ID ASA-201411-23 Type archlinux Reporter Arch Linux Modified 2014-11-20T00:00:00
Description
CVE-2014-8710 (out-of-bounds read)
Out-of-bounds read flaw in the SigComp dissector (sigcomp-udvm) leads to
denial of service while processing malformed packets.
CVE-2014-8711 (out-of-bounds read)
The AMQP dissector is seeing a large value in the capture file for what
it thinks should be a field specifying the number of elements in an
array, resulting in undetected overflow (wrapping).
CVE-2014-8712 (stack buffer overflow)
An issue in the NCP dissector while constructing strings may lead to
incorrect data length, resulting in stack buffer overflow and denial of
service.
CVE-2014-8713 (denial of service)
An issue in the NCP dissector may lead to denial of service while
accessing an uninitialized buffer.
CVE-2014-8714 (denial of service)
A missing exit when the offset is not incremented in the tn5250
dissector is leading to an endless loop, resulting in denial of service.
{"id": "ASA-201411-23", "type": "archlinux", "bulletinFamily": "unix", "title": "wireshark-gtk: denial of service", "description": "- CVE-2014-8710 (out-of-bounds read)\nOut-of-bounds read flaw in the SigComp dissector (sigcomp-udvm) leads to\ndenial of service while processing malformed packets.\n\n- CVE-2014-8711 (out-of-bounds read)\nThe AMQP dissector is seeing a large value in the capture file for what\nit thinks should be a field specifying the number of elements in an\narray, resulting in undetected overflow (wrapping).\n\n- CVE-2014-8712 (stack buffer overflow)\nAn issue in the NCP dissector while constructing strings may lead to\nincorrect data length, resulting in stack buffer overflow and denial of\nservice.\n\n- CVE-2014-8713 (denial of service)\nAn issue in the NCP dissector may lead to denial of service while\naccessing an uninitialized buffer.\n\n- CVE-2014-8714 (denial of service)\nA missing exit when the offset is not incremented in the tn5250\ndissector is leading to an endless loop, resulting in denial of service.", "published": "2014-11-20T00:00:00", "modified": "2014-11-20T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html", "reporter": "Arch Linux", "references": ["https://access.redhat.com/security/cve/CVE-2014-8711", "https://access.redhat.com/security/cve/CVE-2014-8710", "https://access.redhat.com/security/cve/CVE-2014-8712", "https://www.wireshark.org/security/wnpa-sec-2014-21.html", "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10662", "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10628", "https://www.wireshark.org/security/wnpa-sec-2014-22.html", "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10596", "https://www.wireshark.org/lists/wireshark-users/201411/msg00004.html", "https://www.wireshark.org/security/wnpa-sec-2014-20.html", "https://access.redhat.com/security/cve/CVE-2014-8713", "https://www.wireshark.org/security/wnpa-sec-2014-23.html", "https://access.redhat.com/security/cve/CVE-2014-8714", "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10552", "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10582"], "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2014-8713", "CVE-2014-8711"], "lastseen": "2016-09-02T18:44:47", "viewCount": 8, "enchantments": {"score": {"value": 5.6, "vector": "NONE", "modified": "2016-09-02T18:44:47", "rev": 2}, "dependencies": {"references": [{"type": "archlinux", "idList": ["ASA-201411-22", "ASA-201411-24"]}, {"type": "nessus", "idList": ["FEDORA_2014-15244.NASL", "FEDORA_2014-15320.NASL", "OPENSUSE-2014-717.NASL", "MANDRIVA_MDVSA-2014-223.NASL", "ORACLELINUX_ELSA-2015-1460.NASL", "CENTOS_RHSA-2015-1460.NASL", "WIRESHARK_1_12_2.NASL", "SUSE_11_WIRESHARK-141114.NASL", "DEBIAN_DSA-3076.NASL", "WIRESHARK_1_10_11.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:703076", "OPENVAS:1361412562310868544", "OPENVAS:1361412562310804895", "OPENVAS:1361412562310703076", "OPENVAS:1361412562310868773", "OPENVAS:1361412562310804896", "OPENVAS:1361412562310123057", "OPENVAS:1361412562310871408", "OPENVAS:1361412562310120505", "OPENVAS:1361412562310871496"]}, {"type": "debian", "idList": ["DEBIAN:DLA-198-1:FF28E", "DEBIAN:DSA-3076-1:E4A8F"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14095", "SECURITYVULNS:DOC:31380"]}, {"type": "cve", "idList": ["CVE-2014-8714", "CVE-2014-8712", "CVE-2014-8711", "CVE-2014-8710", "CVE-2014-8713"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-2393", "ELSA-2015-1460"]}, {"type": "centos", "idList": ["CESA-2015:2393", "CESA-2015:1460"]}, {"type": "redhat", "idList": ["RHSA-2015:1460", "RHSA-2015:2393"]}, {"type": "amazon", "idList": ["ALAS-2015-580"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2017-3236626"]}], "modified": "2016-09-02T18:44:47", "rev": 2}, "vulnersScore": 5.6}, "affectedPackage": [{"OS": "any", "OSVersion": "any", "packageVersion": "1.12.2-1", "packageFilename": "UNKNOWN", "packageName": "wireshark-gtk", "arch": "any", "operator": "lt"}]}
{"openvas": [{"lastseen": "2019-05-29T18:37:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2014-8713", "CVE-2014-8711"], "description": "Check the version of wireshark", "modified": "2019-03-15T00:00:00", "published": "2014-12-05T00:00:00", "id": "OPENVAS:1361412562310868544", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868544", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2014-15244", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2014-15244\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868544\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-12-05 05:19:09 +0100 (Fri, 05 Dec 2014)\");\n script_cve_id(\"CVE-2014-8711\", \"CVE-2014-8712\", \"CVE-2014-8713\", \"CVE-2014-8714\", \"CVE-2014-8710\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for wireshark FEDORA-2014-15244\");\n script_tag(name:\"summary\", value:\"Check the version of wireshark\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"wireshark on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2014-15244\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-December/145174.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.10.11~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2014-8713", "CVE-2014-8711"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-01-05T00:00:00", "id": "OPENVAS:1361412562310868773", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868773", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2014-15320", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2014-15320\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868773\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-05 14:50:55 +0100 (Mon, 05 Jan 2015)\");\n script_cve_id(\"CVE-2014-8711\", \"CVE-2014-8712\", \"CVE-2014-8713\", \"CVE-2014-8714\",\n \"CVE-2014-8710\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for wireshark FEDORA-2014-15320\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"wireshark on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2014-15320\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-December/145658.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.12.2~1.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2014-8713", "CVE-2014-8711"], "description": "Multiple vulnerabilities were discovered in the dissectors/parsers for\nSigComp UDVM, AMQP, NCP and TN5250, which could result in denial of\nservice.", "modified": "2019-03-19T00:00:00", "published": "2014-11-25T00:00:00", "id": "OPENVAS:1361412562310703076", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703076", "type": "openvas", "title": "Debian Security Advisory DSA 3076-1 (wireshark - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3076.nasl 14302 2019-03-19 08:28:48Z cfischer $\n# Auto-generated from advisory DSA 3076-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703076\");\n script_version(\"$Revision: 14302 $\");\n script_cve_id(\"CVE-2014-8710\", \"CVE-2014-8711\", \"CVE-2014-8712\", \"CVE-2014-8713\", \"CVE-2014-8714\");\n script_name(\"Debian Security Advisory DSA 3076-1 (wireshark - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 09:28:48 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-25 00:00:00 +0100 (Tue, 25 Nov 2014)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2014/dsa-3076.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"wireshark on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy), these problems have been fixed in\nversion 1.8.2-5wheezy13.\n\nFor the upcoming stable distribution (jessie), these problems have been\nfixed in version 1.12.1+g01b65bf-2.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.12.1+g01b65bf-2.\n\nWe recommend that you upgrade your wireshark packages.\");\n script_tag(name:\"summary\", value:\"Multiple vulnerabilities were discovered in the dissectors/parsers for\nSigComp UDVM, AMQP, NCP and TN5250, which could result in denial of\nservice.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libwireshark-data\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwireshark-dev\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwireshark2\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwiretap-dev\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwiretap2\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwsutil-dev\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwsutil2\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tshark\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark-dbg\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark-doc\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-08-04T10:49:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2014-8713", "CVE-2014-8711"], "description": "Multiple vulnerabilities were discovered in the dissectors/parsers for\nSigComp UDVM, AMQP, NCP and TN5250, which could result in denial of\nservice.", "modified": "2017-07-20T00:00:00", "published": "2014-11-25T00:00:00", "id": "OPENVAS:703076", "href": "http://plugins.openvas.org/nasl.php?oid=703076", "type": "openvas", "title": "Debian Security Advisory DSA 3076-1 (wireshark - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3076.nasl 6769 2017-07-20 09:56:33Z teissa $\n# Auto-generated from advisory DSA 3076-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703076);\n script_version(\"$Revision: 6769 $\");\n script_cve_id(\"CVE-2014-8710\", \"CVE-2014-8711\", \"CVE-2014-8712\", \"CVE-2014-8713\", \"CVE-2014-8714\");\n script_name(\"Debian Security Advisory DSA 3076-1 (wireshark - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-20 11:56:33 +0200 (Thu, 20 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2014-11-25 00:00:00 +0100 (Tue, 25 Nov 2014)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-3076.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"wireshark on Debian Linux\");\n script_tag(name: \"insight\", value: \"Wireshark is a network 'sniffer' - a tool that captures and analyzes\npackets off the wire. Wireshark can decode too many protocols to list\nhere.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (wheezy), these problems have been fixed in\nversion 1.8.2-5wheezy13.\n\nFor the upcoming stable distribution (jessie), these problems have been\nfixed in version 1.12.1+g01b65bf-2.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.12.1+g01b65bf-2.\n\nWe recommend that you upgrade your wireshark packages.\");\n script_tag(name: \"summary\", value: \"Multiple vulnerabilities were discovered in the dissectors/parsers for\nSigComp UDVM, AMQP, NCP and TN5250, which could result in denial of\nservice.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libwireshark-data\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwireshark-dev\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwireshark2\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwiretap-dev\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwiretap2\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwsutil-dev\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwsutil2\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tshark\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-dbg\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-doc\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwireshark-data\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwireshark-dev\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwireshark2\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwiretap-dev\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwiretap2\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwsutil-dev\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwsutil2\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tshark\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-dbg\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-doc\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwireshark-data\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwireshark-dev\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwireshark2\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwiretap-dev\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwiretap2\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwsutil-dev\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwsutil2\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tshark\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-dbg\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-doc\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwireshark-data\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwireshark-dev\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwireshark2\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwiretap-dev\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwiretap2\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwsutil-dev\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwsutil2\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tshark\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-dbg\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-doc\", ver:\"1.8.2-5wheezy13\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8712", "CVE-2014-8714", "CVE-2014-8713", "CVE-2014-8711"], "description": "This host is installed with Wireshark\n and is prone to multiple denial of service vulnerability.", "modified": "2018-10-12T00:00:00", "published": "2014-11-28T00:00:00", "id": "OPENVAS:1361412562310804896", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804896", "type": "openvas", "title": "Wireshark Multiple Denial-of-Service Vulnerability-01 Nov14 (Mac OS X)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_mult_dos_vuln01_nov14_macosx.nasl 11867 2018-10-12 10:48:11Z cfischer $\n#\n# Wireshark Multiple Denial-of-Service Vulnerability-01 Nov14 (Mac OS X)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804896\");\n script_version(\"$Revision: 11867 $\");\n script_cve_id(\"CVE-2014-8714\", \"CVE-2014-8713\", \"CVE-2014-8712\", \"CVE-2014-8711\");\n script_bugtraq_id(71072, 71073, 71071, 71070);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:48:11 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-28 12:00:30 +0530 (Fri, 28 Nov 2014)\");\n script_name(\"Wireshark Multiple Denial-of-Service Vulnerability-01 Nov14 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to multiple denial of service vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - An error within the AMQP dissector.\n\n - Two errors within the NCP dissector.\n\n - An error within the TN5250 dissector.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n attackers to conduct denial of service attack.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 1.10.x\n before 1.10.11 and 1.12.x before 1.12.2 on Mac OS X\");\n\n script_tag(name:\"solution\", value:\"Upgrade to version 1.12.2, 1.10.11 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/62367\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2014-21.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2014-22.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2014-23.html\");\n\n script_category(ACT_GATHER_INFO);\n script_family(\"Denial of Service\");\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_mandatory_keys(\"Wireshark/MacOSX/Version\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!version = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_in_range(version:version, test_version:\"1.10.0\", test_version2:\"1.10.10\") ||\n version_in_range(version:version, test_version:\"1.12.0\", test_version2:\"1.12.1\"))\n{\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8712", "CVE-2014-8714", "CVE-2014-8713", "CVE-2014-8711"], "description": "This host is installed with Wireshark\n and is prone to multiple denial of service vulnerability.", "modified": "2018-10-12T00:00:00", "published": "2014-11-28T00:00:00", "id": "OPENVAS:1361412562310804895", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804895", "type": "openvas", "title": "Wireshark Multiple Denial-of-Service Vulnerability-01 Nov14 (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_mult_dos_vuln01_nov14_win.nasl 11867 2018-10-12 10:48:11Z cfischer $\n#\n# Wireshark Multiple Denial-of-Service Vulnerability-01 Nov14 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804895\");\n script_version(\"$Revision: 11867 $\");\n script_cve_id(\"CVE-2014-8714\", \"CVE-2014-8713\", \"CVE-2014-8712\", \"CVE-2014-8711\");\n script_bugtraq_id(71072, 71073, 71071, 71070);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:48:11 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-28 11:48:46 +0530 (Fri, 28 Nov 2014)\");\n script_name(\"Wireshark Multiple Denial-of-Service Vulnerability-01 Nov14 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to multiple denial of service vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - An error within the AMQP dissector.\n\n - Two errors within the NCP dissector.\n\n - An error within the TN5250 dissector.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n attackers to conduct denial of service attack.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 1.10.x\n before 1.10.11 and 1.12.x before 1.12.2 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to version 1.12.2, 1.10.11 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/62367\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2014-21.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2014-22.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2014-23.html\");\n\n script_category(ACT_GATHER_INFO);\n script_family(\"Denial of Service\");\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!version = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_in_range(version:version, test_version:\"1.10.0\", test_version2:\"1.10.10\") ||\n version_in_range(version:version, test_version:\"1.12.0\", test_version2:\"1.12.1\"))\n{\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-2189", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-0564", "CVE-2014-8711", "CVE-2015-2191"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2015-07-23T00:00:00", "id": "OPENVAS:1361412562310871408", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871408", "type": "openvas", "title": "RedHat Update for wireshark RHSA-2015:1460-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for wireshark RHSA-2015:1460-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871408\");\n script_version(\"$Revision: 12497 $\");\n script_cve_id(\"CVE-2014-8710\", \"CVE-2014-8711\", \"CVE-2014-8712\", \"CVE-2014-8713\",\n \"CVE-2014-8714\", \"CVE-2015-0562\", \"CVE-2015-0564\", \"CVE-2015-2189\",\n \"CVE-2015-2191\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-23 06:26:28 +0200 (Thu, 23 Jul 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for wireshark RHSA-2015:1460-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Wireshark, previously known as Ethereal, is a network protocol analyzer,\nwhich is used to capture and browse the traffic running on a computer\nnetwork.\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malicious dump file. (CVE-2014-8714, CVE-2014-8712, CVE-2014-8713,\nCVE-2014-8711, CVE-2014-8710, CVE-2015-0562, CVE-2015-0564, CVE-2015-2189,\nCVE-2015-2191)\n\nThis update also fixes the following bugs:\n\n * Previously, the Wireshark tool did not support Advanced Encryption\nStandard Galois/Counter Mode (AES-GCM) cryptographic algorithm. As a\nconsequence, AES-GCM was not decrypted. Support for AES-GCM has been added\nto Wireshark, and AES-GCM is now correctly decrypted. (BZ#1095065)\n\n * Previously, when installing the system using the kickstart method, a\ndependency on the shadow-utils packages was missing from the wireshark\npackages, which could cause the installation to fail with a 'bad scriptlet'\nerror message. With this update, shadow-utils are listed as required in the\nwireshark packages spec file, and kickstart installation no longer fails.\n(BZ#1121275)\n\n * Prior to this update, the Wireshark tool could not decode types of\nelliptic curves in Datagram Transport Layer Security (DTLS) Client Hello.\nConsequently, Wireshark incorrectly displayed elliptic curves types as\ndata. A patch has been applied to address this bug, and Wireshark now\ndecodes elliptic curves types properly. (BZ#1131203)\n\n * Previously, a dependency on the gtk2 packages was missing from the\nwireshark packages. As a consequence, the Wireshark tool failed to start\nunder certain circumstances due to an unresolved symbol,\n'gtk_combo_box_text_new_with_entry', which was added in gtk version 2.24.\nWith this update, a dependency on gtk2 has been added, and Wireshark now\nalways starts as expected. (BZ#1160388)\n\nIn addition, this update adds the following enhancements:\n\n * With this update, the Wireshark tool supports process substitution, which\nfeeds the output of a process (or processes) into the standard input of\nanother process using the ' (command_list)' syntax. When using process\nsubstitution with large files as input, Wireshark failed to decode such\ninput. (BZ#1104210)\n\n * Wireshark has been enhanced to enable capturing packets with nanosecond\ntime stamp precision, which allows better analysis of recorded network\ntraffic. (BZ#1146578)\n\nAll wireshark users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements. All running instances of Wireshark must be restarted for the\nupdate to take effect.\");\n script_tag(name:\"affected\", value:\"wireshark on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:1460-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-July/msg00037.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.8.10~17.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.8.10~17.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.8.10~17.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-2189", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-0564", "CVE-2014-8711", "CVE-2015-2191"], "description": "Oracle Linux Local Security Checks ELSA-2015-1460", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123057", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123057", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-1460", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-1460.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123057\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 13:58:48 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-1460\");\n script_tag(name:\"insight\", value:\"ELSA-2015-1460 - wireshark security, bug fix, and enhancement update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-1460\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-1460.html\");\n script_cve_id(\"CVE-2014-8710\", \"CVE-2014-8711\", \"CVE-2014-8712\", \"CVE-2014-8713\", \"CVE-2014-8714\", \"CVE-2015-0562\", \"CVE-2015-0564\", \"CVE-2015-2189\", \"CVE-2015-2191\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.8.10~17.0.2.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"wireshark-devel\", rpm:\"wireshark-devel~1.8.10~17.0.2.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.8.10~17.0.2.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-17T22:58:38", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-2189", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-0564", "CVE-2014-8711", "CVE-2015-2191"], "description": "The remote host is missing an update announced via the referenced Security Advisory.", "modified": "2020-03-13T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120505", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120505", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2015-580)", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120505\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:28:01 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-580)\");\n script_tag(name:\"insight\", value:\"Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2014-8714, CVE-2014-8712, CVE-2014-8713, CVE-2014-8711, CVE-2014-8710, CVE-2015-0562, CVE-2015-0564, CVE-2015-2189, CVE-2015-2191 )\");\n script_tag(name:\"solution\", value:\"Run yum update wireshark to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-580.html\");\n script_cve_id(\"CVE-2015-2191\", \"CVE-2014-8710\", \"CVE-2014-8711\", \"CVE-2014-8712\", \"CVE-2014-8713\", \"CVE-2014-8714\", \"CVE-2015-0562\", \"CVE-2015-0564\", \"CVE-2015-2189\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.8.10~17.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.8.10~17.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-devel\", rpm:\"wireshark-devel~1.8.10~17.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-3813", "CVE-2015-0563", "CVE-2015-2189", "CVE-2015-6243", "CVE-2015-6246", "CVE-2015-6245", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-3182", "CVE-2015-0564", "CVE-2015-2188", "CVE-2014-8711", "CVE-2015-3810", "CVE-2015-3812", "CVE-2015-6244", "CVE-2015-6248", "CVE-2015-2191", "CVE-2015-3811"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2015-11-20T00:00:00", "id": "OPENVAS:1361412562310871496", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871496", "type": "openvas", "title": "RedHat Update for wireshark RHSA-2015:2393-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for wireshark RHSA-2015:2393-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871496\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-20 06:23:13 +0100 (Fri, 20 Nov 2015)\");\n script_cve_id(\"CVE-2014-8710\", \"CVE-2014-8711\", \"CVE-2014-8712\", \"CVE-2014-8713\",\n \"CVE-2014-8714\", \"CVE-2015-0562\", \"CVE-2015-0563\", \"CVE-2015-0564\",\n \"CVE-2015-2188\", \"CVE-2015-2189\", \"CVE-2015-2191\", \"CVE-2015-3182\",\n \"CVE-2015-3810\", \"CVE-2015-3811\", \"CVE-2015-3812\", \"CVE-2015-3813\",\n \"CVE-2015-6243\", \"CVE-2015-6244\", \"CVE-2015-6245\", \"CVE-2015-6246\",\n \"CVE-2015-6248\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for wireshark RHSA-2015:2393-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The wireshark packages contain a network\nprotocol analyzer used to capture and browse the traffic running on a computer\nnetwork.\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malicious dump file. (CVE-2015-2188, CVE-2015-2189, CVE-2015-2191,\nCVE-2015-3810, CVE-2015-3811, CVE-2015-3812, CVE-2015-3813, CVE-2014-8710,\nCVE-2014-8711, CVE-2014-8712, CVE-2014-8713, CVE-2014-8714, CVE-2015-0562,\nCVE-2015-0563, CVE-2015-0564, CVE-2015-3182, CVE-2015-6243, CVE-2015-6244,\nCVE-2015-6245, CVE-2015-6246, CVE-2015-6248)\n\nThe CVE-2015-3182 issue was discovered by Martin ember of Red Hat.\n\nThe wireshark packages have been upgraded to upstream version 1.10.14,\nwhich provides a number of bug fixes and enhancements over the previous\nversion. (BZ#1238676)\n\nThis update also fixes the following bug:\n\n * Prior to this update, when using the tshark utility to capture packets\nover the interface, tshark failed to create output files in the .pcap\nformat even if it was specified using the '-F' option. This bug has been\nfixed, the '-F' option is now honored, and the result saved in the .pcap\nformat as expected. (BZ#1227199)\n\nIn addition, this update adds the following enhancement:\n\n * Previously, wireshark included only microseconds in the .pcapng format.\nWith this update, wireshark supports nanosecond time stamp precision to\nallow for more accurate time stamps. (BZ#1213339)\n\nAll wireshark users are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements. All running instances of\nWireshark must be restarted for the update to take effect.\");\n script_tag(name:\"affected\", value:\"wireshark on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:2393-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-November/msg00045.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.10.14~7.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.10.14~7.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.10.14~7.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:55", "bulletinFamily": "software", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2014-8713", "CVE-2014-8711"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2014:223\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : wireshark\r\n Date : November 21, 2014\r\n Affected: Business Server 1.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Updated wireshark packages fix security vulnerabilities:\r\n \r\n SigComp UDVM buffer overflow (CVE-2014-8710).\r\n \r\n AMQP crash (CVE-2014-8711).\r\n \r\n NCP crashes (CVE-2014-8712, CVE-2014-8713).\r\n \r\n TN5250 infinite loops (CVE-2014-8714).\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8710\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8711\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8712\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8713\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8714\r\n http://advisories.mageia.org/MGASA-2014-0471.html\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Business Server 1/X86_64:\r\n 00633fbae2637480bd69a8bc6516cb9e mbs1/x86_64/dumpcap-1.10.11-1.mbs1.x86_64.rpm\r\n 8f17022f468dcf597f7de08c959ab442 mbs1/x86_64/lib64wireshark3-1.10.11-1.mbs1.x86_64.rpm\r\n 9bce2d95ffb2807b14d38561503ac010 mbs1/x86_64/lib64wireshark-devel-1.10.11-1.mbs1.x86_64.rpm\r\n c62b4d1afa809f2779cfb7dcd4bdccca mbs1/x86_64/lib64wiretap3-1.10.11-1.mbs1.x86_64.rpm\r\n 5971eef1f7370771ce388af2397ae3b2 mbs1/x86_64/lib64wsutil3-1.10.11-1.mbs1.x86_64.rpm\r\n fe2fe30b3ee01238ea3e800bd434d556 mbs1/x86_64/rawshark-1.10.11-1.mbs1.x86_64.rpm\r\n fabe330ffa19a5cac5a25ab8aca9ad15 mbs1/x86_64/tshark-1.10.11-1.mbs1.x86_64.rpm\r\n b85c32bbb86d965348d4233df6e0e2ab mbs1/x86_64/wireshark-1.10.11-1.mbs1.x86_64.rpm\r\n 3d510bd4056d9f3f91328c290fd00c32 mbs1/x86_64/wireshark-tools-1.10.11-1.mbs1.x86_64.rpm \r\n e616cd93563fd6031761a0b436e0eb8e mbs1/SRPMS/wireshark-1.10.11-1.mbs1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niD8DBQFUb2owmqjQ0CJFipgRAmcUAKDg50zHd2pOjsRCtq9grjfgN67n5gCfUqKk\r\ncrBPCMJPQyQq6j468Zz1RZA=\r\n=O2A1\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "modified": "2014-11-24T00:00:00", "published": "2014-11-24T00:00:00", "id": "SECURITYVULNS:DOC:31380", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31380", "title": "[ MDVSA-2014:223 ] wireshark", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:58", "bulletinFamily": "software", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2014-8768", "CVE-2014-8769", "CVE-2014-8713", "CVE-2014-8711", "CVE-2014-8767"], "description": "Buffer overflow and DoS-conditions on different protocols parsing.", "edition": 1, "modified": "2014-11-24T00:00:00", "published": "2014-11-24T00:00:00", "id": "SECURITYVULNS:VULN:14095", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14095", "title": "wireshark multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}], "debian": [{"lastseen": "2020-08-12T00:51:44", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2014-8713", "CVE-2014-8711"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3076-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nNovember 25, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : wireshark\nCVE ID : CVE-2014-8710 CVE-2014-8711 CVE-2014-8712 CVE-2014-8713 \n CVE-2014-8714\n\nMultiple vulnerabilities were discovered in the dissectors/parsers for \nSigComp UDVM, AMQP, NCP and TN5250, which could result in denial of \nservice.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 1.8.2-5wheezy13.\n\nFor the upcoming stable distribution (jessie), these problems have been\nfixed in version 1.12.1+g01b65bf-2.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.12.1+g01b65bf-2.\n\nWe recommend that you upgrade your wireshark packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 9, "modified": "2014-11-25T20:51:42", "published": "2014-11-25T20:51:42", "id": "DEBIAN:DSA-3076-1:E4A8F", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2014/msg00266.html", "title": "[SECURITY] [DSA 3076-1] wireshark security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-11-11T13:28:03", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8710", "CVE-2014-6431", "CVE-2014-8712", "CVE-2014-8714", "CVE-2014-6432", "CVE-2015-0562", "CVE-2014-6422", "CVE-2014-8713", "CVE-2015-0564", "CVE-2015-2188", "CVE-2014-6430", "CVE-2014-8711", "CVE-2014-6428", "CVE-2014-6423", "CVE-2015-2191", "CVE-2014-6429"], "description": "Package : wireshark\nVersion : 1.8.2-5wheezy15~deb6u1\nCVE ID : CVE-2015-2191 CVE-2015-2188 CVE-2015-0564 CVE-2015-0562\n CVE-2014-8714 CVE-2014-8713 CVE-2014-8712 CVE-2014-8711\n CVE-2014-8710 CVE-2014-6432 CVE-2014-6431 CVE-2014-6430\n CVE-2014-6429 CVE-2014-6428 CVE-2014-6423 CVE-2014-6422\n\nThe following vulnerabilities were discovered in the Squeeze's Wireshark\nversion:\n\n CVE-2015-2188 The WCP dissector could crash\n CVE-2015-0564 Wireshark could crash while decypting TLS/SSL sessions\n CVE-2015-0562 The DEC DNA Routing Protocol dissector could crash\n CVE-2014-8714 TN5250 infinite loops\n CVE-2014-8713 NCP crashes\n CVE-2014-8712 NCP crashes\n CVE-2014-8711 AMQP crash\n CVE-2014-8710 SigComp UDVM buffer overflow\n CVE-2014-6432 Sniffer file parser crash\n CVE-2014-6431 Sniffer file parser crash\n CVE-2014-6430 Sniffer file parser crash\n CVE-2014-6429 Sniffer file parser crash\n CVE-2014-6428 SES dissector crash\n CVE-2014-6423 MEGACO dissector infinite loop\n CVE-2014-6422 RTP dissector crash\n\nSince back-porting upstream patches to 1.2.11-6+squeeze15 did not fix\nall the outstanding issues and some issues are not even tracked publicly\nthe LTS Team decided to sync squeeze-lts's wireshark package with\nwheezy-security to provide the best possible security support.\n\nNote that upgrading Wireshark from 1.2.x to 1.8.x introduces\nseveral backward-incompatible changes in package structure, shared\nlibrary API/ABI, availability of dissectors and in syntax of command\nline parameters.\n\n\n\n", "edition": 9, "modified": "2015-04-22T09:45:46", "published": "2015-04-22T09:45:46", "id": "DEBIAN:DLA-198-1:FF28E", "href": "https://lists.debian.org/debian-lts-announce/2015/debian-lts-announce-201504/msg00020.html", "title": "[SECURITY] [DLA 198-1] wireshark security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:48", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2014-8713", "CVE-2014-8711"], "description": "- CVE-2014-8710 (out-of-bounds read)\nOut-of-bounds read flaw in the SigComp dissector (sigcomp-udvm) leads to\ndenial of service while processing malformed packets.\n\n- CVE-2014-8711 (out-of-bounds read)\nThe AMQP dissector is seeing a large value in the capture file for what\nit thinks should be a field specifying the number of elements in an\narray, resulting in undetected overflow (wrapping).\n\n- CVE-2014-8712 (stack buffer overflow)\nAn issue in the NCP dissector while constructing strings may lead to\nincorrect data length, resulting in stack buffer overflow and denial of\nservice.\n\n- CVE-2014-8713 (denial of service)\nAn issue in the NCP dissector may lead to denial of service while\naccessing an uninitialized buffer.\n\n- CVE-2014-8714 (denial of service)\nA missing exit when the offset is not incremented in the tn5250\ndissector is leading to an endless loop, resulting in denial of service.", "modified": "2014-11-20T00:00:00", "published": "2014-11-20T00:00:00", "id": "ASA-201411-22", "href": "https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html", "type": "archlinux", "title": "wireshark-cli: denial of service", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-02T18:44:41", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2014-8713", "CVE-2014-8711"], "description": "- CVE-2014-8710 (out-of-bounds read)\nOut-of-bounds read flaw in the SigComp dissector (sigcomp-udvm) leads to\ndenial of service while processing malformed packets.\n\n- CVE-2014-8711 (out-of-bounds read)\nThe AMQP dissector is seeing a large value in the capture file for what\nit thinks should be a field specifying the number of elements in an\narray, resulting in undetected overflow (wrapping).\n\n- CVE-2014-8712 (stack buffer overflow)\nAn issue in the NCP dissector while constructing strings may lead to\nincorrect data length, resulting in stack buffer overflow and denial of\nservice.\n\n- CVE-2014-8713 (denial of service)\nAn issue in the NCP dissector may lead to denial of service while\naccessing an uninitialized buffer.\n\n- CVE-2014-8714 (denial of service)\nA missing exit when the offset is not incremented in the tn5250\ndissector is leading to an endless loop, resulting in denial of service.", "modified": "2014-11-20T00:00:00", "published": "2014-11-20T00:00:00", "id": "ASA-201411-24", "href": "https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html", "type": "archlinux", "title": "wireshark-qt: denial of service", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8710", "CVE-2014-8711", "CVE-2014-8712", "CVE-2014-8713", "CVE-2014-8714"], "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "modified": "2014-12-04T06:22:05", "published": "2014-12-04T06:22:05", "id": "FEDORA:4C6EB60D68BB", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: wireshark-1.10.11-1.fc20", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8710", "CVE-2014-8711", "CVE-2014-8712", "CVE-2014-8713", "CVE-2014-8714"], "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "modified": "2014-12-06T10:51:00", "published": "2014-12-06T10:51:00", "id": "FEDORA:C2A516128D11", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: wireshark-1.12.2-1.fc21", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2021-01-01T07:00:50", "description": "The remote Windows host has a version of Wireshark installed that is\n1.10.x prior to 1.10.11. It is, therefore, affected by multiple denial\nof service vulnerabilities in following dissectors :\n\n - AMQP (CVE-2014-8711)\n - NCP (CVE-2014-8712, CVE-2014-8713)\n - SigComp (CVE-2014-8710)\n - TN5250 (CVE-2014-8714)\n\nA remote attacker, using a specially crafted packet, can cause the\napplication to crash.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.", "edition": 25, "published": "2014-11-14T00:00:00", "title": "Wireshark 1.10.x < 1.10.11 Multiple DoS Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2014-8713", "CVE-2014-8711"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_1_10_11.NASL", "href": "https://www.tenable.com/plugins/nessus/79251", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79251);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/11/25\");\n\n script_cve_id(\n \"CVE-2014-8710\",\n \"CVE-2014-8711\",\n \"CVE-2014-8712\",\n \"CVE-2014-8713\",\n \"CVE-2014-8714\"\n );\n script_bugtraq_id(\n 71069,\n 71070,\n 71071,\n 71072,\n 71073\n );\n\n script_name(english:\"Wireshark 1.10.x < 1.10.11 Multiple DoS Vulnerabilities\");\n script_summary(english:\"Checks the version of Wireshark.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains an application that is affected by\nmultiple denial of service vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host has a version of Wireshark installed that is\n1.10.x prior to 1.10.11. It is, therefore, affected by multiple denial\nof service vulnerabilities in following dissectors :\n\n - AMQP (CVE-2014-8711)\n - NCP (CVE-2014-8712, CVE-2014-8713)\n - SigComp (CVE-2014-8710)\n - TN5250 (CVE-2014-8714)\n\nA remote attacker, using a specially crafted packet, can cause the\napplication to crash.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2014-20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2014-21.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2014-22.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2014-23.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 1.10.11 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-8714\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/11/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"installed_sw/Wireshark\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\napp_name = \"Wireshark\";\ninstall = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);\nversion = install['version'];\npath = install['path'];\n\n# Affected : 1.10.x < 1.10.11\nif (version =~ \"^1\\.10\\.([0-9]|10)($|[^0-9])\")\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 1.10.11' +\n '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, path);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T09:48:50", "description": "Multiple vulnerabilities were discovered in the dissectors/parsers for\nSigComp UDVM, AMQP, NCP and TN5250, which could result in denial of\nservice.", "edition": 15, "published": "2014-11-26T00:00:00", "title": "Debian DSA-3076-1 : wireshark - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2014-8713", "CVE-2014-8711"], "modified": "2014-11-26T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:wireshark", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3076.NASL", "href": "https://www.tenable.com/plugins/nessus/79564", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3076. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79564);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-8710\", \"CVE-2014-8711\", \"CVE-2014-8712\", \"CVE-2014-8713\", \"CVE-2014-8714\");\n script_bugtraq_id(71069, 71070, 71071, 71072, 71073);\n script_xref(name:\"DSA\", value:\"3076\");\n\n script_name(english:\"Debian DSA-3076-1 : wireshark - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities were discovered in the dissectors/parsers for\nSigComp UDVM, AMQP, NCP and TN5250, which could result in denial of\nservice.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/wireshark\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2014/dsa-3076\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the wireshark packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 1.8.2-5wheezy13.\n\nFor the upcoming stable distribution (jessie), these problems have\nbeen fixed in version 1.12.1+g01b65bf-2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libwireshark-data\", reference:\"1.8.2-5wheezy13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libwireshark-dev\", reference:\"1.8.2-5wheezy13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libwireshark2\", reference:\"1.8.2-5wheezy13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libwiretap-dev\", reference:\"1.8.2-5wheezy13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libwiretap2\", reference:\"1.8.2-5wheezy13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libwsutil-dev\", reference:\"1.8.2-5wheezy13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libwsutil2\", reference:\"1.8.2-5wheezy13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tshark\", reference:\"1.8.2-5wheezy13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"wireshark\", reference:\"1.8.2-5wheezy13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"wireshark-common\", reference:\"1.8.2-5wheezy13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"wireshark-dbg\", reference:\"1.8.2-5wheezy13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"wireshark-dev\", reference:\"1.8.2-5wheezy13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"wireshark-doc\", reference:\"1.8.2-5wheezy13\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:12:17", "description": "Ver. 1.10.11, Security fix for CVE-2014-8711, CVE-2014-8712,\nCVE-2014-8713, CVE-2014-8714, CVE-2014-8710\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2014-12-04T00:00:00", "title": "Fedora 20 : wireshark-1.10.11-1.fc20 (2014-15244)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2014-8713", "CVE-2014-8711"], "modified": "2014-12-04T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:wireshark", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-15244.NASL", "href": "https://www.tenable.com/plugins/nessus/79699", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-15244.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79699);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-8710\", \"CVE-2014-8711\", \"CVE-2014-8712\", \"CVE-2014-8713\", \"CVE-2014-8714\");\n script_bugtraq_id(71069, 71070, 71071, 71072, 71073);\n script_xref(name:\"FEDORA\", value:\"2014-15244\");\n\n script_name(english:\"Fedora 20 : wireshark-1.10.11-1.fc20 (2014-15244)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ver. 1.10.11, Security fix for CVE-2014-8711, CVE-2014-8712,\nCVE-2014-8713, CVE-2014-8714, CVE-2014-8710\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1163581\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1163582\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1163583\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1163584\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-December/145174.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dcd18641\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"wireshark-1.10.11-1.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:12:17", "description": "Ver. 1.12.2, Security fix for CVE-2014-8711, CVE-2014-8712,\nCVE-2014-8713, CVE-2014-8714, CVE-2014-8710\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2014-12-07T00:00:00", "title": "Fedora 21 : wireshark-1.12.2-1.fc21 (2014-15320)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2014-8713", "CVE-2014-8711"], "modified": "2014-12-07T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:wireshark", "cpe:/o:fedoraproject:fedora:21"], "id": "FEDORA_2014-15320.NASL", "href": "https://www.tenable.com/plugins/nessus/79769", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-15320.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79769);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-8710\", \"CVE-2014-8711\", \"CVE-2014-8712\", \"CVE-2014-8713\", \"CVE-2014-8714\");\n script_bugtraq_id(71069, 71070, 71071, 71072, 71073);\n script_xref(name:\"FEDORA\", value:\"2014-15320\");\n\n script_name(english:\"Fedora 21 : wireshark-1.12.2-1.fc21 (2014-15320)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ver. 1.12.2, Security fix for CVE-2014-8711, CVE-2014-8712,\nCVE-2014-8713, CVE-2014-8714, CVE-2014-8710\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-December/145658.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7dc0c254\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"wireshark-1.12.2-1.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T11:54:47", "description": "Updated wireshark packages fix security vulnerabilities :\n\nSigComp UDVM buffer overflow (CVE-2014-8710).\n\nAMQP crash (CVE-2014-8711).\n\nNCP crashes (CVE-2014-8712, CVE-2014-8713).\n\nTN5250 infinite loops (CVE-2014-8714).", "edition": 23, "published": "2014-11-24T00:00:00", "title": "Mandriva Linux Security Advisory : wireshark (MDVSA-2014:223)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2014-8713", "CVE-2014-8711"], "modified": "2014-11-24T00:00:00", "cpe": ["cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:dumpcap", "p-cpe:/a:mandriva:linux:lib64wireshark3", "p-cpe:/a:mandriva:linux:lib64wiretap3", "p-cpe:/a:mandriva:linux:rawshark", "p-cpe:/a:mandriva:linux:lib64wsutil3", "p-cpe:/a:mandriva:linux:tshark", "p-cpe:/a:mandriva:linux:lib64wireshark-devel", "p-cpe:/a:mandriva:linux:wireshark-tools", "p-cpe:/a:mandriva:linux:wireshark"], "id": "MANDRIVA_MDVSA-2014-223.NASL", "href": "https://www.tenable.com/plugins/nessus/79410", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:223. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79410);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-8710\", \"CVE-2014-8711\", \"CVE-2014-8712\", \"CVE-2014-8713\", \"CVE-2014-8714\");\n script_bugtraq_id(71069, 71070, 71071, 71072, 71073);\n script_xref(name:\"MDVSA\", value:\"2014:223\");\n\n script_name(english:\"Mandriva Linux Security Advisory : wireshark (MDVSA-2014:223)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated wireshark packages fix security vulnerabilities :\n\nSigComp UDVM buffer overflow (CVE-2014-8710).\n\nAMQP crash (CVE-2014-8711).\n\nNCP crashes (CVE-2014-8712, CVE-2014-8713).\n\nTN5250 infinite loops (CVE-2014-8714).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0471.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dumpcap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wiretap3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wsutil3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rawshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"dumpcap-1.10.11-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-1.10.11-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64wireshark3-1.10.11-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64wiretap3-1.10.11-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64wsutil3-1.10.11-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"rawshark-1.10.11-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tshark-1.10.11-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"wireshark-1.10.11-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"wireshark-tools-1.10.11-1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-20T14:41:59", "description": "wireshark has been updated to version 1.10.11 to fix five security\nissues.\n\nThese security issues have been fixed :\n\n - SigComp UDVM buffer overflow. (CVE-2014-8710)\n\n - AMQP dissector crash. (CVE-2014-8711)\n\n - NCP dissector crashes. (CVE-2014-8712 / CVE-2014-8713)\n\n - TN5250 infinite loops (CVE-2014-8714). This non-security\n issue has been fixed :\n\n - enable zlib (bnc#899303). Further bug fixes and updated\n protocol support as listed in :\n\nhttps://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html", "edition": 17, "published": "2014-11-28T00:00:00", "title": "SuSE 11.3 Security Update : wireshark (SAT Patch Number 9968)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2014-8713", "CVE-2014-8711"], "modified": "2014-11-28T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:wireshark"], "id": "SUSE_11_WIRESHARK-141114.NASL", "href": "https://www.tenable.com/plugins/nessus/79620", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79620);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-8710\", \"CVE-2014-8711\", \"CVE-2014-8712\", \"CVE-2014-8713\", \"CVE-2014-8714\");\n\n script_name(english:\"SuSE 11.3 Security Update : wireshark (SAT Patch Number 9968)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"wireshark has been updated to version 1.10.11 to fix five security\nissues.\n\nThese security issues have been fixed :\n\n - SigComp UDVM buffer overflow. (CVE-2014-8710)\n\n - AMQP dissector crash. (CVE-2014-8711)\n\n - NCP dissector crashes. (CVE-2014-8712 / CVE-2014-8713)\n\n - TN5250 infinite loops (CVE-2014-8714). This non-security\n issue has been fixed :\n\n - enable zlib (bnc#899303). Further bug fixes and updated\n protocol support as listed in :\n\nhttps://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=899303\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=905245\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=905246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=905247\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=905248\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-8710.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-8711.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-8712.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-8713.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-8714.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 9968.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"wireshark-1.10.11-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"wireshark-1.10.11-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"wireshark-1.10.11-0.2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-20T12:28:03", "description": "wireshark was updated to fix five security issues. 	 These security\nissues were fixed :\n\n - SigComp UDVM buffer overflow (CVE-2014-8710).\n\n - AMQP crash (CVE-2014-8711).\n\n - NCP crashes (CVE-2014-8712, CVE-2014-8713).\n\n - TN5250 infinite loops (CVE-2014-8714).\n\nFor openSUSE 12.3 and 13.1 further bug fixes and updated protocol\nsupport are described in:\nhttps://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html\n\nFor openSUSE 13.2 further bug fixes and updated protocol support are\ndescribed in:\nhttps://www.wireshark.org/docs/relnotes/wireshark-1.12.2.html", "edition": 18, "published": "2014-11-27T00:00:00", "title": "openSUSE Security Update : wireshark (openSUSE-SU-2014:1503-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2014-8713", "CVE-2014-8711"], "modified": "2014-11-27T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo", "p-cpe:/a:novell:opensuse:wireshark", "cpe:/o:novell:opensuse:12.3", "p-cpe:/a:novell:opensuse:wireshark-devel", "p-cpe:/a:novell:opensuse:wireshark-ui-qt", "p-cpe:/a:novell:opensuse:wireshark-debugsource", "p-cpe:/a:novell:opensuse:wireshark-ui-gtk", "cpe:/o:novell:opensuse:13.2", "p-cpe:/a:novell:opensuse:wireshark-ui-gtk-debuginfo", "p-cpe:/a:novell:opensuse:wireshark-debuginfo", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2014-717.NASL", "href": "https://www.tenable.com/plugins/nessus/79592", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-717.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79592);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-8710\", \"CVE-2014-8711\", \"CVE-2014-8712\", \"CVE-2014-8713\", \"CVE-2014-8714\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-SU-2014:1503-1)\");\n script_summary(english:\"Check for the openSUSE-2014-717 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"wireshark was updated to fix five security issues. 	 These security\nissues were fixed :\n\n - SigComp UDVM buffer overflow (CVE-2014-8710).\n\n - AMQP crash (CVE-2014-8711).\n\n - NCP crashes (CVE-2014-8712, CVE-2014-8713).\n\n - TN5250 infinite loops (CVE-2014-8714).\n\nFor openSUSE 12.3 and 13.1 further bug fixes and updated protocol\nsupport are described in:\nhttps://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html\n\nFor openSUSE 13.2 further bug fixes and updated protocol support are\ndescribed in:\nhttps://www.wireshark.org/docs/relnotes/wireshark-1.12.2.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=905245\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=905246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=905247\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=905248\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-11/msg00104.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.12.2.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-gtk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3|SUSE13\\.1|SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3 / 13.1 / 13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"wireshark-1.10.11-1.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"wireshark-debuginfo-1.10.11-1.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"wireshark-debugsource-1.10.11-1.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"wireshark-devel-1.10.11-1.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"wireshark-1.10.11-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"wireshark-debuginfo-1.10.11-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"wireshark-debugsource-1.10.11-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"wireshark-devel-1.10.11-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"wireshark-1.12.2-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"wireshark-debuginfo-1.12.2-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"wireshark-debugsource-1.12.2-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"wireshark-devel-1.12.2-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"wireshark-ui-gtk-1.12.2-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"wireshark-ui-gtk-debuginfo-1.12.2-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"wireshark-ui-qt-1.12.2-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"wireshark-ui-qt-debuginfo-1.12.2-4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-debuginfo / wireshark-debugsource / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T07:00:51", "description": "The remote Windows host has a version of Wireshark installed that is\n1.12.x prior to 1.12.2. It is, therefore, affected by multiple denial\nof service vulnerabilities in following dissectors :\n\n - AMQP (CVE-2014-8711)\n - NCP (CVE-2014-8712, CVE-2014-8713)\n - SigComp (CVE-2014-8710)\n - TN5250 (CVE-2014-8714)\n\nA remote attacker, using a specially crafted packet, can cause the\napplication to crash.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.", "edition": 25, "published": "2014-11-14T00:00:00", "title": "Wireshark 1.12.x < 1.12.2 Multiple DoS Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2014-8713", "CVE-2014-8711"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_1_12_2.NASL", "href": "https://www.tenable.com/plugins/nessus/79252", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79252);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/11/25\");\n\n script_cve_id(\n \"CVE-2014-8710\",\n \"CVE-2014-8711\",\n \"CVE-2014-8712\",\n \"CVE-2014-8713\",\n \"CVE-2014-8714\"\n );\n script_bugtraq_id(\n 71069,\n 71070,\n 71071,\n 71072,\n 71073\n );\n\n script_name(english:\"Wireshark 1.12.x < 1.12.2 Multiple DoS Vulnerabilities\");\n script_summary(english:\"Checks the version of Wireshark.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains an application that is affected by\nmultiple denial of service vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host has a version of Wireshark installed that is\n1.12.x prior to 1.12.2. It is, therefore, affected by multiple denial\nof service vulnerabilities in following dissectors :\n\n - AMQP (CVE-2014-8711)\n - NCP (CVE-2014-8712, CVE-2014-8713)\n - SigComp (CVE-2014-8710)\n - TN5250 (CVE-2014-8714)\n\nA remote attacker, using a specially crafted packet, can cause the\napplication to crash.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2014-20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2014-21.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2014-22.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2014-23.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.12.2.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 1.12.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-8714\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/11/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"installed_sw/Wireshark\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\napp_name = \"Wireshark\";\ninstall = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);\nversion = install['version'];\npath = install['path'];\n\n# Affected : 1.12.x < 1.12.2\nif (version =~ \"^1\\.12\\.[01]($|[^0-9])\")\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 1.12.2' +\n '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, path);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T13:48:54", "description": "Several denial of service flaws were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off a\nnetwork, or opened a malicious dump file. (CVE-2014-8714,\nCVE-2014-8712, CVE-2014-8713, CVE-2014-8711, CVE-2014-8710,\nCVE-2015-0562, CVE-2015-0564, CVE-2015-2189, CVE-2015-2191)\n\nThis update also fixes the following bugs :\n\n - Previously, the Wireshark tool did not support Advanced\n Encryption Standard Galois/Counter Mode (AES-GCM)\n cryptographic algorithm. As a consequence, AES-GCM was\n not decrypted. Support for AES-GCM has been added to\n Wireshark, and AES-GCM is now correctly decrypted.\n\n - Previously, when installing the system using the\n kickstart method, a dependency on the shadow-utils\n packages was missing from the wireshark packages, which\n could cause the installation to fail with a 'bad\n scriptlet' error message. With this update, shadow-utils\n are listed as required in the wireshark packages spec\n file, and kickstart installation no longer fails.\n\n - Prior to this update, the Wireshark tool could not\n decode types of elliptic curves in Datagram Transport\n Layer Security (DTLS) Client Hello. Consequently,\n Wireshark incorrectly displayed elliptic curves types as\n data. A patch has been applied to address this bug, and\n Wireshark now decodes elliptic curves types properly.\n\n - Previously, a dependency on the gtk2 packages was\n missing from the wireshark packages. As a consequence,\n the Wireshark tool failed to start under certain\n circumstances due to an unresolved symbol,\n 'gtk_combo_box_text_new_with_entry', which was added in\n gtk version 2.24. With this update, a dependency on gtk2\n has been added, and Wireshark now always starts as\n expected.\n\nIn addition, this update adds the following enhancements :\n\n - With this update, the Wireshark tool supports process\n substitution, which feeds the output of a process (or\n processes) into the standard input of another process\n using the '<(command_list)' syntax. When using process\n substitution with large files as input, Wireshark failed\n to decode such input.\n\n - Wireshark has been enhanced to enable capturing packets\n with nanosecond time stamp precision, which allows\n better analysis of recorded network traffic.\n\nAll running instances of Wireshark must be restarted for the update to\ntake effect.", "edition": 15, "published": "2015-08-04T00:00:00", "title": "Scientific Linux Security Update : wireshark on SL6.x i386/x86_64 (20150722)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-2189", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-0564", "CVE-2014-8711", "CVE-2015-2191"], "modified": "2015-08-04T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:wireshark-gnome", "p-cpe:/a:fermilab:scientific_linux:wireshark", "p-cpe:/a:fermilab:scientific_linux:wireshark-debuginfo", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:wireshark-devel"], "id": "SL_20150722_WIRESHARK_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/85208", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85208);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-8710\", \"CVE-2014-8711\", \"CVE-2014-8712\", \"CVE-2014-8713\", \"CVE-2014-8714\", \"CVE-2015-0562\", \"CVE-2015-0564\", \"CVE-2015-2189\", \"CVE-2015-2191\");\n\n script_name(english:\"Scientific Linux Security Update : wireshark on SL6.x i386/x86_64 (20150722)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several denial of service flaws were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off a\nnetwork, or opened a malicious dump file. (CVE-2014-8714,\nCVE-2014-8712, CVE-2014-8713, CVE-2014-8711, CVE-2014-8710,\nCVE-2015-0562, CVE-2015-0564, CVE-2015-2189, CVE-2015-2191)\n\nThis update also fixes the following bugs :\n\n - Previously, the Wireshark tool did not support Advanced\n Encryption Standard Galois/Counter Mode (AES-GCM)\n cryptographic algorithm. As a consequence, AES-GCM was\n not decrypted. Support for AES-GCM has been added to\n Wireshark, and AES-GCM is now correctly decrypted.\n\n - Previously, when installing the system using the\n kickstart method, a dependency on the shadow-utils\n packages was missing from the wireshark packages, which\n could cause the installation to fail with a 'bad\n scriptlet' error message. With this update, shadow-utils\n are listed as required in the wireshark packages spec\n file, and kickstart installation no longer fails.\n\n - Prior to this update, the Wireshark tool could not\n decode types of elliptic curves in Datagram Transport\n Layer Security (DTLS) Client Hello. Consequently,\n Wireshark incorrectly displayed elliptic curves types as\n data. A patch has been applied to address this bug, and\n Wireshark now decodes elliptic curves types properly.\n\n - Previously, a dependency on the gtk2 packages was\n missing from the wireshark packages. As a consequence,\n the Wireshark tool failed to start under certain\n circumstances due to an unresolved symbol,\n 'gtk_combo_box_text_new_with_entry', which was added in\n gtk version 2.24. With this update, a dependency on gtk2\n has been added, and Wireshark now always starts as\n expected.\n\nIn addition, this update adds the following enhancements :\n\n - With this update, the Wireshark tool supports process\n substitution, which feeds the output of a process (or\n processes) into the standard input of another process\n using the '<(command_list)' syntax. When using process\n substitution with large files as input, Wireshark failed\n to decode such input.\n\n - Wireshark has been enhanced to enable capturing packets\n with nanosecond time stamp precision, which allows\n better analysis of recorded network traffic.\n\nAll running instances of Wireshark must be restarted for the update to\ntake effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1508&L=scientific-linux-errata&F=&S=&P=4657\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?36c0f664\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/11/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"wireshark-1.8.10-17.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"wireshark-debuginfo-1.8.10-17.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"wireshark-devel-1.8.10-17.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"wireshark-gnome-1.8.10-17.el6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-debuginfo / wireshark-devel / wireshark-gnome\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T12:50:06", "description": "From Red Hat Security Advisory 2015:1460 :\n\nUpdated wireshark packages that fix multiple security issues, several\nbugs, and add various enhancements are now available for Red Hat\nEnterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nWireshark, previously known as Ethereal, is a network protocol\nanalyzer, which is used to capture and browse the traffic running on a\ncomputer network.\n\nSeveral denial of service flaws were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off a\nnetwork, or opened a malicious dump file. (CVE-2014-8714,\nCVE-2014-8712, CVE-2014-8713, CVE-2014-8711, CVE-2014-8710,\nCVE-2015-0562, CVE-2015-0564, CVE-2015-2189, CVE-2015-2191)\n\nThis update also fixes the following bugs :\n\n* Previously, the Wireshark tool did not support Advanced Encryption\nStandard Galois/Counter Mode (AES-GCM) cryptographic algorithm. As a\nconsequence, AES-GCM was not decrypted. Support for AES-GCM has been\nadded to Wireshark, and AES-GCM is now correctly decrypted.\n(BZ#1095065)\n\n* Previously, when installing the system using the kickstart method, a\ndependency on the shadow-utils packages was missing from the wireshark\npackages, which could cause the installation to fail with a 'bad\nscriptlet' error message. With this update, shadow-utils are listed as\nrequired in the wireshark packages spec file, and kickstart\ninstallation no longer fails. (BZ#1121275)\n\n* Prior to this update, the Wireshark tool could not decode types of\nelliptic curves in Datagram Transport Layer Security (DTLS) Client\nHello. Consequently, Wireshark incorrectly displayed elliptic curves\ntypes as data. A patch has been applied to address this bug, and\nWireshark now decodes elliptic curves types properly. (BZ#1131203)\n\n* Previously, a dependency on the gtk2 packages was missing from the\nwireshark packages. As a consequence, the Wireshark tool failed to\nstart under certain circumstances due to an unresolved symbol,\n'gtk_combo_box_text_new_with_entry', which was added in gtk version\n2.24. With this update, a dependency on gtk2 has been added, and\nWireshark now always starts as expected. (BZ#1160388)\n\nIn addition, this update adds the following enhancements :\n\n* With this update, the Wireshark tool supports process substitution,\nwhich feeds the output of a process (or processes) into the standard\ninput of another process using the '<(command_list)' syntax. When\nusing process substitution with large files as input, Wireshark failed\nto decode such input. (BZ#1104210)\n\n* Wireshark has been enhanced to enable capturing packets with\nnanosecond time stamp precision, which allows better analysis of\nrecorded network traffic. (BZ#1146578)\n\nAll wireshark users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues and add these\nenhancements. All running instances of Wireshark must be restarted for\nthe update to take effect.", "edition": 25, "published": "2015-07-30T00:00:00", "title": "Oracle Linux 6 : wireshark (ELSA-2015-1460)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-2189", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-0564", "CVE-2014-8711", "CVE-2015-2191"], "modified": "2015-07-30T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:wireshark-gnome", "p-cpe:/a:oracle:linux:wireshark", "p-cpe:/a:oracle:linux:wireshark-devel"], "id": "ORACLELINUX_ELSA-2015-1460.NASL", "href": "https://www.tenable.com/plugins/nessus/85112", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:1460 and \n# Oracle Linux Security Advisory ELSA-2015-1460 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85112);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-8710\", \"CVE-2014-8711\", \"CVE-2014-8712\", \"CVE-2014-8713\", \"CVE-2014-8714\", \"CVE-2015-0562\", \"CVE-2015-0564\", \"CVE-2015-2189\", \"CVE-2015-2191\");\n script_bugtraq_id(71069, 71070, 71071, 71072, 71073, 71921, 71922, 72941, 72944);\n script_xref(name:\"RHSA\", value:\"2015:1460\");\n\n script_name(english:\"Oracle Linux 6 : wireshark (ELSA-2015-1460)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:1460 :\n\nUpdated wireshark packages that fix multiple security issues, several\nbugs, and add various enhancements are now available for Red Hat\nEnterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nWireshark, previously known as Ethereal, is a network protocol\nanalyzer, which is used to capture and browse the traffic running on a\ncomputer network.\n\nSeveral denial of service flaws were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off a\nnetwork, or opened a malicious dump file. (CVE-2014-8714,\nCVE-2014-8712, CVE-2014-8713, CVE-2014-8711, CVE-2014-8710,\nCVE-2015-0562, CVE-2015-0564, CVE-2015-2189, CVE-2015-2191)\n\nThis update also fixes the following bugs :\n\n* Previously, the Wireshark tool did not support Advanced Encryption\nStandard Galois/Counter Mode (AES-GCM) cryptographic algorithm. As a\nconsequence, AES-GCM was not decrypted. Support for AES-GCM has been\nadded to Wireshark, and AES-GCM is now correctly decrypted.\n(BZ#1095065)\n\n* Previously, when installing the system using the kickstart method, a\ndependency on the shadow-utils packages was missing from the wireshark\npackages, which could cause the installation to fail with a 'bad\nscriptlet' error message. With this update, shadow-utils are listed as\nrequired in the wireshark packages spec file, and kickstart\ninstallation no longer fails. (BZ#1121275)\n\n* Prior to this update, the Wireshark tool could not decode types of\nelliptic curves in Datagram Transport Layer Security (DTLS) Client\nHello. Consequently, Wireshark incorrectly displayed elliptic curves\ntypes as data. A patch has been applied to address this bug, and\nWireshark now decodes elliptic curves types properly. (BZ#1131203)\n\n* Previously, a dependency on the gtk2 packages was missing from the\nwireshark packages. As a consequence, the Wireshark tool failed to\nstart under certain circumstances due to an unresolved symbol,\n'gtk_combo_box_text_new_with_entry', which was added in gtk version\n2.24. With this update, a dependency on gtk2 has been added, and\nWireshark now always starts as expected. (BZ#1160388)\n\nIn addition, this update adds the following enhancements :\n\n* With this update, the Wireshark tool supports process substitution,\nwhich feeds the output of a process (or processes) into the standard\ninput of another process using the '<(command_list)' syntax. When\nusing process substitution with large files as input, Wireshark failed\nto decode such input. (BZ#1104210)\n\n* Wireshark has been enhanced to enable capturing packets with\nnanosecond time stamp precision, which allows better analysis of\nrecorded network traffic. (BZ#1146578)\n\nAll wireshark users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues and add these\nenhancements. All running instances of Wireshark must be restarted for\nthe update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-July/005243.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/11/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"wireshark-1.8.10-17.0.2.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"wireshark-devel-1.8.10-17.0.2.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"wireshark-gnome-1.8.10-17.0.2.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-devel / wireshark-gnome\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2020-10-03T12:01:22", "description": "The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", "edition": 3, "cvss3": {}, "published": "2014-11-23T02:59:00", "title": "CVE-2014-8712", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8712"], "modified": "2018-01-05T02:29:00", "cpe": ["cpe:/a:wireshark:wireshark:1.10.3", "cpe:/a:wireshark:wireshark:1.10.8", "cpe:/a:wireshark:wireshark:1.10.9", "cpe:/a:wireshark:wireshark:1.10.2", "cpe:/a:wireshark:wireshark:1.10.4", "cpe:/a:wireshark:wireshark:1.10.10", "cpe:/a:wireshark:wireshark:1.10.6", "cpe:/a:wireshark:wireshark:1.10.5", "cpe:/a:wireshark:wireshark:1.12.1", "cpe:/a:wireshark:wireshark:1.10.7", "cpe:/a:wireshark:wireshark:1.12.0", "cpe:/a:wireshark:wireshark:1.10.1", "cpe:/a:wireshark:wireshark:1.10.0"], "id": "CVE-2014-8712", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8712", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.10.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.12.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.10:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:01:22", "description": "Stack-based buffer overflow in the build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet.", "edition": 3, "cvss3": {}, "published": "2014-11-23T02:59:00", "title": "CVE-2014-8713", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8713"], "modified": "2018-01-05T02:29:00", "cpe": ["cpe:/a:wireshark:wireshark:1.10.3", "cpe:/a:wireshark:wireshark:1.10.8", "cpe:/a:wireshark:wireshark:1.10.9", "cpe:/a:wireshark:wireshark:1.10.2", "cpe:/a:wireshark:wireshark:1.10.4", "cpe:/a:wireshark:wireshark:1.10.10", "cpe:/a:wireshark:wireshark:1.10.6", "cpe:/a:wireshark:wireshark:1.10.5", "cpe:/a:wireshark:wireshark:1.12.1", "cpe:/a:wireshark:wireshark:1.10.7", "cpe:/a:wireshark:wireshark:1.12.0", "cpe:/a:wireshark:wireshark:1.10.1", "cpe:/a:wireshark:wireshark:1.10.0"], "id": "CVE-2014-8713", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8713", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.10.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.12.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.10:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:01:22", "description": "Multiple integer overflows in epan/dissectors/packet-amqp.c in the AMQP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allow remote attackers to cause a denial of service (application crash) via a crafted amqp_0_10 PDU in a packet.", "edition": 3, "cvss3": {}, "published": "2014-11-23T02:59:00", "title": "CVE-2014-8711", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8711"], "modified": "2018-01-05T02:29:00", "cpe": ["cpe:/a:wireshark:wireshark:1.10.3", "cpe:/a:wireshark:wireshark:1.10.8", "cpe:/a:wireshark:wireshark:1.10.9", "cpe:/a:wireshark:wireshark:1.10.2", "cpe:/a:wireshark:wireshark:1.10.4", "cpe:/a:wireshark:wireshark:1.10.10", "cpe:/a:wireshark:wireshark:1.10.6", "cpe:/a:wireshark:wireshark:1.10.5", "cpe:/a:wireshark:wireshark:1.12.1", "cpe:/a:wireshark:wireshark:1.10.7", "cpe:/a:wireshark:wireshark:1.12.0", "cpe:/a:wireshark:wireshark:1.10.1", "cpe:/a:wireshark:wireshark:1.10.0"], "id": "CVE-2014-8711", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8711", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.10.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.12.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.10:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:01:22", "description": "The dissect_write_structured_field function in epan/dissectors/packet-tn5250.c in the TN5250 dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.", "edition": 3, "cvss3": {}, "published": "2014-11-23T02:59:00", "title": "CVE-2014-8714", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8714"], "modified": "2018-01-05T02:29:00", "cpe": ["cpe:/a:wireshark:wireshark:1.10.3", "cpe:/a:wireshark:wireshark:1.10.8", "cpe:/a:wireshark:wireshark:1.10.9", "cpe:/a:wireshark:wireshark:1.10.2", "cpe:/a:wireshark:wireshark:1.10.4", "cpe:/a:wireshark:wireshark:1.10.10", "cpe:/a:wireshark:wireshark:1.10.6", "cpe:/a:wireshark:wireshark:1.10.5", "cpe:/a:wireshark:wireshark:1.12.1", "cpe:/a:wireshark:wireshark:1.10.7", "cpe:/a:wireshark:wireshark:1.12.0", "cpe:/a:wireshark:wireshark:1.10.1", "cpe:/a:wireshark:wireshark:1.10.0"], "id": "CVE-2014-8714", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8714", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.10.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.12.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.10:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:01:22", "description": "The decompress_sigcomp_message function in epan/sigcomp-udvm.c in the SigComp UDVM dissector in Wireshark 1.10.x before 1.10.11 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet.", "edition": 3, "cvss3": {}, "published": "2014-11-23T02:59:00", "title": "CVE-2014-8710", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8710"], "modified": "2018-01-05T02:29:00", "cpe": ["cpe:/a:wireshark:wireshark:1.10.3", "cpe:/a:wireshark:wireshark:1.10.8", "cpe:/a:wireshark:wireshark:1.10.9", "cpe:/a:wireshark:wireshark:1.10.2", "cpe:/a:wireshark:wireshark:1.10.4", "cpe:/a:wireshark:wireshark:1.10.10", "cpe:/a:wireshark:wireshark:1.10.6", "cpe:/a:wireshark:wireshark:1.10.5", "cpe:/a:wireshark:wireshark:1.12.1", "cpe:/a:wireshark:wireshark:1.10.7", "cpe:/a:wireshark:wireshark:1.12.0", "cpe:/a:wireshark:wireshark:1.10.1", "cpe:/a:wireshark:wireshark:1.10.0"], "id": "CVE-2014-8710", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8710", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.10.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.12.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.10.10:*:*:*:*:*:*:*"]}], "redhat": [{"lastseen": "2019-08-13T18:46:19", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8710", "CVE-2014-8711", "CVE-2014-8712", "CVE-2014-8713", "CVE-2014-8714", "CVE-2015-0562", "CVE-2015-0564", "CVE-2015-2189", "CVE-2015-2191"], "description": "Wireshark, previously known as Ethereal, is a network protocol analyzer,\nwhich is used to capture and browse the traffic running on a computer\nnetwork.\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malicious dump file. (CVE-2014-8714, CVE-2014-8712, CVE-2014-8713,\nCVE-2014-8711, CVE-2014-8710, CVE-2015-0562, CVE-2015-0564, CVE-2015-2189,\nCVE-2015-2191)\n\nThis update also fixes the following bugs:\n\n* Previously, the Wireshark tool did not support Advanced Encryption\nStandard Galois/Counter Mode (AES-GCM) cryptographic algorithm. As a\nconsequence, AES-GCM was not decrypted. Support for AES-GCM has been added\nto Wireshark, and AES-GCM is now correctly decrypted. (BZ#1095065)\n\n* Previously, when installing the system using the kickstart method, a\ndependency on the shadow-utils packages was missing from the wireshark\npackages, which could cause the installation to fail with a \"bad scriptlet\"\nerror message. With this update, shadow-utils are listed as required in the\nwireshark packages spec file, and kickstart installation no longer fails.\n(BZ#1121275)\n\n* Prior to this update, the Wireshark tool could not decode types of\nelliptic curves in Datagram Transport Layer Security (DTLS) Client Hello.\nConsequently, Wireshark incorrectly displayed elliptic curves types as\ndata. A patch has been applied to address this bug, and Wireshark now\ndecodes elliptic curves types properly. (BZ#1131203)\n\n* Previously, a dependency on the gtk2 packages was missing from the\nwireshark packages. As a consequence, the Wireshark tool failed to start\nunder certain circumstances due to an unresolved symbol,\n\"gtk_combo_box_text_new_with_entry\", which was added in gtk version 2.24.\nWith this update, a dependency on gtk2 has been added, and Wireshark now\nalways starts as expected. (BZ#1160388)\n\nIn addition, this update adds the following enhancements:\n\n* With this update, the Wireshark tool supports process substitution, which\nfeeds the output of a process (or processes) into the standard input of\nanother process using the \"<(command_list)\" syntax. When using process\nsubstitution with large files as input, Wireshark failed to decode such\ninput. (BZ#1104210)\n\n* Wireshark has been enhanced to enable capturing packets with nanosecond\ntime stamp precision, which allows better analysis of recorded network\ntraffic. (BZ#1146578)\n\nAll wireshark users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements. All running instances of Wireshark must be restarted for the\nupdate to take effect.\n", "modified": "2018-06-06T20:24:32", "published": "2015-07-22T04:00:00", "id": "RHSA-2015:1460", "href": "https://access.redhat.com/errata/RHSA-2015:1460", "type": "redhat", "title": "(RHSA-2015:1460) Moderate: wireshark security, bug fix, and enhancement update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:46:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8710", "CVE-2014-8711", "CVE-2014-8712", "CVE-2014-8713", "CVE-2014-8714", "CVE-2015-0562", "CVE-2015-0563", "CVE-2015-0564", "CVE-2015-2188", "CVE-2015-2189", "CVE-2015-2191", "CVE-2015-3182", "CVE-2015-3810", "CVE-2015-3811", "CVE-2015-3812", "CVE-2015-3813", "CVE-2015-6243", "CVE-2015-6244", "CVE-2015-6245", "CVE-2015-6246", "CVE-2015-6248"], "description": "The wireshark packages contain a network protocol analyzer used to capture\nand browse the traffic running on a computer network.\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malicious dump file. (CVE-2015-2188, CVE-2015-2189, CVE-2015-2191,\nCVE-2015-3810, CVE-2015-3811, CVE-2015-3812, CVE-2015-3813, CVE-2014-8710,\nCVE-2014-8711, CVE-2014-8712, CVE-2014-8713, CVE-2014-8714, CVE-2015-0562,\nCVE-2015-0563, CVE-2015-0564, CVE-2015-3182, CVE-2015-6243, CVE-2015-6244,\nCVE-2015-6245, CVE-2015-6246, CVE-2015-6248)\n\nThe CVE-2015-3182 issue was discovered by Martin \u017dember of Red Hat.\n\nThe wireshark packages have been upgraded to upstream version 1.10.14,\nwhich provides a number of bug fixes and enhancements over the previous\nversion. (BZ#1238676)\n\nThis update also fixes the following bug:\n\n* Prior to this update, when using the tshark utility to capture packets\nover the interface, tshark failed to create output files in the .pcap\nformat even if it was specified using the \"-F\" option. This bug has been\nfixed, the \"-F\" option is now honored, and the result saved in the .pcap\nformat as expected. (BZ#1227199)\n\nIn addition, this update adds the following enhancement:\n\n* Previously, wireshark included only microseconds in the .pcapng format.\nWith this update, wireshark supports nanosecond time stamp precision to\nallow for more accurate time stamps. (BZ#1213339)\n\nAll wireshark users are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements. All running instances of\nWireshark must be restarted for the update to take effect.", "modified": "2018-04-12T03:32:44", "published": "2015-11-19T18:43:56", "id": "RHSA-2015:2393", "href": "https://access.redhat.com/errata/RHSA-2015:2393", "type": "redhat", "title": "(RHSA-2015:2393) Moderate: wireshark security, bug fix, and enhancement update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:28:40", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-2189", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-0564", "CVE-2014-8711", "CVE-2015-2191"], "description": "**CentOS Errata and Security Advisory** CESA-2015:1460\n\n\nWireshark, previously known as Ethereal, is a network protocol analyzer,\nwhich is used to capture and browse the traffic running on a computer\nnetwork.\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malicious dump file. (CVE-2014-8714, CVE-2014-8712, CVE-2014-8713,\nCVE-2014-8711, CVE-2014-8710, CVE-2015-0562, CVE-2015-0564, CVE-2015-2189,\nCVE-2015-2191)\n\nThis update also fixes the following bugs:\n\n* Previously, the Wireshark tool did not support Advanced Encryption\nStandard Galois/Counter Mode (AES-GCM) cryptographic algorithm. As a\nconsequence, AES-GCM was not decrypted. Support for AES-GCM has been added\nto Wireshark, and AES-GCM is now correctly decrypted. (BZ#1095065)\n\n* Previously, when installing the system using the kickstart method, a\ndependency on the shadow-utils packages was missing from the wireshark\npackages, which could cause the installation to fail with a \"bad scriptlet\"\nerror message. With this update, shadow-utils are listed as required in the\nwireshark packages spec file, and kickstart installation no longer fails.\n(BZ#1121275)\n\n* Prior to this update, the Wireshark tool could not decode types of\nelliptic curves in Datagram Transport Layer Security (DTLS) Client Hello.\nConsequently, Wireshark incorrectly displayed elliptic curves types as\ndata. A patch has been applied to address this bug, and Wireshark now\ndecodes elliptic curves types properly. (BZ#1131203)\n\n* Previously, a dependency on the gtk2 packages was missing from the\nwireshark packages. As a consequence, the Wireshark tool failed to start\nunder certain circumstances due to an unresolved symbol,\n\"gtk_combo_box_text_new_with_entry\", which was added in gtk version 2.24.\nWith this update, a dependency on gtk2 has been added, and Wireshark now\nalways starts as expected. (BZ#1160388)\n\nIn addition, this update adds the following enhancements:\n\n* With this update, the Wireshark tool supports process substitution, which\nfeeds the output of a process (or processes) into the standard input of\nanother process using the \"<(command_list)\" syntax. When using process\nsubstitution with large files as input, Wireshark failed to decode such\ninput. (BZ#1104210)\n\n* Wireshark has been enhanced to enable capturing packets with nanosecond\ntime stamp precision, which allows better analysis of recorded network\ntraffic. (BZ#1146578)\n\nAll wireshark users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements. All running instances of Wireshark must be restarted for the\nupdate to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2015-July/008224.html\n\n**Affected packages:**\nwireshark\nwireshark-devel\nwireshark-gnome\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-1460.html", "edition": 3, "modified": "2015-07-26T14:12:34", "published": "2015-07-26T14:12:34", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2015-July/008224.html", "id": "CESA-2015:1460", "title": "wireshark security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-12-20T18:24:42", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-3813", "CVE-2015-0563", "CVE-2015-2189", "CVE-2015-6243", "CVE-2015-6246", "CVE-2015-6245", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-3182", "CVE-2015-0564", "CVE-2015-2188", "CVE-2014-8711", "CVE-2015-3810", "CVE-2015-3812", "CVE-2015-6244", "CVE-2015-6248", "CVE-2015-2191", "CVE-2015-3811"], "description": "**CentOS Errata and Security Advisory** CESA-2015:2393\n\n\nThe wireshark packages contain a network protocol analyzer used to capture\nand browse the traffic running on a computer network.\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malicious dump file. (CVE-2015-2188, CVE-2015-2189, CVE-2015-2191,\nCVE-2015-3810, CVE-2015-3811, CVE-2015-3812, CVE-2015-3813, CVE-2014-8710,\nCVE-2014-8711, CVE-2014-8712, CVE-2014-8713, CVE-2014-8714, CVE-2015-0562,\nCVE-2015-0563, CVE-2015-0564, CVE-2015-3182, CVE-2015-6243, CVE-2015-6244,\nCVE-2015-6245, CVE-2015-6246, CVE-2015-6248)\n\nThe CVE-2015-3182 issue was discovered by Martin \u017dember of Red Hat.\n\nThe wireshark packages have been upgraded to upstream version 1.10.14,\nwhich provides a number of bug fixes and enhancements over the previous\nversion. (BZ#1238676)\n\nThis update also fixes the following bug:\n\n* Prior to this update, when using the tshark utility to capture packets\nover the interface, tshark failed to create output files in the .pcap\nformat even if it was specified using the \"-F\" option. This bug has been\nfixed, the \"-F\" option is now honored, and the result saved in the .pcap\nformat as expected. (BZ#1227199)\n\nIn addition, this update adds the following enhancement:\n\n* Previously, wireshark included only microseconds in the .pcapng format.\nWith this update, wireshark supports nanosecond time stamp precision to\nallow for more accurate time stamps. (BZ#1213339)\n\nAll wireshark users are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements. All running instances of\nWireshark must be restarted for the update to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2015-November/008875.html\n\n**Affected packages:**\nwireshark\nwireshark-devel\nwireshark-gnome\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-2393.html", "edition": 3, "modified": "2015-11-30T19:55:40", "published": "2015-11-30T19:55:40", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2015-November/008875.html", "id": "CESA-2015:2393", "title": "wireshark security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:37:24", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-2189", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-0564", "CVE-2014-8711", "CVE-2015-2191"], "description": "[1.8.10-17.0.2]\n- Fix ocfs2 dissector (John Haxby) [orabug 21505640]\n[1.8.10-17.0.1.el6]\n- Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect\n[1.8.10-17]\n- security patches\n- Resolves: CVE-2015-2189\n CVE-2015-2191\n[1.8.10-16]\n- security patches\n- Resolves: CVE-2014-8710\n CVE-2014-8711\n CVE-2014-8712\n CVE-2014-8713\n CVE-2014-8714\n CVE-2015-0562\n CVE-2015-0564\n[1.8.10-15]\n- fix AES-GCM decoding\n- Related: rhbz#1095065\n[1.8.10-14]\n- fix requires: shadow-utils\n- Resolves: rhbz#1121275\n[1.8.10-13]\n- add elliptic curves decoding in DTLS HELLO\n- Resolves: rhbz#1131203\n[1.8.10-12]\n- add AES-GCM decryption\n- Resolves: rhbz#1095065\n[1.8.10-11]\n- fix reading from pipes\n- Resolves: rhbz#1104210\n[1.8.10-10]\n- introduced nanosecond time precision\n- Resolves: rhbz#1146578\n[1.8.10-9]\n- fix gtk2 required version\n- Resolves: rhbz#1160388", "edition": 4, "modified": "2015-07-28T00:00:00", "published": "2015-07-28T00:00:00", "id": "ELSA-2015-1460", "href": "http://linux.oracle.com/errata/ELSA-2015-1460.html", "title": "wireshark security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:39", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-3813", "CVE-2015-0563", "CVE-2015-2189", "CVE-2015-6243", "CVE-2015-6246", "CVE-2015-6245", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-3182", "CVE-2015-0564", "CVE-2015-2188", "CVE-2014-8711", "CVE-2015-3810", "CVE-2015-3812", "CVE-2015-6244", "CVE-2015-6248", "CVE-2015-2191", "CVE-2015-3811"], "description": "[1.10.14-7.0.1]\n- Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect\n[1.10.14-7]\n- Rebase some tvbuff API from upstream to 1.10.14\n- Fixes crash when tvb_length_remaining() is used\n- Related: CVE-2015-6244\n[1.10.14-6]\n- Security patch\n- Resolves: CVE-2015-3182\n[1.10.14-5]\n- Fix crash caused by -DGDK_PIXBUF_DEPRECATED on startup\n- Resolves: rhbz#1267959\n[1.10.14-4]\n- Security patches\n- Resolves: CVE-2015-6243\n CVE-2015-6244\n CVE-2015-6245\n CVE-2015-6246\n CVE-2015-6248\n[1.10.14-3]\n- Security patches\n- Resolves: CVE-2015-3810\n CVE-2015-3813\n[1.10.14-2]\n- Add certificate verify message decoding in TLS extension\n- Resolves: #1239150\n[1.10.14-1]\n- Upgrade to 1.10.14\n- Resolves: #1238676\n[1.10.3-20]\n- add master secret extension decoding in TLS extension\n- add encrypt-then-mac extension decoding in TLS extension\n- Resolves: #1222901\n[1.10.3-19]\n- create pcap file if -F pcap specified\n- Resolves: #1227199\n[1.10.3-18]\n- add key exchange algorithms decoding in TLS extension\n- Resolves: #1222600\n[1.10.3-17]\n- add signature algorithms decoding in TLS extension\n- Resolves: #1221701\n[1.10.3-16]\n- add relro check\n- Resolves: #1092532\n[1.10.3-15]\n- add elliptic curves decoding in DTLS HELLO\n- Resolves: #1131202\n[1.10.3-14]\n- introduced nanosecond time precision\n- Resolves: #1213339\n[1.10.3-13]\n- security patches\n- Resolves: #1148267", "edition": 4, "modified": "2015-11-23T00:00:00", "published": "2015-11-23T00:00:00", "id": "ELSA-2015-2393", "href": "http://linux.oracle.com/errata/ELSA-2015-2393.html", "title": "wireshark security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "amazon": [{"lastseen": "2020-11-10T12:37:39", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-2189", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-0564", "CVE-2014-8711", "CVE-2015-2191"], "description": "**Issue Overview:**\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. ([CVE-2014-8714 __](<https://access.redhat.com/security/cve/CVE-2014-8714>), [CVE-2014-8712 __](<https://access.redhat.com/security/cve/CVE-2014-8712>), [CVE-2014-8713 __](<https://access.redhat.com/security/cve/CVE-2014-8713>), [CVE-2014-8711 __](<https://access.redhat.com/security/cve/CVE-2014-8711>), [CVE-2014-8710 __](<https://access.redhat.com/security/cve/CVE-2014-8710>), [CVE-2015-0562 __](<https://access.redhat.com/security/cve/CVE-2015-0562>), [CVE-2015-0564 __](<https://access.redhat.com/security/cve/CVE-2015-0564>), [CVE-2015-2189 __](<https://access.redhat.com/security/cve/CVE-2015-2189>), [CVE-2015-2191 __](<https://access.redhat.com/security/cve/CVE-2015-2191>))\n\n \n**Affected Packages:** \n\n\nwireshark\n\n \n**Issue Correction:** \nRun _yum update wireshark_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n wireshark-debuginfo-1.8.10-17.19.amzn1.i686 \n wireshark-1.8.10-17.19.amzn1.i686 \n wireshark-devel-1.8.10-17.19.amzn1.i686 \n \n src: \n wireshark-1.8.10-17.19.amzn1.src \n \n x86_64: \n wireshark-debuginfo-1.8.10-17.19.amzn1.x86_64 \n wireshark-1.8.10-17.19.amzn1.x86_64 \n wireshark-devel-1.8.10-17.19.amzn1.x86_64 \n \n \n", "edition": 3, "modified": "2015-08-17T12:29:00", "published": "2015-08-17T12:29:00", "id": "ALAS-2015-580", "href": "https://alas.aws.amazon.com/ALAS-2015-580.html", "title": "Medium: wireshark", "type": "amazon", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oracle": [{"lastseen": "2020-10-04T21:16:00", "bulletinFamily": "software", "cvelist": ["CVE-2003-1418", "CVE-2013-0248", "CVE-2013-0255", "CVE-2013-1900", "CVE-2013-1902", "CVE-2013-1903", "CVE-2013-2566", "CVE-2014-0050", "CVE-2014-0060", "CVE-2014-0061", "CVE-2014-0062", "CVE-2014-0063", "CVE-2014-0064", "CVE-2014-0065", "CVE-2014-0066", "CVE-2014-0076", "CVE-2014-0107", "CVE-2014-0114", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-3470", "CVE-2014-3538", "CVE-2014-3569", "CVE-2014-3570", "CVE-2014-3571", "CVE-2014-3572", "CVE-2014-3587", "CVE-2014-3613", "CVE-2014-3707", "CVE-2014-4342", "CVE-2014-4345", "CVE-2014-8275", "CVE-2014-8713", "CVE-2014-8714", "CVE-2015-0204", "CVE-2015-0205", "CVE-2015-0206", "CVE-2015-0207", "CVE-2015-0208", "CVE-2015-0209", "CVE-2015-0235", "CVE-2015-0285", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0290", "CVE-2015-0291", "CVE-2015-0292", "CVE-2015-0293", "CVE-2015-0899", "CVE-2015-1787", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-1793", "CVE-2015-2808", "CVE-2015-3193", "CVE-2015-3194", "CVE-2015-3195", "CVE-2015-3196", "CVE-2015-3197", "CVE-2015-3253", "CVE-2015-4852", "CVE-2015-5254", "CVE-2015-5351", "CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183", "CVE-2015-7501", "CVE-2015-7575", "CVE-2015-7940", "CVE-2016-0635", "CVE-2016-0701", "CVE-2016-0706", "CVE-2016-0714", "CVE-2016-0763", "CVE-2016-10165", "CVE-2016-1181", "CVE-2016-1182", "CVE-2016-1950", "CVE-2016-1979", "CVE-2016-2107", "CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-2381", "CVE-2016-2834", "CVE-2016-3092", "CVE-2016-3506", "CVE-2016-5019", "CVE-2016-5285", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6305", "CVE-2016-6306", "CVE-2016-6307", "CVE-2016-6308", "CVE-2016-6515", "CVE-2016-6814", "CVE-2016-6816", "CVE-2016-7052", "CVE-2016-7055", "CVE-2016-7429", "CVE-2016-7431", "CVE-2016-7433", "CVE-2016-8735", "CVE-2016-8745", "CVE-2016-9840", "CVE-2016-9841", "CVE-2016-9842", "CVE-2016-9843", "CVE-2017-10014", "CVE-2017-10026", "CVE-2017-10033", "CVE-2017-10034", "CVE-2017-10037", "CVE-2017-10050", "CVE-2017-10051", "CVE-2017-10054", "CVE-2017-10055", "CVE-2017-10060", "CVE-2017-10065", "CVE-2017-10066", "CVE-2017-10077", "CVE-2017-10099", "CVE-2017-10152", "CVE-2017-10153", "CVE-2017-10154", "CVE-2017-10155", "CVE-2017-10158", "CVE-2017-10159", "CVE-2017-10161", "CVE-2017-10162", "CVE-2017-10163", "CVE-2017-10164", "CVE-2017-10165", "CVE-2017-10166", "CVE-2017-10167", "CVE-2017-10190", "CVE-2017-10194", "CVE-2017-10197", "CVE-2017-10203", "CVE-2017-10227", "CVE-2017-10259", "CVE-2017-10260", "CVE-2017-10261", "CVE-2017-10263", "CVE-2017-10264", "CVE-2017-10265", "CVE-2017-10268", "CVE-2017-10270", "CVE-2017-10271", "CVE-2017-10274", "CVE-2017-10275", "CVE-2017-10276", "CVE-2017-10277", "CVE-2017-10279", "CVE-2017-10280", "CVE-2017-10281", "CVE-2017-10283", "CVE-2017-10284", "CVE-2017-10285", "CVE-2017-10286", "CVE-2017-10287", "CVE-2017-10292", "CVE-2017-10293", "CVE-2017-10294", "CVE-2017-10295", "CVE-2017-10296", "CVE-2017-10299", "CVE-2017-10300", "CVE-2017-10302", "CVE-2017-10303", "CVE-2017-10304", "CVE-2017-10306", "CVE-2017-10308", "CVE-2017-10309", "CVE-2017-10310", "CVE-2017-10311", "CVE-2017-10312", "CVE-2017-10313", "CVE-2017-10314", "CVE-2017-10315", "CVE-2017-10316", "CVE-2017-10317", "CVE-2017-10318", "CVE-2017-10319", "CVE-2017-10320", "CVE-2017-10321", "CVE-2017-10322", "CVE-2017-10323", "CVE-2017-10324", "CVE-2017-10325", "CVE-2017-10326", "CVE-2017-10327", "CVE-2017-10328", "CVE-2017-10329", "CVE-2017-10330", "CVE-2017-10331", "CVE-2017-10332", "CVE-2017-10333", "CVE-2017-10334", "CVE-2017-10335", "CVE-2017-10336", "CVE-2017-10337", "CVE-2017-10338", "CVE-2017-10339", "CVE-2017-10340", "CVE-2017-10341", "CVE-2017-10342", "CVE-2017-10343", "CVE-2017-10344", "CVE-2017-10345", "CVE-2017-10346", "CVE-2017-10347", "CVE-2017-10348", "CVE-2017-10349", "CVE-2017-10350", "CVE-2017-10351", "CVE-2017-10352", "CVE-2017-10353", "CVE-2017-10354", "CVE-2017-10355", "CVE-2017-10356", "CVE-2017-10357", "CVE-2017-10358", "CVE-2017-10359", "CVE-2017-10360", "CVE-2017-10361", "CVE-2017-10362", "CVE-2017-10363", "CVE-2017-10364", "CVE-2017-10365", "CVE-2017-10366", "CVE-2017-10367", "CVE-2017-10368", "CVE-2017-10369", "CVE-2017-10370", "CVE-2017-10372", "CVE-2017-10373", "CVE-2017-10375", "CVE-2017-10378", "CVE-2017-10379", "CVE-2017-10380", "CVE-2017-10381", "CVE-2017-10382", "CVE-2017-10383", "CVE-2017-10384", "CVE-2017-10385", "CVE-2017-10386", "CVE-2017-10387", "CVE-2017-10388", "CVE-2017-10389", "CVE-2017-10391", "CVE-2017-10392", "CVE-2017-10393", "CVE-2017-10394", "CVE-2017-10395", "CVE-2017-10396", "CVE-2017-10397", "CVE-2017-10398", "CVE-2017-10399", "CVE-2017-10400", "CVE-2017-10401", "CVE-2017-10402", "CVE-2017-10403", "CVE-2017-10404", "CVE-2017-10405", "CVE-2017-10406", "CVE-2017-10407", "CVE-2017-10408", "CVE-2017-10409", "CVE-2017-10410", "CVE-2017-10411", "CVE-2017-10412", "CVE-2017-10413", "CVE-2017-10414", "CVE-2017-10415", "CVE-2017-10416", "CVE-2017-10417", "CVE-2017-10418", "CVE-2017-10419", "CVE-2017-10420", "CVE-2017-10421", "CVE-2017-10422", "CVE-2017-10423", "CVE-2017-10424", "CVE-2017-10425", "CVE-2017-10426", "CVE-2017-10427", "CVE-2017-10428", "CVE-2017-3167", "CVE-2017-3169", "CVE-2017-3444", "CVE-2017-3445", "CVE-2017-3446", "CVE-2017-3588", "CVE-2017-3730", "CVE-2017-3731", "CVE-2017-3732", "CVE-2017-3733", "CVE-2017-5461", "CVE-2017-5462", "CVE-2017-5662", "CVE-2017-5664", "CVE-2017-5706", "CVE-2017-5709", "CVE-2017-7502", "CVE-2017-7668", "CVE-2017-7679", "CVE-2017-9788", "CVE-2017-9805"], "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\nCritical Patch Updates and Security Alerts for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 252 new security fixes across the product families listed below. Please note that a MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ October 2017 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/epmos/faces/DocumentDisplay?_afrLoop=187793594395974id=2310031.1>).\n\nPlease note that on September 22, 2017, Oracle released Security Alert for CVE-2017-9805. Customers of affected Oracle product(s) are strongly advised to apply the fixes that were announced in this Security Alert as well as those contained in this Critical Patch update\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available here.\n", "modified": "2018-02-15T00:00:00", "published": "2017-10-17T00:00:00", "id": "ORACLE:CPUOCT2017", "href": "", "type": "oracle", "title": "Oracle Critical Patch Update - October 2017", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:21:17", "bulletinFamily": "software", "cvelist": ["CVE-2017-10324", "CVE-2017-10167", "CVE-2017-10014", "CVE-2017-10417", "CVE-2017-10037", "CVE-2015-5351", "CVE-2015-5254", "CVE-2017-10270", "CVE-2017-10387", "CVE-2017-10360", "CVE-2015-1792", "CVE-2017-10321", "CVE-2017-10060", "CVE-2015-0235", "CVE-2015-1793", "CVE-2017-10404", "CVE-2017-10311", "CVE-2017-10421", "CVE-2017-10353", "CVE-2017-10260", "CVE-2017-10203", "CVE-2016-9840", "CVE-2017-10419", "CVE-2017-10424", "CVE-2017-10399", "CVE-2017-10293", "CVE-2015-3197", "CVE-2017-10299", "CVE-2017-10158", "CVE-2017-10379", "CVE-2017-10414", "CVE-2017-10054", "CVE-2017-10357", "CVE-2017-10197", "CVE-2017-10361", "CVE-2017-10356", "CVE-2016-5019", "CVE-2017-10322", "CVE-2017-10323", "CVE-2017-10066", "CVE-2014-3572", "CVE-2017-5709", "CVE-2016-6306", "CVE-2017-5462", "CVE-2014-3613", "CVE-2017-7502", "CVE-2015-7181", "CVE-2015-0206", "CVE-2017-10369", "CVE-2015-1789", "CVE-2016-2183", "CVE-2017-10349", "CVE-2017-10284", "CVE-2017-10294", "CVE-2017-10325", "CVE-2017-10416", "CVE-2015-0286", "CVE-2017-10341", "CVE-2017-10420", "CVE-2017-10418", "CVE-2017-10367", "CVE-2016-2178", "CVE-2017-10164", "CVE-2013-1903", "CVE-2017-10400", "CVE-2017-3167", "CVE-2017-10281", "CVE-2015-3195", "CVE-2017-10351", "CVE-2017-10359", "CVE-2017-10381", "CVE-2017-10406", "CVE-2017-10348", "CVE-2017-10372", "CVE-2014-8714", "CVE-2017-10034", "CVE-2017-10328", "CVE-2016-0714", "CVE-2016-3092", "CVE-2014-3571", "CVE-2017-10397", "CVE-2017-10388", "CVE-2017-10330", "CVE-2017-10407", "CVE-2014-0076", "CVE-2017-10033", "CVE-2017-10342", "CVE-2017-10415", "CVE-2017-10408", "CVE-2016-6302", "CVE-2017-10344", "CVE-2017-10354", "CVE-2017-10338", "CVE-2017-10296", "CVE-2017-10292", "CVE-2017-10402", "CVE-2014-3587", "CVE-2017-10306", "CVE-2017-10365", "CVE-2017-10337", "CVE-2017-10426", "CVE-2016-8745", "CVE-2016-2177", "CVE-2017-10380", "CVE-2015-0288", "CVE-2017-10332", "CVE-2017-10378", "CVE-2014-0224", "CVE-2017-10026", "CVE-2017-10276", "CVE-2016-0635", "CVE-2017-10409", "CVE-2017-10166", "CVE-2017-10427", "CVE-2017-10422", "CVE-2015-3194", "CVE-2017-10355", "CVE-2017-10163", "CVE-2016-6515", "CVE-2017-10326", "CVE-2015-0285", "CVE-2016-2107", "CVE-2017-10153", "CVE-2016-7055", "CVE-2017-10382", "CVE-2015-7501", "CVE-2017-10364", "CVE-2017-10319", "CVE-2015-3253", "CVE-2017-3731", "CVE-2016-6307", "CVE-2016-0701", "CVE-2017-10398", "CVE-2017-10051", "CVE-2017-10308", "CVE-2017-10320", "CVE-2017-10287", "CVE-2017-10412", "CVE-2017-10334", "CVE-2016-9842", "CVE-2016-2834", "CVE-2017-10283", "CVE-2015-0899", "CVE-2017-10152", "CVE-2017-10264", "CVE-2016-1182", "CVE-2014-0065", "CVE-2016-0763", "CVE-2015-0207", "CVE-2017-10155", "CVE-2017-10271", "CVE-2017-10286", "CVE-2017-10304", "CVE-2016-6308", "CVE-2016-6816", "CVE-2016-7433", "CVE-2014-4342", "CVE-2017-5662", "CVE-2014-8275", "CVE-2016-2180", "CVE-2017-10411", "CVE-2017-10313", "CVE-2017-10194", "CVE-2015-7182", "CVE-2015-0208", "CVE-2015-2808", "CVE-2017-10347", "CVE-2014-3570", "CVE-2017-10227", "CVE-2015-7575", "CVE-2017-10370", "CVE-2017-10261", "CVE-2017-10425", "CVE-2017-5706", "CVE-2015-3196", "CVE-2017-10428", "CVE-2014-3470", "CVE-2017-10362", "CVE-2017-10309", "CVE-2016-2181", "CVE-2017-10391", "CVE-2016-6304", "CVE-2015-3193", "CVE-2017-10263", "CVE-2014-3538", "CVE-2017-10403", "CVE-2014-0114", "CVE-2017-10159", "CVE-2017-10410", "CVE-2017-3732", "CVE-2017-10383", "CVE-2017-10339", "CVE-2017-10340", "CVE-2014-0050", "CVE-2017-10327", "CVE-2017-10396", "CVE-2017-10300", "CVE-2014-3707", "CVE-2014-0064", "CVE-2017-10343", "CVE-2015-0293", "CVE-2017-10165", "CVE-2017-10316", "CVE-2017-3445", "CVE-2017-10373", "CVE-2016-1979", "CVE-2017-10363", "CVE-2017-10352", "CVE-2016-2381", "CVE-2014-8713", "CVE-2017-10279", "CVE-2015-7183", "CVE-2013-0255", "CVE-2017-10314", "CVE-2017-9805", "CVE-2015-1788", "CVE-2017-10055", "CVE-2014-0195", "CVE-2014-0198", "CVE-2017-10161", "CVE-2016-7052", "CVE-2015-0209", "CVE-2014-0063", "CVE-2016-1950", "CVE-2017-10333", "CVE-2015-0204", "CVE-2016-0706", "CVE-2013-0248", "CVE-2017-3733", "CVE-2017-5664", "CVE-2017-10312", "CVE-2017-10366", "CVE-2014-0060", "CVE-2017-10318", "CVE-2016-7429", "CVE-2016-1181", "CVE-2017-10268", "CVE-2017-10285", "CVE-2017-3446", "CVE-2017-10392", "CVE-2017-10413", "CVE-2016-9843", "CVE-2013-2566", "CVE-2016-8735", "CVE-2015-1790", "CVE-2017-10394", "CVE-2017-9788", "CVE-2017-10350", "CVE-2016-6305", "CVE-2016-6303", "CVE-2017-10275", "CVE-2017-10274", "CVE-2017-10190", "CVE-2013-1902", "CVE-2017-10315", "CVE-2015-0291", "CVE-2017-10317", "CVE-2017-10389", "CVE-2017-10385", "CVE-2017-10154", "CVE-2017-10395", "CVE-2017-3588", "CVE-2014-4345", "CVE-2017-10162", "CVE-2003-1418", "CVE-2016-2182", "CVE-2017-10358", "CVE-2017-10310", "CVE-2017-10077", "CVE-2017-10346", "CVE-2014-0062", "CVE-2017-10401", "CVE-2015-0287", "CVE-2017-7668", "CVE-2017-3444", "CVE-2017-10295", "CVE-2017-10393", "CVE-2017-10423", "CVE-2017-10280", "CVE-2017-5461", "CVE-2016-10165", "CVE-2014-0066", "CVE-2015-0289", "CVE-2016-9841", "CVE-2015-7940", "CVE-2017-3169", "CVE-2017-10065", "CVE-2016-5285", "CVE-2017-10368", "CVE-2015-0292", "CVE-2017-10375", "CVE-2017-10384", "CVE-2014-0107", "CVE-2017-10050", "CVE-2016-3506", "CVE-2017-10345", "CVE-2017-10303", "CVE-2017-10302", "CVE-2017-10259", "CVE-2017-10265", "CVE-2015-0290", "CVE-2017-3730", "CVE-2015-0205", "CVE-2017-10329", "CVE-2016-2179", "CVE-2017-10405", "CVE-2017-10277", "CVE-2016-6814", "CVE-2013-1900", "CVE-2015-1787", "CVE-2015-4852", "CVE-2014-0061", "CVE-2014-3569", "CVE-2017-10386", "CVE-2015-1791", "CVE-2017-10336", "CVE-2017-10335", "CVE-2016-7431", "CVE-2017-7679", "CVE-2014-0221", "CVE-2017-10331", "CVE-2017-10099"], "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 252 new security fixes across the product families listed below. Please note that a MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ October 2017 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2310031.1>).\n\nPlease note that on September 22, 2017, Oracle released [Security Alert for CVE-2017-9805](<http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html>). Customers of affected Oracle product(s) are strongly advised to apply the fixes that were announced in this Security Alert as well as those contained in this Critical Patch update\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available [here](<http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>).\n", "modified": "2018-02-15T00:00:00", "published": "2017-10-17T00:00:00", "id": "ORACLE:CPUOCT2017-3236626", "href": "", "type": "oracle", "title": "Oracle Critical Patch Update - October 2017", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
