  • First insertion