Lucene search

K
debianDebianDEBIAN:DLA-497-1:1FD56
HistoryMay 31, 2016 - 10:22 a.m.

[SECURITY] [DLA 497-1] wireshark security update

2016-05-3110:22:31
lists.debian.org
22

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.3

Confidence

High

EPSS

0.02

Percentile

89.0%

Package : wireshark
Version : 1.12.1+g01b65bf-4+deb8u6~deb7u1
CVE ID : CVE-2012-6052 CVE-2012-6053 CVE-2012-6054 CVE-2012-6055
CVE-2012-6056 CVE-2012-6057 CVE-2012-6058 CVE-2012-6059
CVE-2012-6060 CVE-2012-6061 CVE-2012-6062 CVE-2013-1572
CVE-2013-1573 CVE-2013-1574 CVE-2013-1575 CVE-2013-1576
CVE-2013-1577 CVE-2013-1578 CVE-2013-1579 CVE-2013-1580
CVE-2013-1581 CVE-2013-2476 CVE-2013-2479 CVE-2013-2482
CVE-2013-2485 CVE-2013-2486 CVE-2013-2487 CVE-2013-4079
CVE-2013-4080 CVE-2013-4927 CVE-2013-4929 CVE-2013-4931
CVE-2013-5719 CVE-2013-5721 CVE-2013-6339 CVE-2013-7112
CVE-2015-6243 CVE-2015-6246 CVE-2015-6248 CVE-2016-4006
CVE-2016-4079 CVE-2016-4080 CVE-2016-4081 CVE-2016-4082
CVE-2016-4085

Multiple vulnerabilities were discovered in the dissectors/parsers for
PKTC, IAX2, GSM CBCH and NCP which could result in denial of service.

This update also fixes many older less important issues by updating the
package to the version found in Debian 8 also known as Jessie.

For Debian 7 "Wheezy", these problems have been fixed in version
1.12.1+g01b65bf-4+deb8u6~deb7u1.

We recommend that you upgrade your wireshark packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.3

Confidence

High

EPSS

0.02

Percentile

89.0%