Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2008:0059
HistoryJan 21, 2008 - 3:05 p.m.

libsmi, wireshark security update

2008-01-2115:05:11
CentOS Project
lists.centos.org
38

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.031 Low

EPSS

Percentile

91.0%

JSON

CentOS Errata and Security Advisory CESA-2008:0059

Wireshark is a program for monitoring network traffic. Wireshark was
previously known as Ethereal.

Several flaws were found in Wireshark. Wireshark could crash or possibly
execute arbitrary code as the user running Wireshark if it read a malformed
packet off the network. (CVE-2007-6114, CVE-2007-6115, CVE-2007-6117)

Several denial of service bugs were found in Wireshark. Wireshark could
crash or stop responding if it read a malformed packet off the network.
(CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392, CVE-2007-3392,
CVE-2007-3393, CVE-2007-6113, CVE-2007-6118, CVE-2007-6120, CVE-2007-6121,
CVE-2007-6450, CVE-2007-6451)

As well, Wireshark switched from using net-snmp to libsmi, which is
included in this errata.

Users of wireshark should upgrade to these updated packages, which contain
Wireshark version 0.99.7, and resolve these issues.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2008-January/076793.html
https://lists.centos.org/pipermail/centos-announce/2008-January/076794.html
https://lists.centos.org/pipermail/centos-announce/2008-January/076799.html
https://lists.centos.org/pipermail/centos-announce/2008-January/076804.html

Affected packages:
libsmi
libsmi-devel
wireshark
wireshark-gnome

Upstream details at:
https://access.redhat.com/errata/RHSA-2008:0059

Related

openvas 31
redhat 4
nessus 28
debian 3
osv 3
securityvulns 5
seebug 1
centos 2
altlinux 2
oraclelinux 3
gentoo 2
freebsd 2
fedora 2
debiancve 14
veracode 14
prion 23
ubuntucve 14
cve 23
openvas
openvas
CentOS Update for libsmi CESA-2008:0059 centos3 i386
2009-02-27 00:00:00
CentOS Update for libsmi CESA-2008:0059 centos3 i386
2009-02-27 00:00:00
CentOS Update for libsmi CESA-2008:0059 centos3 x86_64
2009-02-27 00:00:00
redhat
redhat
(RHSA-2008:0059) Moderate: wireshark security update
2008-01-21 00:00:00
(RHSA-2007:0710) Low: wireshark security update
2007-11-07 00:00:00
(RHSA-2007:0709) Low: wireshark security and bug fix update
2007-11-15 00:00:00
nessus
nessus
RHEL 3 : wireshark (RHSA-2008:0059)
2008-01-21 00:00:00
CentOS 3 : wireshark (CESA-2008:0059)
2008-01-22 00:00:00
Oracle Linux 3 : wireshark (ELSA-2008-0059)
2013-07-12 00:00:00
debian
debian
[SECURITY] [DSA 1414-1] New wireshark packages fix several vulnerabilities
2007-11-27 00:39:25
[SECURITY] [DSA 1322-1] New wireshark packages fix denial of service
2007-06-27 20:57:25
[SECURITY] [DSA 1446-1] New wireshark packages fix denial of service
2008-01-03 21:31:39
osv
osv
wireshark - several vulnerabilities
2007-11-27 00:00:00
wireshark
2007-06-27 00:00:00
wireshark denial of service
2008-01-03 00:00:00
securityvulns
securityvulns
WireShark sniffer multiple security vulnerabilities
2007-11-29 00:00:00
[SECURITY] [DSA 1414-1] New wireshark packages fix several vulnerabilities
2007-11-29 00:00:00
Wireshark DoS
2007-08-17 00:00:00
seebug
seebug
Wiresharkๅคšไธชๅ่ฎฎๅค„็†ๆจกๅ—่ฟœ็จ‹ๆ‹’็ปๆœๅŠกๆผๆดž
2007-06-29 00:00:00
centos
centos
wireshark security update
2007-11-15 17:20:39
libsmi, wireshark security update
2008-01-21 17:15:49
altlinux
altlinux
Security fix for the ALT Linux 9 package wireshark version 0.99.6-alt1
2007-07-06 00:00:00
Security fix for the ALT Linux 9 package wireshark version 0.99.7-alt1
2007-12-23 00:00:00
oraclelinux
oraclelinux
wireshark security update
2007-11-19 00:00:00
wireshark security and bug fix update
2007-11-27 00:00:00
Moderate: wireshark security update
2008-01-22 00:00:00
gentoo
gentoo
Wireshark: Multiple vulnerabilities
2007-08-16 00:00:00
Wireshark: Multiple vulnerabilities
2007-12-30 00:00:00
freebsd
freebsd
wireshark -- Multiple problems
2007-06-29 00:00:00
wireshark -- multiple vulnerabilities
2007-12-19 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: wireshark-0.99.7-1.fc7
2007-12-21 21:09:16
[SECURITY] Fedora 8 Update: wireshark-0.99.7-2.fc8
2007-12-20 19:51:33
debiancve
debiancve
CVE-2007-6115
2007-11-23 20:46:00
CVE-2007-6118
2007-11-23 20:46:00
CVE-2007-6117
2007-11-23 20:46:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:23:12
Arbitrary Code Execution
2020-04-10 00:23:11
Arbitrary Code Execution
2020-04-10 00:23:11
prion
prion
Design/Logic Flaw
2007-11-23 20:46:00
Buffer overflow
2007-11-23 20:46:00
Buffer overflow
2007-11-23 20:46:00
ubuntucve
ubuntucve
CVE-2007-6115
2007-11-23 00:00:00
CVE-2007-6113
2007-11-23 00:00:00
CVE-2007-6120
2007-11-23 00:00:00
cve
cve
CVE-2007-6115
2007-11-23 20:46:00
CVE-2007-6120
2007-11-23 20:46:00
CVE-2007-3391
2007-06-26 00:30:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.031 Low

EPSS

Percentile

91.0%

JSON
Related for CESA-2008:0059
openvas31redhat4nessus28debian3osv3securityvulns5seebug1centos2altlinux2oraclelinux3gentoo2freebsd2fedora2debiancve14veracode14prion23ubuntucve14cve23