Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2008:0058
HistoryJan 21, 2008 - 5:15 p.m.

libsmi, wireshark security update

2008-01-2117:15:49
CentOS Project
lists.centos.org
45

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.072 Low

EPSS

Percentile

93.9%

JSON

CentOS Errata and Security Advisory CESA-2008:0058

Wireshark is a program for monitoring network traffic. Wireshark was
previously known as Ethereal.

Several flaws were found in Wireshark. Wireshark could crash or possibly
execute arbitrary code as the user running Wireshark if it read a malformed
packet off the network. (CVE-2007-6112, CVE-2007-6114, CVE-2007-6115,
CVE-2007-6117)

Several denial of service bugs were found in Wireshark. Wireshark could
crash or stop responding if it read a malformed packet off the network.
(CVE-2007-6111, CVE-2007-6113, CVE-2007-6116, CVE-2007-6118, CVE-2007-6119,
CVE-2007-6120, CVE-2007-6121, CVE-2007-6438, CVE-2007-6439, CVE-2007-6441,
CVE-2007-6450, CVE-2007-6451)

As well, Wireshark switched from using net-snmp to libsmi, which is
included in this errata.

Users of wireshark should upgrade to these updated packages, which contain
Wireshark version 0.99.7, and resolve these issues.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2008-January/076797.html
https://lists.centos.org/pipermail/centos-announce/2008-January/076798.html
https://lists.centos.org/pipermail/centos-announce/2008-January/076800.html
https://lists.centos.org/pipermail/centos-announce/2008-January/076806.html
https://lists.centos.org/pipermail/centos-announce/2008-January/076814.html
https://lists.centos.org/pipermail/centos-announce/2008-January/076815.html

Affected packages:
libsmi
libsmi-devel
wireshark
wireshark-gnome

Upstream details at:
https://access.redhat.com/errata/RHSA-2008:0058

Related

openvas 29
nessus 15
oraclelinux 1
redhat 2
altlinux 1
gentoo 1
freebsd 1
fedora 2
osv 2
securityvulns 3
debian 2
centos 1
prion 26
debiancve 16
ubuntucve 16
cve 26
veracode 16
openvas
openvas
Gentoo Security Advisory GLSA 200712-23 (wireshark)
2008-09-24 00:00:00
RedHat Update for wireshark RHSA-2008:0058-01
2009-03-06 00:00:00
RedHat Update for wireshark RHSA-2008:0058-01
2009-03-06 00:00:00
nessus
nessus
CentOS 4 / 5 : wireshark (CESA-2008:0058)
2010-01-06 00:00:00
Oracle Linux 4 / 5 : wireshark (ELSA-2008-0058)
2013-07-12 00:00:00
Debian DSA-1446-1 : wireshark - several vulnerabilities
2008-01-04 00:00:00
oraclelinux
oraclelinux
Moderate: wireshark security update
2008-01-22 00:00:00
redhat
redhat
(RHSA-2008:0058) Moderate: wireshark security update
2008-01-21 00:00:00
(RHSA-2008:0059) Moderate: wireshark security update
2008-01-21 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package wireshark version 0.99.7-alt1
2007-12-23 00:00:00
gentoo
gentoo
Wireshark: Multiple vulnerabilities
2007-12-30 00:00:00
freebsd
freebsd
wireshark -- multiple vulnerabilities
2007-12-19 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: wireshark-0.99.7-1.fc7
2007-12-21 21:09:16
[SECURITY] Fedora 8 Update: wireshark-0.99.7-2.fc8
2007-12-20 19:51:33
osv
osv
wireshark - several vulnerabilities
2007-11-27 00:00:00
wireshark denial of service
2008-01-03 00:00:00
securityvulns
securityvulns
WireShark sniffer multiple security vulnerabilities
2007-11-29 00:00:00
[SECURITY] [DSA 1414-1] New wireshark packages fix several vulnerabilities
2007-11-29 00:00:00
Wireshark multiple security vulnerabilities
2008-01-04 00:00:00
debian
debian
[SECURITY] [DSA 1414-1] New wireshark packages fix several vulnerabilities
2007-11-27 00:39:25
[SECURITY] [DSA 1446-1] New wireshark packages fix denial of service
2008-01-03 21:31:39
centos
centos
libsmi, wireshark security update
2008-01-21 15:05:11
prion
prion
Code injection
2007-12-19 22:46:00
Code injection
2007-12-19 22:46:00
Code injection
2007-11-23 20:46:00
debiancve
debiancve
CVE-2007-6439
2007-12-19 22:46:00
CVE-2007-6438
2007-12-19 22:46:00
CVE-2007-6118
2007-11-23 20:46:00
ubuntucve
ubuntucve
CVE-2007-6439
2007-12-19 00:00:00
CVE-2007-6438
2007-12-19 00:00:00
CVE-2007-6113
2007-11-23 00:00:00
cve
cve
CVE-2007-6439
2007-12-19 22:46:00
CVE-2007-6438
2007-12-19 22:46:00
CVE-2007-6119
2007-11-23 20:46:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:23:14
Denial Of Service (DoS)
2020-04-10 00:23:12
Arbitrary Code Execution
2020-04-10 00:23:11

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.072 Low

EPSS

Percentile

93.9%

JSON
Related for CESA-2008:0058
openvas29nessus15oraclelinux1redhat2altlinux1gentoo1freebsd1fedora2osv2securityvulns3debian2centos1prion26debiancve16ubuntucve16cve26veracode16