- -------------------------------------------------------------------------
Debian Security Advisory DSA-4359-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
December 27, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : wireshark
CVE ID : CVE-2018-12086 CVE-2018-18225 CVE-2018-18226
CVE-2018-18227 CVE-2018-19622 CVE-2018-19623
CVE-2018-19624 CVE-2018-19625 CVE-2018-19626
CVE-2018-19627 CVE-2018-19628
Multiple vulnerabilities have been discovered in Wireshark, a network
protocol analyzer, which could result in denial of service or the
execution of arbitrary code.
For the stable distribution (stretch), these problems have been fixed in
version 2.6.5-1~deb9u1.
We recommend that you upgrade your wireshark packages.
For the detailed security status of wireshark please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/wireshark
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
{"nessus": [{"lastseen": "2023-05-20T14:42:54", "description": "Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of service or the execution of arbitrary code.", "cvss3": {}, "published": "2018-12-28T00:00:00", "type": "nessus", "title": "Debian DSA-4359-1 : wireshark - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12086", "CVE-2018-18225", "CVE-2018-18226", "CVE-2018-18227", "CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-19627", "CVE-2018-19628"], "modified": "2019-04-05T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:wireshark", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4359.NASL", "href": "https://www.tenable.com/plugins/nessus/119892", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4359. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119892);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/04/05 23:25:05\");\n\n script_cve_id(\"CVE-2018-12086\", \"CVE-2018-18225\", \"CVE-2018-18226\", \"CVE-2018-18227\", \"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\", \"CVE-2018-19628\");\n script_xref(name:\"DSA\", value:\"4359\");\n\n script_name(english:\"Debian DSA-4359-1 : wireshark - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities have been discovered in Wireshark, a network\nprotocol analyzer, which could result in denial of service or the\nexecution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/wireshark\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/wireshark\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4359\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the wireshark packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 2.6.5-1~deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libwireshark-data\", reference:\"2.6.5-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwireshark-dev\", reference:\"2.6.5-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwireshark8\", reference:\"2.6.5-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwiretap-dev\", reference:\"2.6.5-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwiretap6\", reference:\"2.6.5-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwscodecs1\", reference:\"2.6.5-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwsutil-dev\", reference:\"2.6.5-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwsutil7\", reference:\"2.6.5-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"tshark\", reference:\"2.6.5-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark\", reference:\"2.6.5-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark-common\", reference:\"2.6.5-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark-dev\", reference:\"2.6.5-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark-doc\", reference:\"2.6.5-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark-gtk\", reference:\"2.6.5-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark-qt\", reference:\"2.6.5-1~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-23T14:17:11", "description": "The version of Wireshark installed on the remote Windows host is 2.6.x prior to 2.6.5. It is, therefore, affected by multiple vulnerabilities.", "cvss3": {}, "published": "2018-12-05T00:00:00", "type": "nessus", "title": "Wireshark 2.6.x < 2.6.5 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-19627", "CVE-2018-19628"], "modified": "2019-11-01T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_2_6_5.NASL", "href": "https://www.tenable.com/plugins/nessus/119420", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119420);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/11/01\");\n\n script_cve_id(\n \"CVE-2018-19622\",\n \"CVE-2018-19623\",\n \"CVE-2018-19624\",\n \"CVE-2018-19625\",\n \"CVE-2018-19626\",\n \"CVE-2018-19627\",\n \"CVE-2018-19628\"\n );\n script_bugtraq_id(106051);\n\n script_name(english:\"Wireshark 2.6.x < 2.6.5 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Wireshark.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Windows host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote Windows host is\n2.6.x prior to 2.6.5. It is, therefore, affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.6.5.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-51.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-52.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-53.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-54.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-55.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-56.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-57.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 2.6.5 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19628\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"installed_sw/Wireshark\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_info = vcf::get_app_info(app:\"Wireshark\", win_local:TRUE);\n\nconstraints = [\n { \"min_version\" : \"2.6.0\", \"fixed_version\" : \"2.6.5\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:42:57", "description": "The version of Wireshark installed on the remote MacOS/MacOSX host is 2.6.x prior to 2.6.5. It is, therefore, affected by multiple vulnerabilities.", "cvss3": {}, "published": "2018-12-05T00:00:00", "type": "nessus", "title": "Wireshark 2.6.x < 2.6.5 Multiple Vulnerabilities (MacOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-19627", "CVE-2018-19628"], "modified": "2019-11-01T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "MACOSX_WIRESHARK_2_6_5.NASL", "href": "https://www.tenable.com/plugins/nessus/119418", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119418);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/11/01\");\n\n script_cve_id(\n \"CVE-2018-19622\",\n \"CVE-2018-19623\",\n \"CVE-2018-19624\",\n \"CVE-2018-19625\",\n \"CVE-2018-19626\",\n \"CVE-2018-19627\",\n \"CVE-2018-19628\"\n );\n script_bugtraq_id(106051);\n\n script_name(english:\"Wireshark 2.6.x < 2.6.5 Multiple Vulnerabilities (MacOS)\");\n script_summary(english:\"Checks the version of Wireshark.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote MacOS / MacOSX host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote MacOS/MacOSX host\nis 2.6.x prior to 2.6.5. It is, therefore, affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.6.5.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-51.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-52.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-53.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-54.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-55.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-56.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-57.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 2.6.5 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19628\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_wireshark_installed.nbin\");\n script_require_keys(\"installed_sw/Wireshark\", \"Host/MacOSX/Version\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nget_kb_item_or_exit(\"Host/MacOSX/Version\");\n\napp_info = vcf::get_app_info(app:\"Wireshark\");\n\nconstraints = [\n { \"min_version\" : \"2.6.0\", \"fixed_version\" : \"2.6.5\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:41", "description": "New version 2.6.5, contains fixes for CVE-2018-19622, CVE-2018-19623, CVE-2018-19624, CVE-2018-19625, CVE-2018-19626, CVE-2018-19627, CVE-2018-19628\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : 1:wireshark (2018-1b6cb1df72)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-19627", "CVE-2018-19628"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:wireshark", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-1B6CB1DF72.NASL", "href": "https://www.tenable.com/plugins/nessus/120265", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-1b6cb1df72.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120265);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\", \"CVE-2018-19628\");\n script_xref(name:\"FEDORA\", value:\"2018-1b6cb1df72\");\n\n script_name(english:\"Fedora 28 : 1:wireshark (2018-1b6cb1df72)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New version 2.6.5, contains fixes for CVE-2018-19622, CVE-2018-19623,\nCVE-2018-19624, CVE-2018-19625, CVE-2018-19626, CVE-2018-19627,\nCVE-2018-19628\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-1b6cb1df72\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 1:wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"wireshark-2.6.5-1.fc28\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:wireshark\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:47", "description": "New version 2.6.5, contains fixes for CVE-2018-19622, CVE-2018-19623, CVE-2018-19624, CVE-2018-19625, CVE-2018-19626, CVE-2018-19627, CVE-2018-19628\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 29 : 1:wireshark (2018-cb410a3812)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-19627", "CVE-2018-19628"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:wireshark", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2018-CB410A3812.NASL", "href": "https://www.tenable.com/plugins/nessus/120792", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-cb410a3812.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120792);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\", \"CVE-2018-19628\");\n script_xref(name:\"FEDORA\", value:\"2018-cb410a3812\");\n\n script_name(english:\"Fedora 29 : 1:wireshark (2018-cb410a3812)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New version 2.6.5, contains fixes for CVE-2018-19622, CVE-2018-19623,\nCVE-2018-19624, CVE-2018-19625, CVE-2018-19626, CVE-2018-19627,\nCVE-2018-19628\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-cb410a3812\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 1:wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"wireshark-2.6.5-1.fc29\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:wireshark\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:42:57", "description": "The version of Wireshark installed on the remote MacOS/MacOSX host is 2.4.x prior to 2.4.11. It is, therefore, affected by multiple vulnerabilities.", "cvss3": {}, "published": "2018-12-05T00:00:00", "type": "nessus", "title": "Wireshark 2.4.x < 2.4.11 Multiple Vulnerabilities (MacOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-19627"], "modified": "2019-11-01T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "MACOSX_WIRESHARK_2_4_11.NASL", "href": "https://www.tenable.com/plugins/nessus/119417", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119417);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/11/01\");\n\n script_cve_id(\n \"CVE-2018-19622\",\n \"CVE-2018-19623\",\n \"CVE-2018-19624\",\n \"CVE-2018-19625\",\n \"CVE-2018-19626\",\n \"CVE-2018-19627\"\n );\n script_bugtraq_id(106051);\n\n script_name(english:\"Wireshark 2.4.x < 2.4.11 Multiple Vulnerabilities (MacOS)\");\n script_summary(english:\"Checks the version of Wireshark.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote MacOS / MacOSX host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote MacOS/MacOSX host\nis 2.4.x prior to 2.4.11. It is, therefore, affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-51.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-52.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-53.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-54.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-55.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-56.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 2.4.11 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19627\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_wireshark_installed.nbin\");\n script_require_keys(\"installed_sw/Wireshark\", \"Host/MacOSX/Version\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nget_kb_item_or_exit(\"Host/MacOSX/Version\");\n\napp_info = vcf::get_app_info(app:\"Wireshark\");\n\nconstraints = [\n { \"min_version\" : \"2.4.0\", \"fixed_version\" : \"2.4.11\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:20:51", "description": "This update for wireshark fixes the following issues :\n\nUpdate to Wireshark 2.4.11 (bsc#1117740).\n\nSecurity issues fixed :\n\n - CVE-2018-19625: The Wireshark dissection engine could crash (wnpa-sec-2018-51)\n\n - CVE-2018-19626: The DCOM dissector could crash (wnpa-sec-2018-52)\n\n - CVE-2018-19623: The LBMPDM dissector could crash (wnpa-sec-2018-53) \n\n - CVE-2018-19622: The MMSE dissector could go into an infinite loop (wnpa-sec-2018-54)\n\n - CVE-2018-19627: The IxVeriWave file parser could crash (wnpa-sec-2018-55) \n\n - CVE-2018-19624: The PVFS dissector could crash (wnpa-sec-2018-56)\n\nFurther bug fixes and updated protocol support as listed in :\n\n- https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2019-03-27T00:00:00", "type": "nessus", "title": "openSUSE Security Update : wireshark (openSUSE-2019-1045)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-19627"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libwireshark9", "p-cpe:/a:novell:opensuse:libwireshark9-debuginfo", "p-cpe:/a:novell:opensuse:libwiretap7", "p-cpe:/a:novell:opensuse:libwiretap7-debuginfo", "p-cpe:/a:novell:opensuse:libwscodecs1", "p-cpe:/a:novell:opensuse:libwscodecs1-debuginfo", "p-cpe:/a:novell:opensuse:libwsutil8", "p-cpe:/a:novell:opensuse:libwsutil8-debuginfo", "p-cpe:/a:novell:opensuse:wireshark", "p-cpe:/a:novell:opensuse:wireshark-debuginfo", "p-cpe:/a:novell:opensuse:wireshark-debugsource", "p-cpe:/a:novell:opensuse:wireshark-devel", "p-cpe:/a:novell:opensuse:wireshark-ui-qt", "p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-1045.NASL", "href": "https://www.tenable.com/plugins/nessus/123166", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1045.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123166);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-2019-1045)\");\n script_summary(english:\"Check for the openSUSE-2019-1045 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for wireshark fixes the following issues :\n\nUpdate to Wireshark 2.4.11 (bsc#1117740).\n\nSecurity issues fixed :\n\n - CVE-2018-19625: The Wireshark dissection engine could\n crash (wnpa-sec-2018-51)\n\n - CVE-2018-19626: The DCOM dissector could crash\n (wnpa-sec-2018-52)\n\n - CVE-2018-19623: The LBMPDM dissector could crash\n (wnpa-sec-2018-53) \n\n - CVE-2018-19622: The MMSE dissector could go into an\n infinite loop (wnpa-sec-2018-54)\n\n - CVE-2018-19627: The IxVeriWave file parser could crash\n (wnpa-sec-2018-55) \n\n - CVE-2018-19624: The PVFS dissector could crash\n (wnpa-sec-2018-56)\n\nFurther bug fixes and updated protocol support as listed in :\n\n- https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117740\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark9-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwscodecs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwscodecs1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwireshark9-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwireshark9-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwiretap7-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwiretap7-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwscodecs1-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwscodecs1-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwsutil8-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwsutil8-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-debugsource-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-devel-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-ui-qt-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-ui-qt-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwireshark9 / libwireshark9-debuginfo / libwiretap7 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:42:57", "description": "The version of Wireshark installed on the remote Windows host is 2.4.x prior to 2.4.11. It is, therefore, affected by multiple vulnerabilities.", "cvss3": {}, "published": "2018-12-05T00:00:00", "type": "nessus", "title": "Wireshark 2.4.x < 2.4.11 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-19627"], "modified": "2019-11-01T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_2_4_11.NASL", "href": "https://www.tenable.com/plugins/nessus/119419", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119419);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/11/01\");\n\n script_cve_id(\n \"CVE-2018-19622\",\n \"CVE-2018-19623\",\n \"CVE-2018-19624\",\n \"CVE-2018-19625\",\n \"CVE-2018-19626\",\n \"CVE-2018-19627\"\n );\n script_bugtraq_id(106051);\n\n script_name(english:\"Wireshark 2.4.x < 2.4.11 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Wireshark.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Windows host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote Windows host is\n2.4.x prior to 2.4.11. It is, therefore,\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-51.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-52.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-53.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-54.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-55.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-56.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 2.4.11 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19627\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"installed_sw/Wireshark\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_info = vcf::get_app_info(app:\"Wireshark\", win_local:TRUE);\n\nconstraints = [\n { \"min_version\" : \"2.4.0\", \"fixed_version\" : \"2.4.11\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:43:13", "description": "This update for wireshark fixes the following issues :\n\nUpdate to Wireshark 2.4.11 (bsc#1117740).\n\nSecurity issues fixed :\n\n - CVE-2018-19625: The Wireshark dissection engine could crash (wnpa-sec-2018-51)\n\n - CVE-2018-19626: The DCOM dissector could crash (wnpa-sec-2018-52)\n\n - CVE-2018-19623: The LBMPDM dissector could crash (wnpa-sec-2018-53) \n\n - CVE-2018-19622: The MMSE dissector could go into an infinite loop (wnpa-sec-2018-54)\n\n - CVE-2018-19627: The IxVeriWave file parser could crash (wnpa-sec-2018-55) \n\n - CVE-2018-19624: The PVFS dissector could crash (wnpa-sec-2018-56)\n\nFurther bug fixes and updated protocol support as listed in :\n\n- https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2018-12-31T00:00:00", "type": "nessus", "title": "openSUSE Security Update : wireshark (openSUSE-2018-1620)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-19627"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libwireshark9", "p-cpe:/a:novell:opensuse:libwireshark9-debuginfo", "p-cpe:/a:novell:opensuse:libwiretap7", "p-cpe:/a:novell:opensuse:libwiretap7-debuginfo", "p-cpe:/a:novell:opensuse:libwscodecs1", "p-cpe:/a:novell:opensuse:libwscodecs1-debuginfo", "p-cpe:/a:novell:opensuse:libwsutil8", "p-cpe:/a:novell:opensuse:libwsutil8-debuginfo", "p-cpe:/a:novell:opensuse:wireshark", "p-cpe:/a:novell:opensuse:wireshark-debuginfo", "p-cpe:/a:novell:opensuse:wireshark-debugsource", "p-cpe:/a:novell:opensuse:wireshark-devel", "p-cpe:/a:novell:opensuse:wireshark-ui-qt", "p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2018-1620.NASL", "href": "https://www.tenable.com/plugins/nessus/119950", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-1620.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119950);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-2018-1620)\");\n script_summary(english:\"Check for the openSUSE-2018-1620 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for wireshark fixes the following issues :\n\nUpdate to Wireshark 2.4.11 (bsc#1117740).\n\nSecurity issues fixed :\n\n - CVE-2018-19625: The Wireshark dissection engine could\n crash (wnpa-sec-2018-51)\n\n - CVE-2018-19626: The DCOM dissector could crash\n (wnpa-sec-2018-52)\n\n - CVE-2018-19623: The LBMPDM dissector could crash\n (wnpa-sec-2018-53) \n\n - CVE-2018-19622: The MMSE dissector could go into an\n infinite loop (wnpa-sec-2018-54)\n\n - CVE-2018-19627: The IxVeriWave file parser could crash\n (wnpa-sec-2018-55) \n\n - CVE-2018-19624: The PVFS dissector could crash\n (wnpa-sec-2018-56)\n\nFurther bug fixes and updated protocol support as listed in :\n\n- https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117740\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark9-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwscodecs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwscodecs1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwireshark9-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwireshark9-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwiretap7-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwiretap7-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwscodecs1-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwscodecs1-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwsutil8-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwsutil8-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-debugsource-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-devel-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-ui-qt-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-ui-qt-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwireshark9 / libwireshark9-debuginfo / libwiretap7 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:57", "description": "This update for wireshark fixes the following issues :\n\nUpdate to Wireshark 2.4.11 (bsc#1117740).\n\nSecurity issues fixed :\n\nCVE-2018-19625: The Wireshark dissection engine could crash (wnpa-sec-2018-51)\n\nCVE-2018-19626: The DCOM dissector could crash (wnpa-sec-2018-52)\n\nCVE-2018-19623: The LBMPDM dissector could crash (wnpa-sec-2018-53)\n\nCVE-2018-19622: The MMSE dissector could go into an infinite loop (wnpa-sec-2018-54)\n\nCVE-2018-19627: The IxVeriWave file parser could crash (wnpa-sec-2018-55)\n\nCVE-2018-19624: The PVFS dissector could crash (wnpa-sec-2018-56)\n\nFurther bug fixes and updated protocol support as listed in:\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-02T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2018:4295-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-19627"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libwireshark9", "p-cpe:/a:novell:suse_linux:libwireshark9-debuginfo", "p-cpe:/a:novell:suse_linux:libwiretap7", "p-cpe:/a:novell:suse_linux:libwiretap7-debuginfo", "p-cpe:/a:novell:suse_linux:libwscodecs1", "p-cpe:/a:novell:suse_linux:libwscodecs1-debuginfo", "p-cpe:/a:novell:suse_linux:libwsutil8", "p-cpe:/a:novell:suse_linux:libwsutil8-debuginfo", "p-cpe:/a:novell:suse_linux:wireshark", "p-cpe:/a:novell:suse_linux:wireshark-debuginfo", "p-cpe:/a:novell:suse_linux:wireshark-debugsource", "p-cpe:/a:novell:suse_linux:wireshark-devel", "p-cpe:/a:novell:suse_linux:wireshark-ui-qt", "p-cpe:/a:novell:suse_linux:wireshark-ui-qt-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2018-4295-1.NASL", "href": "https://www.tenable.com/plugins/nessus/120194", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:4295-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120194);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2018:4295-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for wireshark fixes the following issues :\n\nUpdate to Wireshark 2.4.11 (bsc#1117740).\n\nSecurity issues fixed :\n\nCVE-2018-19625: The Wireshark dissection engine could crash\n(wnpa-sec-2018-51)\n\nCVE-2018-19626: The DCOM dissector could crash (wnpa-sec-2018-52)\n\nCVE-2018-19623: The LBMPDM dissector could crash (wnpa-sec-2018-53)\n\nCVE-2018-19622: The MMSE dissector could go into an infinite loop\n(wnpa-sec-2018-54)\n\nCVE-2018-19627: The IxVeriWave file parser could crash\n(wnpa-sec-2018-55)\n\nCVE-2018-19624: The PVFS dissector could crash (wnpa-sec-2018-56)\n\nFurther bug fixes and updated protocol support as listed in:\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117740\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19622/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19623/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19624/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19625/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19626/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19627/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20184295-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6c16e3d0\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Desktop Applications 15:zypper in -t\npatch SUSE-SLE-Module-Desktop-Applications-15-2018-3066=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2018-3066=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark9-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwscodecs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwscodecs1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-ui-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwireshark9-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwireshark9-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwiretap7-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwiretap7-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwscodecs1-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwscodecs1-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwsutil8-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwsutil8-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"wireshark-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"wireshark-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"wireshark-debugsource-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"wireshark-devel-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"wireshark-ui-qt-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"wireshark-ui-qt-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwireshark9-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwireshark9-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwiretap7-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwiretap7-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwscodecs1-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwscodecs1-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwsutil8-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwsutil8-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"wireshark-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"wireshark-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"wireshark-debugsource-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"wireshark-devel-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"wireshark-ui-qt-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"wireshark-ui-qt-debuginfo-2.4.11-3.15.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:42:55", "description": "This update for wireshark fixes the following issues :\n\nUpdate to Wireshark 2.4.11 (bsc#1117740).\n\nSecurity issues fixed :\n\nCVE-2018-19625: The Wireshark dissection engine could crash (wnpa-sec-2018-51)\n\nCVE-2018-19626: The DCOM dissector could crash (wnpa-sec-2018-52)\n\nCVE-2018-19623: The LBMPDM dissector could crash (wnpa-sec-2018-53)\n\nCVE-2018-19622: The MMSE dissector could go into an infinite loop (wnpa-sec-2018-54)\n\nCVE-2018-19627: The IxVeriWave file parser could crash (wnpa-sec-2018-55)\n\nCVE-2018-19624: The PVFS dissector could crash (wnpa-sec-2018-56)\n\nFurther bug fixes and updated protocol support as listed in:\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-12-31T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2018:4298-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-19627"], "modified": "2019-09-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libwireshark9", "p-cpe:/a:novell:suse_linux:libwireshark9-debuginfo", "p-cpe:/a:novell:suse_linux:libwiretap7", "p-cpe:/a:novell:suse_linux:libwiretap7-debuginfo", "p-cpe:/a:novell:suse_linux:libwscodecs1", "p-cpe:/a:novell:suse_linux:libwscodecs1-debuginfo", "p-cpe:/a:novell:suse_linux:libwsutil8", "p-cpe:/a:novell:suse_linux:libwsutil8-debuginfo", "p-cpe:/a:novell:suse_linux:wireshark", "p-cpe:/a:novell:suse_linux:wireshark-debuginfo", "p-cpe:/a:novell:suse_linux:wireshark-debugsource", "p-cpe:/a:novell:suse_linux:wireshark-gtk", "p-cpe:/a:novell:suse_linux:wireshark-gtk-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-4298-1.NASL", "href": "https://www.tenable.com/plugins/nessus/119956", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:4298-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119956);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/09/10 13:51:50\");\n\n script_cve_id(\"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2018:4298-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for wireshark fixes the following issues :\n\nUpdate to Wireshark 2.4.11 (bsc#1117740).\n\nSecurity issues fixed :\n\nCVE-2018-19625: The Wireshark dissection engine could crash\n(wnpa-sec-2018-51)\n\nCVE-2018-19626: The DCOM dissector could crash (wnpa-sec-2018-52)\n\nCVE-2018-19623: The LBMPDM dissector could crash (wnpa-sec-2018-53)\n\nCVE-2018-19622: The MMSE dissector could go into an infinite loop\n(wnpa-sec-2018-54)\n\nCVE-2018-19627: The IxVeriWave file parser could crash\n(wnpa-sec-2018-55)\n\nCVE-2018-19624: The PVFS dissector could crash (wnpa-sec-2018-56)\n\nFurther bug fixes and updated protocol support as listed in:\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117740\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19622/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19623/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19624/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19625/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19626/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19627/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20184298-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8ee98540\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2018-3067=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-3067=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2018-3067=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-3067=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2018-3067=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-3067=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark9-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwscodecs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwscodecs1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-gtk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3/4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwireshark9-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwireshark9-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwiretap7-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwiretap7-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwscodecs1-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwscodecs1-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwsutil8-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwsutil8-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"wireshark-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"wireshark-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"wireshark-debugsource-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"wireshark-gtk-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"wireshark-gtk-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwireshark9-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwireshark9-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwiretap7-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwiretap7-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwscodecs1-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwscodecs1-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwsutil8-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwsutil8-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-debugsource-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-gtk-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-gtk-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwireshark9-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwireshark9-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwiretap7-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwiretap7-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwscodecs1-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwscodecs1-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwsutil8-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwsutil8-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"wireshark-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"wireshark-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"wireshark-debugsource-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"wireshark-gtk-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"wireshark-gtk-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwireshark9-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwireshark9-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwiretap7-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwiretap7-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwscodecs1-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwscodecs1-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwsutil8-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwsutil8-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-debugsource-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-gtk-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-gtk-debuginfo-2.4.11-48.35.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-01T15:12:29", "description": "The version of Wireshark installed on the remote Windows host is 2.6.x prior to 2.6.4. It is, therefore, affected by multiple vulnerabilities.", "cvss3": {}, "published": "2018-10-18T00:00:00", "type": "nessus", "title": "Wireshark 2.6.x < 2.6.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12086", "CVE-2018-18225", "CVE-2018-18226", "CVE-2018-18227"], "modified": "2019-11-01T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_2_6_4.NASL", "href": "https://www.tenable.com/plugins/nessus/118207", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118207);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/11/01\");\n\n script_cve_id(\n \"CVE-2018-12086\",\n \"CVE-2018-18225\",\n \"CVE-2018-18226\",\n \"CVE-2018-18227\"\n );\n script_bugtraq_id(105538, 105583);\n\n script_name(english:\"Wireshark 2.6.x < 2.6.4 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Wireshark.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Windows host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote Windows host is\n2.6.x prior to 2.6.4. It is, therefore, affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.6.4.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-47.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-48.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-49.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-50.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 2.6.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-18226\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"installed_sw/Wireshark\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_info = vcf::get_app_info(app:\"Wireshark\", win_local:TRUE);\n\nconstraints = [\n { \"min_version\" : \"2.6.0\", \"fixed_version\" : \"2.6.4\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-01T14:24:00", "description": "The version of Wireshark installed on the remote macOS / Mac OS X host is 2.4.x prior to 2.4.10 / 2.6.x prior to 2.6.4. It is, therefore, affected by multiple vulnerabilities.\n\n - A buffer overflow condition exists in OPC UA applications due to failure to handle exceptional conditions. An unauthenticated remote attacker can exploit this via carefully structured requests to cause a denial of service condition or the execution of arbitrary code. (CVE-2018-12086)\n\n - A stack-based buffer overflow condition exists in Liblouis 3.6.0 in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440 due to failure to handle exceptional conditions. An unauthenticated remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2018-12585)\n\n - Multiple denial of service vulnerabilities exist in the following protocol dissectors: CoAP, IHS Discovery, the MS-WSP due to improper handling of exceptional conditions. An unauthenticated remote attacker can exploit this to cause Wireshark to crash by injecting a malformed packet onto the wire, or by convincing a user to read a malformed packet trace file.\n (CVE-2018-18225, CVE-2018-18226, CVE-2018-18227)", "cvss3": {}, "published": "2019-01-22T00:00:00", "type": "nessus", "title": "Wireshark 2.4.x < 2.4.10 / 2.6.x < 2.6.4 Multiple Vulnerabilities (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11440", "CVE-2018-12086", "CVE-2018-12585", "CVE-2018-18225", "CVE-2018-18226", "CVE-2018-18227"], "modified": "2019-10-31T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "MACOSX_WIRESHARK_2_6_4.NASL", "href": "https://www.tenable.com/plugins/nessus/121309", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121309);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/10/31 15:18:51\");\n\n script_cve_id(\n \"CVE-2018-12086\",\n \"CVE-2018-12585\",\n \"CVE-2018-18225\",\n \"CVE-2018-18226\",\n \"CVE-2018-18227\"\n );\n script_bugtraq_id(105538, 105583);\n\n script_name(english:\"Wireshark 2.4.x < 2.4.10 / 2.6.x < 2.6.4 Multiple Vulnerabilities (macOS)\");\n script_summary(english:\"Checks the version of Wireshark.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote macOS / Mac OS X host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote macOS / Mac OS X\nhost is 2.4.x prior to 2.4.10 / 2.6.x prior to 2.6.4. It is,\ntherefore, affected by multiple vulnerabilities.\n\n - A buffer overflow condition exists in OPC UA applications due to\n failure to handle exceptional conditions. An unauthenticated\n remote attacker can exploit this via carefully structured requests\n to cause a denial of service condition or the execution of\n arbitrary code. (CVE-2018-12086)\n\n - A stack-based buffer overflow condition exists in Liblouis 3.6.0\n in the function parseChars in compileTranslationTable.c, a\n different vulnerability than CVE-2018-11440 due to failure to\n handle exceptional conditions. An unauthenticated remote attacker\n can exploit this to cause a denial of service condition or the\n execution of arbitrary code. (CVE-2018-12585)\n\n - Multiple denial of service vulnerabilities exist in the following\n protocol dissectors: CoAP, IHS Discovery, the MS-WSP due to\n improper handling of exceptional conditions. An unauthenticated\n remote attacker can exploit this to cause Wireshark to crash by\n injecting a malformed packet onto the wire, or by convincing a\n user to read a malformed packet trace file.\n (CVE-2018-18225, CVE-2018-18226, CVE-2018-18227)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.6.4.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-47.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-48.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-49.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-50.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 2.4.10 / 2.6.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-12585\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_wireshark_installed.nbin\");\n script_require_keys(\"installed_sw/Wireshark\", \"Host/MacOSX/Version\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nget_kb_item_or_exit(\"Host/MacOSX/Version\");\n\napp_info = vcf::get_app_info(app:\"Wireshark\");\n\nconstraints = [\n { \"min_version\" : \"2.6.0\", \"fixed_version\" : \"2.6.4\" },\n { \"min_version\" : \"2.4.0\", \"fixed_version\" : \"2.4.10\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-01T14:23:04", "description": "New version 2.6.4, contains security fix for CVE-2018-16056, CVE-2018-16057, CVE-2018-16058, CVE-2018-18225, CVE-2018-18226, CVE-2018-18227, CVE-2018-12086.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : 1:wireshark (2018-89413a04e0)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12086", "CVE-2018-16056", "CVE-2018-16057", "CVE-2018-16058", "CVE-2018-18225", "CVE-2018-18226", "CVE-2018-18227"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:wireshark", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-89413A04E0.NASL", "href": "https://www.tenable.com/plugins/nessus/120589", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-89413a04e0.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120589);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-12086\", \"CVE-2018-16056\", \"CVE-2018-16057\", \"CVE-2018-16058\", \"CVE-2018-18225\", \"CVE-2018-18226\", \"CVE-2018-18227\");\n script_xref(name:\"FEDORA\", value:\"2018-89413a04e0\");\n\n script_name(english:\"Fedora 28 : 1:wireshark (2018-89413a04e0)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New version 2.6.4, contains security fix for CVE-2018-16056,\nCVE-2018-16057, CVE-2018-16058, CVE-2018-18225, CVE-2018-18226,\nCVE-2018-18227, CVE-2018-12086.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-89413a04e0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 1:wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"wireshark-2.6.4-1.fc28\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:wireshark\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-01T15:12:29", "description": "This update for wireshark fixes the following issues :\n\nWireshark was updated to 2.4.10 (bsc#1111647).\n\nFollowing security issues were fixed :\n\n - CVE-2018-18227: MS-WSP dissector crash (wnpa-sec-2018-47)\n\n - CVE-2018-12086: OpcUA dissector crash (wnpa-sec-2018-50)\n\nFurther bug fixes and updated protocol support that were done are listed in :\n\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2018-10-24T00:00:00", "type": "nessus", "title": "openSUSE Security Update : wireshark (openSUSE-2018-1238)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12086", "CVE-2018-18227"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libwireshark9", "p-cpe:/a:novell:opensuse:libwireshark9-debuginfo", "p-cpe:/a:novell:opensuse:libwiretap7", "p-cpe:/a:novell:opensuse:libwiretap7-debuginfo", "p-cpe:/a:novell:opensuse:libwscodecs1", "p-cpe:/a:novell:opensuse:libwscodecs1-debuginfo", "p-cpe:/a:novell:opensuse:libwsutil8", "p-cpe:/a:novell:opensuse:libwsutil8-debuginfo", "p-cpe:/a:novell:opensuse:wireshark", "p-cpe:/a:novell:opensuse:wireshark-debuginfo", "p-cpe:/a:novell:opensuse:wireshark-debugsource", "p-cpe:/a:novell:opensuse:wireshark-devel", "p-cpe:/a:novell:opensuse:wireshark-ui-qt", "p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2018-1238.NASL", "href": "https://www.tenable.com/plugins/nessus/118345", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-1238.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118345);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-12086\", \"CVE-2018-18227\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-2018-1238)\");\n script_summary(english:\"Check for the openSUSE-2018-1238 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for wireshark fixes the following issues :\n\nWireshark was updated to 2.4.10 (bsc#1111647).\n\nFollowing security issues were fixed :\n\n - CVE-2018-18227: MS-WSP dissector crash\n (wnpa-sec-2018-47)\n\n - CVE-2018-12086: OpcUA dissector crash (wnpa-sec-2018-50)\n\nFurther bug fixes and updated protocol support that were done are\nlisted in :\n\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark9-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwscodecs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwscodecs1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwireshark9-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwireshark9-debuginfo-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwiretap7-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwiretap7-debuginfo-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwscodecs1-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwscodecs1-debuginfo-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwsutil8-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwsutil8-debuginfo-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-debuginfo-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-debugsource-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-devel-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-ui-qt-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-ui-qt-debuginfo-2.4.10-lp150.2.13.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwireshark9 / libwireshark9-debuginfo / libwiretap7 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-01T15:13:29", "description": "The version of Wireshark installed on the remote Windows host is 2.4.x prior to 2.4.10. It is, therefore, affected by multiple vulnerabilities.", "cvss3": {}, "published": "2018-10-18T00:00:00", "type": "nessus", "title": "Wireshark 2.4.x < 2.4.10 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12086", "CVE-2018-18227"], "modified": "2019-11-01T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_2_4_10.NASL", "href": "https://www.tenable.com/plugins/nessus/118206", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118206);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/11/01\");\n\n script_cve_id(\"CVE-2018-12086\", \"CVE-2018-18227\");\n script_bugtraq_id(105538, 105583);\n\n script_name(english:\"Wireshark 2.4.x < 2.4.10 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Wireshark.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Windows host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote Windows host is\n2.4.x prior to 2.4.10. It is, therefore, affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-47.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-50.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 2.4.10 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-18227\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"installed_sw/Wireshark\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_info = vcf::get_app_info(app:\"Wireshark\", win_local:TRUE);\n\nconstraints = [\n { \"min_version\" : \"2.4.0\", \"fixed_version\" : \"2.4.10\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-01T15:14:18", "description": "This update for wireshark fixes the following issues :\n\nWireshark was updated to 2.4.10 (bsc#1111647).\n\nFollowing security issues were fixed :\n\nCVE-2018-18227: MS-WSP dissector crash (wnpa-sec-2018-47)\n\nCVE-2018-12086: OpcUA dissector crash (wnpa-sec-2018-50)\n\nFurther bug fixes and updated protocol support that were done are listed in :\n\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-11-01T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2018:3590-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12086", "CVE-2018-18227"], "modified": "2022-01-31T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libwireshark9", "p-cpe:/a:novell:suse_linux:libwireshark9-debuginfo", "p-cpe:/a:novell:suse_linux:libwiretap7", "p-cpe:/a:novell:suse_linux:libwiretap7-debuginfo", "p-cpe:/a:novell:suse_linux:libwscodecs1", "p-cpe:/a:novell:suse_linux:libwscodecs1-debuginfo", "p-cpe:/a:novell:suse_linux:libwsutil8", "p-cpe:/a:novell:suse_linux:libwsutil8-debuginfo", "p-cpe:/a:novell:suse_linux:wireshark", "p-cpe:/a:novell:suse_linux:wireshark-debuginfo", "p-cpe:/a:novell:suse_linux:wireshark-debugsource", "p-cpe:/a:novell:suse_linux:wireshark-gtk", "p-cpe:/a:novell:suse_linux:wireshark-gtk-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-3590-1.NASL", "href": "https://www.tenable.com/plugins/nessus/118589", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3590-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118589);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/31\");\n\n script_cve_id(\"CVE-2018-12086\", \"CVE-2018-18227\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2018:3590-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for wireshark fixes the following issues :\n\nWireshark was updated to 2.4.10 (bsc#1111647).\n\nFollowing security issues were fixed :\n\nCVE-2018-18227: MS-WSP dissector crash (wnpa-sec-2018-47)\n\nCVE-2018-12086: OpcUA dissector crash (wnpa-sec-2018-50)\n\nFurther bug fixes and updated protocol support that were done are\nlisted in :\n\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-12086/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-18227/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183590-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7e2d3d64\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2018-2548=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-2548=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2018-2548=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-2548=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2018-2548=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2018-2548=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2018-2548=1\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2018-2548=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-2548=1\n\nSUSE Enterprise Storage 4:zypper in -t patch\nSUSE-Storage-4-2018-2548=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-18227\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark9-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwscodecs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwscodecs1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-gtk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0|1|2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0/1/2/3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libwireshark9-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libwireshark9-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libwiretap7-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libwiretap7-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libwscodecs1-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libwscodecs1-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libwsutil8-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libwsutil8-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"wireshark-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"wireshark-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"wireshark-debugsource-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"wireshark-gtk-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"wireshark-gtk-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libwireshark9-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libwireshark9-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libwiretap7-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libwiretap7-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libwscodecs1-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libwscodecs1-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libwsutil8-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libwsutil8-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"wireshark-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"wireshark-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"wireshark-debugsource-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"wireshark-gtk-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"wireshark-gtk-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwireshark9-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwireshark9-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwiretap7-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwiretap7-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwscodecs1-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwscodecs1-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwsutil8-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwsutil8-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-debugsource-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-gtk-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-gtk-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwireshark9-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwireshark9-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwiretap7-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwiretap7-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwscodecs1-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwscodecs1-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwsutil8-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwsutil8-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"wireshark-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"wireshark-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"wireshark-debugsource-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"wireshark-gtk-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"wireshark-gtk-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwireshark9-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwireshark9-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwiretap7-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwiretap7-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwscodecs1-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwscodecs1-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwsutil8-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwsutil8-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-debugsource-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-gtk-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-gtk-debuginfo-2.4.10-48.32.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-01T14:26:16", "description": "This update for wireshark fixes the following issues :\n\nWireshark was updated to 2.4.10 (bsc#1111647).\n\nFollowing security issues were fixed :\n\n - CVE-2018-18227: MS-WSP dissector crash (wnpa-sec-2018-47)\n\n - CVE-2018-12086: OpcUA dissector crash (wnpa-sec-2018-50)\n\nFurther bug fixes and updated protocol support that were done are listed in :\n\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2019-03-27T00:00:00", "type": "nessus", "title": "openSUSE Security Update : wireshark (openSUSE-2019-837)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12086", "CVE-2018-18227"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libwireshark9", "p-cpe:/a:novell:opensuse:libwireshark9-debuginfo", "p-cpe:/a:novell:opensuse:libwiretap7", "p-cpe:/a:novell:opensuse:libwiretap7-debuginfo", "p-cpe:/a:novell:opensuse:libwscodecs1", "p-cpe:/a:novell:opensuse:libwscodecs1-debuginfo", "p-cpe:/a:novell:opensuse:libwsutil8", "p-cpe:/a:novell:opensuse:libwsutil8-debuginfo", "p-cpe:/a:novell:opensuse:wireshark", "p-cpe:/a:novell:opensuse:wireshark-debuginfo", "p-cpe:/a:novell:opensuse:wireshark-debugsource", "p-cpe:/a:novell:opensuse:wireshark-devel", "p-cpe:/a:novell:opensuse:wireshark-ui-qt", "p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-837.NASL", "href": "https://www.tenable.com/plugins/nessus/123350", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-837.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123350);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-12086\", \"CVE-2018-18227\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-2019-837)\");\n script_summary(english:\"Check for the openSUSE-2019-837 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for wireshark fixes the following issues :\n\nWireshark was updated to 2.4.10 (bsc#1111647).\n\nFollowing security issues were fixed :\n\n - CVE-2018-18227: MS-WSP dissector crash\n (wnpa-sec-2018-47)\n\n - CVE-2018-12086: OpcUA dissector crash (wnpa-sec-2018-50)\n\nFurther bug fixes and updated protocol support that were done are\nlisted in :\n\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark9-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwscodecs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwscodecs1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwireshark9-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwireshark9-debuginfo-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwiretap7-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwiretap7-debuginfo-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwscodecs1-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwscodecs1-debuginfo-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwsutil8-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwsutil8-debuginfo-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-debuginfo-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-debugsource-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-devel-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-ui-qt-2.4.10-lp150.2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-ui-qt-debuginfo-2.4.10-lp150.2.13.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwireshark9 / libwireshark9-debuginfo / libwiretap7 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-01T14:23:38", "description": "This update for wireshark fixes the following issues :\n\nWireshark was updated to 2.4.10 (bsc#1111647).\n\nFollowing security issues were fixed :\n\nCVE-2018-18227: MS-WSP dissector crash (wnpa-sec-2018-47)\n\nCVE-2018-12086: OpcUA dissector crash (wnpa-sec-2018-50)\n\nFurther bug fixes and updated protocol support that were done are listed in :\n\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-02T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2018:3282-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12086", "CVE-2018-18227"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libwireshark9", "p-cpe:/a:novell:suse_linux:libwireshark9-debuginfo", "p-cpe:/a:novell:suse_linux:libwiretap7", "p-cpe:/a:novell:suse_linux:libwiretap7-debuginfo", "p-cpe:/a:novell:suse_linux:libwscodecs1", "p-cpe:/a:novell:suse_linux:libwscodecs1-debuginfo", "p-cpe:/a:novell:suse_linux:libwsutil8", "p-cpe:/a:novell:suse_linux:libwsutil8-debuginfo", "p-cpe:/a:novell:suse_linux:wireshark", "p-cpe:/a:novell:suse_linux:wireshark-debuginfo", "p-cpe:/a:novell:suse_linux:wireshark-debugsource", "p-cpe:/a:novell:suse_linux:wireshark-devel", "p-cpe:/a:novell:suse_linux:wireshark-ui-qt", "p-cpe:/a:novell:suse_linux:wireshark-ui-qt-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2018-3282-1.NASL", "href": "https://www.tenable.com/plugins/nessus/120138", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3282-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120138);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-12086\", \"CVE-2018-18227\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2018:3282-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for wireshark fixes the following issues :\n\nWireshark was updated to 2.4.10 (bsc#1111647).\n\nFollowing security issues were fixed :\n\nCVE-2018-18227: MS-WSP dissector crash (wnpa-sec-2018-47)\n\nCVE-2018-12086: OpcUA dissector crash (wnpa-sec-2018-50)\n\nFurther bug fixes and updated protocol support that were done are\nlisted in :\n\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-12086/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-18227/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183282-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3b67ef6\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Desktop Applications 15:zypper in -t\npatch SUSE-SLE-Module-Desktop-Applications-15-2018-2364=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2018-2364=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark9-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwscodecs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwscodecs1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-ui-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwireshark9-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwireshark9-debuginfo-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwiretap7-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwiretap7-debuginfo-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwscodecs1-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwscodecs1-debuginfo-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwsutil8-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwsutil8-debuginfo-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"wireshark-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"wireshark-debuginfo-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"wireshark-debugsource-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"wireshark-devel-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"wireshark-ui-qt-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"wireshark-ui-qt-debuginfo-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwireshark9-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwireshark9-debuginfo-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwiretap7-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwiretap7-debuginfo-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwscodecs1-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwscodecs1-debuginfo-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwsutil8-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwsutil8-debuginfo-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"wireshark-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"wireshark-debuginfo-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"wireshark-debugsource-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"wireshark-devel-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"wireshark-ui-qt-2.4.10-3.12.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"wireshark-ui-qt-debuginfo-2.4.10-3.12.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-01T15:14:45", "description": "This update for wireshark fixes the following issues :\n\nWireshark was updated to 2.4.10 (bsc#1111647).\n\nFollowing security issues were fixed :\n\nCVE-2018-18227: MS-WSP dissector crash (wnpa-sec-2018-47)\n\nCVE-2018-12086: OpcUA dissector crash (wnpa-sec-2018-50)\n\nFurther bug fixes and updated protocol support that were done are listed in :\n\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-12-06T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2018:3590-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12086", "CVE-2018-18227"], "modified": "2020-06-09T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libwireshark9", "p-cpe:/a:novell:suse_linux:libwireshark9-debuginfo", "p-cpe:/a:novell:suse_linux:libwiretap7", "p-cpe:/a:novell:suse_linux:libwiretap7-debuginfo", "p-cpe:/a:novell:suse_linux:libwscodecs1", "p-cpe:/a:novell:suse_linux:libwscodecs1-debuginfo", "p-cpe:/a:novell:suse_linux:libwsutil8", "p-cpe:/a:novell:suse_linux:libwsutil8-debuginfo", "p-cpe:/a:novell:suse_linux:wireshark", "p-cpe:/a:novell:suse_linux:wireshark-debuginfo", "p-cpe:/a:novell:suse_linux:wireshark-debugsource", "p-cpe:/a:novell:suse_linux:wireshark-gtk", "p-cpe:/a:novell:suse_linux:wireshark-gtk-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-3590-2.NASL", "href": "https://www.tenable.com/plugins/nessus/119450", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3590-2.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119450);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/09\");\n\n script_cve_id(\"CVE-2018-12086\", \"CVE-2018-18227\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2018:3590-2)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for wireshark fixes the following issues :\n\nWireshark was updated to 2.4.10 (bsc#1111647).\n\nFollowing security issues were fixed :\n\nCVE-2018-18227: MS-WSP dissector crash (wnpa-sec-2018-47)\n\nCVE-2018-12086: OpcUA dissector crash (wnpa-sec-2018-50)\n\nFurther bug fixes and updated protocol support that were done are\nlisted in :\n\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-12086/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-18227/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183590-2/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4ffddba0\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2018-2548=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2018-2548=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2018-2548=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark9-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwscodecs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwscodecs1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-gtk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwireshark9-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwireshark9-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwiretap7-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwiretap7-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwscodecs1-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwscodecs1-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwsutil8-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwsutil8-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"wireshark-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"wireshark-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"wireshark-debugsource-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"wireshark-gtk-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"wireshark-gtk-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwireshark9-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwireshark9-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwiretap7-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwiretap7-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwscodecs1-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwscodecs1-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwsutil8-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwsutil8-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"wireshark-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"wireshark-debuginfo-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"wireshark-debugsource-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"wireshark-gtk-2.4.10-48.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"wireshark-gtk-debuginfo-2.4.10-48.32.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:57:23", "description": "This update for wireshark and libmaxminddb fixes the following issues :\n\nUpdate wireshark to new major version 3.2.2 and introduce libmaxminddb for GeoIP support (bsc#1156288).\n\nNew features include :\n\n - Added support for 111 new protocols, including WireGuard, LoRaWAN, TPM 2.0, 802.11ax and QUIC\n\n - Improved support for existing protocols, like HTTP/2\n\n - Improved analytics and usability functionalities\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2020-03-20T00:00:00", "type": "nessus", "title": "openSUSE Security Update : wireshark (openSUSE-2020-362)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11354", "CVE-2018-11355", "CVE-2018-11356", "CVE-2018-11357", "CVE-2018-11358", "CVE-2018-11359", "CVE-2018-11360", "CVE-2018-11361", "CVE-2018-11362", "CVE-2018-12086", "CVE-2018-14339", "CVE-2018-14340", "CVE-2018-14341", "CVE-2018-14342", "CVE-2018-14343", "CVE-2018-14344", "CVE-2018-14367", "CVE-2018-14368", "CVE-2018-14369", "CVE-2018-14370", "CVE-2018-16056", "CVE-2018-16057", "CVE-2018-16058", "CVE-2018-18225", "CVE-2018-18226", "CVE-2018-18227", "CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-19627", "CVE-2018-19628", "CVE-2019-10894", "CVE-2019-10895", "CVE-2019-10896", "CVE-2019-10897", "CVE-2019-10898", "CVE-2019-10899", "CVE-2019-10900", "CVE-2019-10901", "CVE-2019-10902", "CVE-2019-10903", "CVE-2019-13619", "CVE-2019-16319", "CVE-2019-19553", "CVE-2019-5716", "CVE-2019-5717", "CVE-2019-5718", "CVE-2019-5719", "CVE-2019-5721", "CVE-2019-9208", "CVE-2019-9209", "CVE-2019-9214", "CVE-2020-7044", "CVE-2020-9428", "CVE-2020-9429", "CVE-2020-9430", "CVE-2020-9431"], "modified": "2020-03-24T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libmaxminddb-debugsource", "p-cpe:/a:novell:opensuse:libmaxminddb-devel", "p-cpe:/a:novell:opensuse:libmaxminddb0", "p-cpe:/a:novell:opensuse:libmaxminddb0-32bit", "p-cpe:/a:novell:opensuse:libmaxminddb0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libmaxminddb0-debuginfo", "p-cpe:/a:novell:opensuse:libspandsp2", "p-cpe:/a:novell:opensuse:libspandsp2-32bit", "p-cpe:/a:novell:opensuse:libspandsp2-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libspandsp2-debuginfo", "p-cpe:/a:novell:opensuse:libwireshark13", "p-cpe:/a:novell:opensuse:libwireshark13-debuginfo", "p-cpe:/a:novell:opensuse:libwiretap10", "p-cpe:/a:novell:opensuse:libwiretap10-debuginfo", "p-cpe:/a:novell:opensuse:libwsutil11", "p-cpe:/a:novell:opensuse:libwsutil11-debuginfo", "p-cpe:/a:novell:opensuse:mmdblookup", "p-cpe:/a:novell:opensuse:mmdblookup-debuginfo", "p-cpe:/a:novell:opensuse:spandsp-debugsource", "p-cpe:/a:novell:opensuse:spandsp-devel", "p-cpe:/a:novell:opensuse:wireshark", "p-cpe:/a:novell:opensuse:wireshark-debuginfo", "p-cpe:/a:novell:opensuse:wireshark-debugsource", "p-cpe:/a:novell:opensuse:wireshark-devel", "p-cpe:/a:novell:opensuse:wireshark-ui-qt", "p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-362.NASL", "href": "https://www.tenable.com/plugins/nessus/134755", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-362.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134755);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/24\");\n\n script_cve_id(\"CVE-2018-11354\", \"CVE-2018-11355\", \"CVE-2018-11356\", \"CVE-2018-11357\", \"CVE-2018-11358\", \"CVE-2018-11359\", \"CVE-2018-11360\", \"CVE-2018-11361\", \"CVE-2018-11362\", \"CVE-2018-12086\", \"CVE-2018-14339\", \"CVE-2018-14340\", \"CVE-2018-14341\", \"CVE-2018-14342\", \"CVE-2018-14343\", \"CVE-2018-14344\", \"CVE-2018-14367\", \"CVE-2018-14368\", \"CVE-2018-14369\", \"CVE-2018-14370\", \"CVE-2018-16056\", \"CVE-2018-16057\", \"CVE-2018-16058\", \"CVE-2018-18225\", \"CVE-2018-18226\", \"CVE-2018-18227\", \"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\", \"CVE-2018-19628\", \"CVE-2019-10894\", \"CVE-2019-10895\", \"CVE-2019-10896\", \"CVE-2019-10897\", \"CVE-2019-10898\", \"CVE-2019-10899\", \"CVE-2019-10900\", \"CVE-2019-10901\", \"CVE-2019-10902\", \"CVE-2019-10903\", \"CVE-2019-13619\", \"CVE-2019-16319\", \"CVE-2019-19553\", \"CVE-2019-5716\", \"CVE-2019-5717\", \"CVE-2019-5718\", \"CVE-2019-5719\", \"CVE-2019-5721\", \"CVE-2019-9208\", \"CVE-2019-9209\", \"CVE-2019-9214\", \"CVE-2020-7044\", \"CVE-2020-9428\", \"CVE-2020-9429\", \"CVE-2020-9430\", \"CVE-2020-9431\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-2020-362)\");\n script_summary(english:\"Check for the openSUSE-2020-362 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for wireshark and libmaxminddb fixes the following \nissues :\n\nUpdate wireshark to new major version 3.2.2 and introduce libmaxminddb\nfor GeoIP support (bsc#1156288).\n\nNew features include :\n\n - Added support for 111 new protocols, including\n WireGuard, LoRaWAN, TPM 2.0, 802.11ax and QUIC\n\n - Improved support for existing protocols, like HTTP/2\n\n - Improved analytics and usability functionalities\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1093733\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1094301\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101776\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101777\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101786\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101791\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101794\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101800\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101802\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101804\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101810\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1106514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117740\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121231\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121232\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121233\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121234\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121235\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1127367\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1127369\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1127370\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1131941\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1131945\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1136021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1141980\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1150690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1156288\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1158505\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1161052\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1165241\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1165710\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957624\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmaxminddb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmaxminddb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmaxminddb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmaxminddb0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmaxminddb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmaxminddb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libspandsp2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libspandsp2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libspandsp2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libspandsp2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark13-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap10-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mmdblookup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mmdblookup-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:spandsp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:spandsp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libmaxminddb-debugsource-1.4.2-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libmaxminddb-devel-1.4.2-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libmaxminddb0-1.4.2-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libmaxminddb0-debuginfo-1.4.2-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libspandsp2-0.0.6-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libspandsp2-debuginfo-0.0.6-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwireshark13-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwireshark13-debuginfo-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwiretap10-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwiretap10-debuginfo-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwsutil11-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwsutil11-debuginfo-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"mmdblookup-1.4.2-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"mmdblookup-debuginfo-1.4.2-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"spandsp-debugsource-0.0.6-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"spandsp-devel-0.0.6-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-debuginfo-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-debugsource-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-devel-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-ui-qt-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-ui-qt-debuginfo-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libmaxminddb0-32bit-1.4.2-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libmaxminddb0-32bit-debuginfo-1.4.2-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libspandsp2-32bit-0.0.6-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libspandsp2-32bit-debuginfo-0.0.6-lp151.3.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmaxminddb-debugsource / libmaxminddb-devel / libmaxminddb0 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:57:41", "description": "This update for wireshark and libmaxminddb fixes the following issues :\n\nUpdate wireshark to new major version 3.2.2 and introduce libmaxminddb for GeoIP support (bsc#1156288).\n\nNew features include :\n\nAdded support for 111 new protocols, including WireGuard, LoRaWAN, TPM 2.0, 802.11ax and QUIC\n\nImproved support for existing protocols, like HTTP/2\n\nImproved analytics and usability functionalities\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-03-16T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2020:0693-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11354", "CVE-2018-11355", "CVE-2018-11356", "CVE-2018-11357", "CVE-2018-11358", "CVE-2018-11359", "CVE-2018-11360", "CVE-2018-11361", "CVE-2018-11362", "CVE-2018-12086", "CVE-2018-14339", "CVE-2018-14340", "CVE-2018-14341", "CVE-2018-14342", "CVE-2018-14343", "CVE-2018-14344", "CVE-2018-14367", "CVE-2018-14368", "CVE-2018-14369", "CVE-2018-14370", "CVE-2018-16056", "CVE-2018-16057", "CVE-2018-16058", "CVE-2018-18225", "CVE-2018-18226", "CVE-2018-18227", "CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-19627", "CVE-2018-19628", "CVE-2019-10894", "CVE-2019-10895", "CVE-2019-10896", "CVE-2019-10897", "CVE-2019-10898", "CVE-2019-10899", "CVE-2019-10900", "CVE-2019-10901", "CVE-2019-10902", "CVE-2019-10903", "CVE-2019-13619", "CVE-2019-16319", "CVE-2019-19553", "CVE-2019-5716", "CVE-2019-5717", "CVE-2019-5718", "CVE-2019-5719", "CVE-2019-5721", "CVE-2019-9208", "CVE-2019-9209", "CVE-2019-9214", "CVE-2020-7044", "CVE-2020-9428", "CVE-2020-9429", "CVE-2020-9430", "CVE-2020-9431"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libmaxminddb-debugsource", "p-cpe:/a:novell:suse_linux:libmaxminddb-devel", "p-cpe:/a:novell:suse_linux:libmaxminddb0", "p-cpe:/a:novell:suse_linux:libmaxminddb0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libmaxminddb0-debuginfo", "p-cpe:/a:novell:suse_linux:libspandsp2", "p-cpe:/a:novell:suse_linux:libspandsp2-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libspandsp2-debuginfo", "p-cpe:/a:novell:suse_linux:libwireshark13", "p-cpe:/a:novell:suse_linux:libwireshark13-debuginfo", "p-cpe:/a:novell:suse_linux:libwiretap10", "p-cpe:/a:novell:suse_linux:libwiretap10-debuginfo", "p-cpe:/a:novell:suse_linux:libwsutil11", "p-cpe:/a:novell:suse_linux:libwsutil11-debuginfo", "p-cpe:/a:novell:suse_linux:mmdblookup", "p-cpe:/a:novell:suse_linux:spandsp-debugsource", "p-cpe:/a:novell:suse_linux:spandsp-devel", "p-cpe:/a:novell:suse_linux:wireshark", "p-cpe:/a:novell:suse_linux:wireshark-debuginfo", "p-cpe:/a:novell:suse_linux:wireshark-debugsource", "p-cpe:/a:novell:suse_linux:wireshark-devel", "p-cpe:/a:novell:suse_linux:wireshark-ui-qt", "p-cpe:/a:novell:suse_linux:wireshark-ui-qt-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-0693-1.NASL", "href": "https://www.tenable.com/plugins/nessus/134625", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:0693-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134625);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-11354\", \"CVE-2018-11355\", \"CVE-2018-11356\", \"CVE-2018-11357\", \"CVE-2018-11358\", \"CVE-2018-11359\", \"CVE-2018-11360\", \"CVE-2018-11361\", \"CVE-2018-11362\", \"CVE-2018-12086\", \"CVE-2018-14339\", \"CVE-2018-14340\", \"CVE-2018-14341\", \"CVE-2018-14342\", \"CVE-2018-14343\", \"CVE-2018-14344\", \"CVE-2018-14367\", \"CVE-2018-14368\", \"CVE-2018-14369\", \"CVE-2018-14370\", \"CVE-2018-16056\", \"CVE-2018-16057\", \"CVE-2018-16058\", \"CVE-2018-18225\", \"CVE-2018-18226\", \"CVE-2018-18227\", \"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\", \"CVE-2018-19628\", \"CVE-2019-10894\", \"CVE-2019-10895\", \"CVE-2019-10896\", \"CVE-2019-10897\", \"CVE-2019-10898\", \"CVE-2019-10899\", \"CVE-2019-10900\", \"CVE-2019-10901\", \"CVE-2019-10902\", \"CVE-2019-10903\", \"CVE-2019-13619\", \"CVE-2019-16319\", \"CVE-2019-19553\", \"CVE-2019-5716\", \"CVE-2019-5717\", \"CVE-2019-5718\", \"CVE-2019-5719\", \"CVE-2019-5721\", \"CVE-2019-9208\", \"CVE-2019-9209\", \"CVE-2019-9214\", \"CVE-2020-7044\", \"CVE-2020-9428\", \"CVE-2020-9429\", \"CVE-2020-9430\", \"CVE-2020-9431\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2020:0693-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for wireshark and libmaxminddb fixes the following \nissues :\n\nUpdate wireshark to new major version 3.2.2 and introduce libmaxminddb\nfor GeoIP support (bsc#1156288).\n\nNew features include :\n\nAdded support for 111 new protocols, including WireGuard, LoRaWAN, TPM\n2.0, 802.11ax and QUIC\n\nImproved support for existing protocols, like HTTP/2\n\nImproved analytics and usability functionalities\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1093733\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1094301\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101776\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101777\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101786\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101791\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101794\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101800\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101802\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101804\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101810\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117740\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121231\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121232\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121233\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121234\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121235\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127367\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127369\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127370\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1131941\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1131945\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141980\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156288\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158505\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161052\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165241\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165710\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957624\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-11354/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-11355/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-11356/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-11357/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-11358/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-11359/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-11360/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-11361/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-11362/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-12086/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14339/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14340/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14341/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14342/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14343/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14344/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14367/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14368/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14369/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14370/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16056/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16057/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16058/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-18225/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-18226/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-18227/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19622/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19623/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19624/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19625/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19626/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19627/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19628/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-10894/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-10895/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-10896/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-10897/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-10898/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-10899/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-10900/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-10901/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-10902/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-10903/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13619/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-16319/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19553/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-5716/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-5717/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-5718/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-5719/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-5721/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9208/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9209/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9214/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-7044/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9428/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9429/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9430/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9431/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20200693-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3a67d1f5\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 15:zypper in -t patch\nSUSE-SLE-Product-SLES_SAP-15-2020-693=1\n\nSUSE Linux Enterprise Server 15-LTSS:zypper in -t patch\nSUSE-SLE-Product-SLES-15-2020-693=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2020-693=1\n\nSUSE Linux Enterprise Module for Desktop Applications 15-SP1:zypper in\n-t patch SUSE-SLE-Module-Desktop-Applications-15-SP1-2020-693=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-SP1-2020-693=1\n\nSUSE Linux Enterprise High Performance Computing 15-LTSS:zypper in -t\npatch SUSE-SLE-Product-HPC-15-2020-693=1\n\nSUSE Linux Enterprise High Performance Computing 15-ESPOS:zypper in -t\npatch SUSE-SLE-Product-HPC-15-2020-693=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libmaxminddb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libmaxminddb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libmaxminddb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libmaxminddb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libmaxminddb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libspandsp2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libspandsp2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libspandsp2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark13-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap10-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mmdblookup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:spandsp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:spandsp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-ui-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libmaxminddb0-32bit-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libmaxminddb0-32bit-debuginfo-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libspandsp2-32bit-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libspandsp2-32bit-debuginfo-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libmaxminddb-debugsource-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libmaxminddb-devel-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libmaxminddb0-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libmaxminddb0-debuginfo-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libspandsp2-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libspandsp2-debuginfo-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwireshark13-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwireshark13-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwiretap10-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwiretap10-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwsutil11-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwsutil11-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"mmdblookup-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"spandsp-debugsource-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"spandsp-devel-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-debugsource-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-devel-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-ui-qt-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-ui-qt-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libmaxminddb-debugsource-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libmaxminddb-devel-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libmaxminddb0-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libmaxminddb0-debuginfo-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libspandsp2-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libspandsp2-debuginfo-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libwireshark13-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libwireshark13-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libwiretap10-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libwiretap10-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libwsutil11-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libwsutil11-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"mmdblookup-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"wireshark-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"wireshark-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"wireshark-debugsource-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libmaxminddb0-32bit-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libmaxminddb0-32bit-debuginfo-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libspandsp2-32bit-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libspandsp2-32bit-debuginfo-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libmaxminddb-debugsource-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libmaxminddb-devel-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libmaxminddb0-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libmaxminddb0-debuginfo-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libspandsp2-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libspandsp2-debuginfo-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwireshark13-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwireshark13-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwiretap10-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwiretap10-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwsutil11-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwsutil11-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"mmdblookup-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"spandsp-debugsource-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"spandsp-devel-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-debugsource-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-devel-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-ui-qt-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-ui-qt-debuginfo-3.2.2-3.35.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:15", "description": "Several issues in wireshark, a tool that captures and analyzes packets off the wire, have been found by different people. These are basically issues with length checks or invalid memory access in different dissectors. This could result in infinite loops or crashes by malicious packets.\n\nFor Debian 8 'Jessie', these problems have been fixed in version 1.12.1+g01b65bf-4+deb8u16.\n\nWe recommend that you upgrade your wireshark packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-16T00:00:00", "type": "nessus", "title": "Debian DLA-1634-1 : wireshark security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-11406", "CVE-2017-11407", "CVE-2017-11409", "CVE-2017-13765", "CVE-2017-15191", "CVE-2017-17935", "CVE-2017-17997", "CVE-2017-7700", "CVE-2017-7703", "CVE-2017-7746", "CVE-2017-7747", "CVE-2017-9766", "CVE-2018-11356", "CVE-2018-11357", "CVE-2018-11359", "CVE-2018-16057", "CVE-2018-16058", "CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-7322", "CVE-2018-7323", "CVE-2018-7324", "CVE-2018-7325", "CVE-2018-7331", "CVE-2018-7336", "CVE-2018-7417", "CVE-2018-7418", "CVE-2018-7420", "CVE-2018-9256", "CVE-2018-9259", "CVE-2018-9260", "CVE-2018-9262", "CVE-2018-9263", "CVE-2018-9265", "CVE-2018-9267", "CVE-2018-9268", "CVE-2018-9269", "CVE-2018-9270"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libwireshark-data", "p-cpe:/a:debian:debian_linux:libwireshark-dev", "p-cpe:/a:debian:debian_linux:libwireshark5", "p-cpe:/a:debian:debian_linux:libwiretap-dev", "p-cpe:/a:debian:debian_linux:libwiretap4", "p-cpe:/a:debian:debian_linux:libwsutil-dev", "p-cpe:/a:debian:debian_linux:libwsutil4", "p-cpe:/a:debian:debian_linux:tshark", "p-cpe:/a:debian:debian_linux:wireshark", "p-cpe:/a:debian:debian_linux:wireshark-common", "p-cpe:/a:debian:debian_linux:wireshark-dbg", "p-cpe:/a:debian:debian_linux:wireshark-dev", "p-cpe:/a:debian:debian_linux:wireshark-doc", "p-cpe:/a:debian:debian_linux:wireshark-qt", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1634.NASL", "href": "https://www.tenable.com/plugins/nessus/121193", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1634-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121193);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-11406\", \"CVE-2017-11407\", \"CVE-2017-11409\", \"CVE-2017-13765\", \"CVE-2017-15191\", \"CVE-2017-17935\", \"CVE-2017-17997\", \"CVE-2017-7700\", \"CVE-2017-7703\", \"CVE-2017-7746\", \"CVE-2017-7747\", \"CVE-2017-9766\", \"CVE-2018-11356\", \"CVE-2018-11357\", \"CVE-2018-11359\", \"CVE-2018-16057\", \"CVE-2018-16058\", \"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-7322\", \"CVE-2018-7323\", \"CVE-2018-7324\", \"CVE-2018-7325\", \"CVE-2018-7331\", \"CVE-2018-7336\", \"CVE-2018-7417\", \"CVE-2018-7418\", \"CVE-2018-7420\", \"CVE-2018-9256\", \"CVE-2018-9259\", \"CVE-2018-9260\", \"CVE-2018-9262\", \"CVE-2018-9263\", \"CVE-2018-9265\", \"CVE-2018-9267\", \"CVE-2018-9268\", \"CVE-2018-9269\", \"CVE-2018-9270\");\n\n script_name(english:\"Debian DLA-1634-1 : wireshark security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several issues in wireshark, a tool that captures and analyzes packets\noff the wire, have been found by different people. These are basically\nissues with length checks or invalid memory access in different\ndissectors. This could result in infinite loops or crashes by\nmalicious packets.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n1.12.1+g01b65bf-4+deb8u16.\n\nWe recommend that you upgrade your wireshark packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/wireshark\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwireshark-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwireshark-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwireshark5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwiretap-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwiretap4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwsutil-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwsutil4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libwireshark-data\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwireshark-dev\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwireshark5\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwiretap-dev\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwiretap4\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwsutil-dev\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwsutil4\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tshark\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wireshark\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wireshark-common\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wireshark-dbg\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wireshark-dev\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wireshark-doc\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wireshark-qt\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:03:03", "description": "In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations. (CVE-2018-16057)\n\nIn Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows.\n(CVE-2018-19622)\n\nIn Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too long. (CVE-2018-14368 )\n\nIn Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read. (CVE-2018-14340)\n\nIn Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow. (CVE-2018-14341)\n\nIn Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\\0' character. (CVE-2018-11362)\n\nIn Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value. (CVE-2018-7418)", "cvss3": {}, "published": "2020-06-18T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : wireshark (ALAS-2020-1438)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11362", "CVE-2018-14340", "CVE-2018-14341", "CVE-2018-14368", "CVE-2018-16057", "CVE-2018-19622", "CVE-2018-7418"], "modified": "2020-06-22T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:wireshark", "p-cpe:/a:amazon:linux:wireshark-debuginfo", "p-cpe:/a:amazon:linux:wireshark-devel", "p-cpe:/a:amazon:linux:wireshark-gnome", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2020-1438.NASL", "href": "https://www.tenable.com/plugins/nessus/137569", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2020-1438.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(137569);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/22\");\n\n script_cve_id(\"CVE-2018-11362\", \"CVE-2018-14340\", \"CVE-2018-14341\", \"CVE-2018-14368\", \"CVE-2018-16057\", \"CVE-2018-19622\", \"CVE-2018-7418\");\n script_xref(name:\"ALAS\", value:\"2020-1438\");\n\n script_name(english:\"Amazon Linux 2 : wireshark (ALAS-2020-1438)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the\nRadiotap dissector could crash. This was addressed in\nepan/dissectors/packet-ieee80211-radiotap-iter.c by validating\niterator operations. (CVE-2018-16057)\n\nIn Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector\ncould go into an infinite loop. This was addressed in\nepan/dissectors/packet-mmse.c by preventing length overflows.\n(CVE-2018-19622)\n\nIn Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the\nBazaar protocol dissector could go into an infinite loop. This was\naddressed in epan/dissectors/packet-bzr.c by properly handling items\nthat are too long. (CVE-2018-14368 )\n\nIn Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15,\ndissectors that support zlib decompression could crash. This was\naddressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid\na buffer over-read. (CVE-2018-14340)\n\nIn Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the\nDICOM dissector could go into a large or infinite loop. This was\naddressed in epan/dissectors/packet-dcm.c by preventing an offset\noverflow. (CVE-2018-14341)\n\nIn Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS\ndissector could crash. This was addressed in\nepan/dissectors/packet-ldss.c by avoiding a buffer over-read upon\nencountering a missing '\\0' character. (CVE-2018-11362)\n\nIn Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector\ncould crash. This was addressed in epan/dissectors/packet-sigcomp.c by\ncorrecting the extraction of the length value. (CVE-2018-7418)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2020-1438.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Run 'yum update wireshark' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"wireshark-1.10.14-24.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"wireshark-debuginfo-1.10.14-24.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"wireshark-devel-1.10.14-24.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"wireshark-gnome-1.10.14-24.amzn2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-debuginfo / wireshark-devel / wireshark-gnome\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:13:42", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has wireshark packages installed that are affected by multiple vulnerabilities:\n\n - In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\\0' character. (CVE-2018-11362)\n\n - In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value. (CVE-2018-7418)\n\n - In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows. (CVE-2018-19622)\n\n - In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.\n (CVE-2018-16057)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read. (CVE-2018-14340)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow. (CVE-2018-14341)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too long. (CVE-2018-14368)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : wireshark Multiple Vulnerabilities (NS-SA-2020-0064)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11362", "CVE-2018-14340", "CVE-2018-14341", "CVE-2018-14368", "CVE-2018-16057", "CVE-2018-19622", "CVE-2018-7418"], "modified": "2020-12-10T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2020-0064_WIRESHARK.NASL", "href": "https://www.tenable.com/plugins/nessus/143927", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2020-0064. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143927);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/10\");\n\n script_cve_id(\n \"CVE-2018-7418\",\n \"CVE-2018-11362\",\n \"CVE-2018-14340\",\n \"CVE-2018-14341\",\n \"CVE-2018-14368\",\n \"CVE-2018-16057\",\n \"CVE-2018-19622\"\n );\n script_bugtraq_id(\n 103157,\n 104308,\n 104847,\n 105174,\n 106051\n );\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : wireshark Multiple Vulnerabilities (NS-SA-2020-0064)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has wireshark packages installed that are affected\nby multiple vulnerabilities:\n\n - In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was\n addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\\0'\n character. (CVE-2018-11362)\n\n - In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in\n epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value. (CVE-2018-7418)\n\n - In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This\n was addressed in epan/dissectors/packet-mmse.c by preventing length overflows. (CVE-2018-19622)\n\n - In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This\n was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.\n (CVE-2018-16057)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib\n decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid\n a buffer over-read. (CVE-2018-14340)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a\n large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset\n overflow. (CVE-2018-14341)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go\n into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that\n are too long. (CVE-2018-14368)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2020-0064\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL wireshark packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-14368\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL CORE 5.04': [\n 'wireshark-1.10.14-24.el7',\n 'wireshark-debuginfo-1.10.14-24.el7',\n 'wireshark-devel-1.10.14-24.el7',\n 'wireshark-gnome-1.10.14-24.el7'\n ],\n 'CGSL MAIN 5.04': [\n 'wireshark-1.10.14-24.el7',\n 'wireshark-debuginfo-1.10.14-24.el7',\n 'wireshark-devel-1.10.14-24.el7',\n 'wireshark-gnome-1.10.14-24.el7'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'wireshark');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-10T18:02:59", "description": "The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1047 advisory.\n\n - In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value. (CVE-2018-7418)\n\n - In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\\0' character. (CVE-2018-11362)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too long. (CVE-2018-14368)\n\n - In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.\n (CVE-2018-16057)\n\n - In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows. (CVE-2018-19622)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read. (CVE-2018-14340)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow. (CVE-2018-14341)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-09-07T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : wireshark (ELSA-2020-1047)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11362", "CVE-2018-14340", "CVE-2018-14341", "CVE-2018-14368", "CVE-2018-16057", "CVE-2018-19622", "CVE-2018-7418"], "modified": "2023-09-07T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:wireshark", "p-cpe:/a:oracle:linux:wireshark-devel", "p-cpe:/a:oracle:linux:wireshark-gnome"], "id": "ORACLELINUX_ELSA-2020-1047.NASL", "href": "https://www.tenable.com/plugins/nessus/180733", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-1047.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(180733);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/07\");\n\n script_cve_id(\n \"CVE-2018-7418\",\n \"CVE-2018-11362\",\n \"CVE-2018-14340\",\n \"CVE-2018-14341\",\n \"CVE-2018-14368\",\n \"CVE-2018-16057\",\n \"CVE-2018-19622\"\n );\n script_xref(name:\"IAVB\", value:\"2018-B-0032-S\");\n script_xref(name:\"IAVB\", value:\"2018-B-0072-S\");\n script_xref(name:\"IAVB\", value:\"2018-B-0093-S\");\n script_xref(name:\"IAVB\", value:\"2018-B-0120-S\");\n script_xref(name:\"IAVB\", value:\"2018-B-0154-S\");\n\n script_name(english:\"Oracle Linux 7 : wireshark (ELSA-2020-1047)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2020-1047 advisory.\n\n - In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in\n epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value. (CVE-2018-7418)\n\n - In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was\n addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\\0'\n character. (CVE-2018-11362)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go\n into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that\n are too long. (CVE-2018-14368)\n\n - In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This\n was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.\n (CVE-2018-16057)\n\n - In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This\n was addressed in epan/dissectors/packet-mmse.c by preventing length overflows. (CVE-2018-19622)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib\n decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid\n a buffer over-read. (CVE-2018-14340)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a\n large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset\n overflow. (CVE-2018-14341)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2020-1047.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected wireshark, wireshark-devel and / or wireshark-gnome packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-14368\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-7418\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/09/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:wireshark-gnome\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'wireshark-1.10.14-24.0.1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-devel-1.10.14-24.0.1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-gnome-1.10.14-24.0.1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-1.10.14-24.0.1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-devel-1.10.14-24.0.1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-1.10.14-24.0.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-devel-1.10.14-24.0.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-gnome-1.10.14-24.0.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'wireshark / wireshark-devel / wireshark-gnome');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:18:21", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1047 advisory.\n\n - wireshark: Out-of-bounds read in packet-ldss.c (CVE-2018-11362)\n\n - wireshark: Multiple dissectors could crash (wnpa-sec-2018-36) (CVE-2018-14340)\n\n - wireshark: DICOM dissector infinite loop (wnpa-sec-2018-39) (CVE-2018-14341)\n\n - wireshark: Bazaar dissector infinite loop (wnpa-sec-2018-40) (CVE-2018-14368)\n\n - wireshark: Radiotap dissector crash (CVE-2018-16057)\n\n - wireshark: Infinite loop in the MMSE dissector (CVE-2018-19622)\n\n - wireshark: SIGCOMP dissector crash in packet-sigcomp.c (CVE-2018-7418)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-04-01T00:00:00", "type": "nessus", "title": "RHEL 7 : wireshark (RHSA-2020:1047)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11362", "CVE-2018-14340", "CVE-2018-14341", "CVE-2018-14368", "CVE-2018-16057", "CVE-2018-19622", "CVE-2018-7418"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:wireshark", "p-cpe:/a:redhat:enterprise_linux:wireshark-devel", "p-cpe:/a:redhat:enterprise_linux:wireshark-gnome"], "id": "REDHAT-RHSA-2020-1047.NASL", "href": "https://www.tenable.com/plugins/nessus/135076", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1047. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135076);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2018-7418\",\n \"CVE-2018-11362\",\n \"CVE-2018-14340\",\n \"CVE-2018-14341\",\n \"CVE-2018-14368\",\n \"CVE-2018-16057\",\n \"CVE-2018-19622\"\n );\n script_bugtraq_id(\n 103157,\n 104308,\n 104847,\n 105174,\n 106051\n );\n script_xref(name:\"RHSA\", value:\"2020:1047\");\n script_xref(name:\"IAVB\", value:\"2018-B-0154-S\");\n script_xref(name:\"IAVB\", value:\"2018-B-0120-S\");\n script_xref(name:\"IAVB\", value:\"2018-B-0072-S\");\n script_xref(name:\"IAVB\", value:\"2018-B-0093-S\");\n script_xref(name:\"IAVB\", value:\"2018-B-0032-S\");\n\n script_name(english:\"RHEL 7 : wireshark (RHSA-2020:1047)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1047 advisory.\n\n - wireshark: Out-of-bounds read in packet-ldss.c (CVE-2018-11362)\n\n - wireshark: Multiple dissectors could crash (wnpa-sec-2018-36) (CVE-2018-14340)\n\n - wireshark: DICOM dissector infinite loop (wnpa-sec-2018-39) (CVE-2018-14341)\n\n - wireshark: Bazaar dissector infinite loop (wnpa-sec-2018-40) (CVE-2018-14368)\n\n - wireshark: Radiotap dissector crash (CVE-2018-16057)\n\n - wireshark: Infinite loop in the MMSE dissector (CVE-2018-19622)\n\n - wireshark: SIGCOMP dissector crash in packet-sigcomp.c (CVE-2018-7418)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-7418\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-11362\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-14340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-14341\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-14368\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-16057\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-19622\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1047\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1549305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1581787\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1607323\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1607326\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1607327\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1625925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1655932\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected wireshark, wireshark-devel and / or wireshark-gnome packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-14368\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 125, 400, 835);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wireshark-gnome\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/os',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/os',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/os',\n 'content/fastrack/rhel/power/7/ppc64/optional/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/os',\n 'content/fastrack/rhel/power/7/ppc64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/os',\n 'content/fastrack/rhel/system-z/7/s390x/optional/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/os',\n 'content/fastrack/rhel/system-z/7/s390x/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'wireshark-1.10.14-24.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-devel-1.10.14-24.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-gnome-1.10.14-24.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-gnome-1.10.14-24.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-gnome-1.10.14-24.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-gnome-1.10.14-24.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'wireshark / wireshark-devel / wireshark-gnome');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:26:18", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has wireshark packages installed that are affected by multiple vulnerabilities:\n\n - In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\\0' character. (CVE-2018-11362)\n\n - In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value. (CVE-2018-7418)\n\n - In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows. (CVE-2018-19622)\n\n - In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.\n (CVE-2018-16057)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read. (CVE-2018-14340)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow. (CVE-2018-14341)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too long. (CVE-2018-14368)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : wireshark Multiple Vulnerabilities (NS-SA-2020-0097)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11362", "CVE-2018-14340", "CVE-2018-14341", "CVE-2018-14368", "CVE-2018-16057", "CVE-2018-19622", "CVE-2018-7418"], "modified": "2020-12-10T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2020-0097_WIRESHARK.NASL", "href": "https://www.tenable.com/plugins/nessus/143949", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2020-0097. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143949);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/10\");\n\n script_cve_id(\n \"CVE-2018-7418\",\n \"CVE-2018-11362\",\n \"CVE-2018-14340\",\n \"CVE-2018-14341\",\n \"CVE-2018-14368\",\n \"CVE-2018-16057\",\n \"CVE-2018-19622\"\n );\n script_bugtraq_id(\n 103157,\n 104308,\n 104847,\n 105174,\n 106051\n );\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : wireshark Multiple Vulnerabilities (NS-SA-2020-0097)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has wireshark packages installed that are affected\nby multiple vulnerabilities:\n\n - In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was\n addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\\0'\n character. (CVE-2018-11362)\n\n - In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in\n epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value. (CVE-2018-7418)\n\n - In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This\n was addressed in epan/dissectors/packet-mmse.c by preventing length overflows. (CVE-2018-19622)\n\n - In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This\n was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.\n (CVE-2018-16057)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib\n decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid\n a buffer over-read. (CVE-2018-14340)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a\n large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset\n overflow. (CVE-2018-14341)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go\n into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that\n are too long. (CVE-2018-14368)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2020-0097\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL wireshark packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-14368\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.05\" &&\n release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL CORE 5.05': [\n 'wireshark-1.10.14-24.el7',\n 'wireshark-debuginfo-1.10.14-24.el7',\n 'wireshark-devel-1.10.14-24.el7',\n 'wireshark-gnome-1.10.14-24.el7'\n ],\n 'CGSL MAIN 5.05': [\n 'wireshark-1.10.14-24.el7',\n 'wireshark-debuginfo-1.10.14-24.el7',\n 'wireshark-devel-1.10.14-24.el7',\n 'wireshark-gnome-1.10.14-24.el7'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'wireshark');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:58:19", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1047 advisory.\n\n - wireshark: Out-of-bounds read in packet-ldss.c (CVE-2018-11362)\n\n - wireshark: Multiple dissectors could crash (wnpa- sec-2018-36) (CVE-2018-14340)\n\n - wireshark: DICOM dissector infinite loop (wnpa- sec-2018-39) (CVE-2018-14341)\n\n - wireshark: Bazaar dissector infinite loop (wnpa- sec-2018-40) (CVE-2018-14368)\n\n - wireshark: Radiotap dissector crash (CVE-2018-16057)\n\n - wireshark: Infinite loop in the MMSE dissector (CVE-2018-19622)\n\n - wireshark: SIGCOMP dissector crash in packet-sigcomp.c (CVE-2018-7418)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-04-10T00:00:00", "type": "nessus", "title": "CentOS 7 : wireshark (CESA-2020:1047)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11362", "CVE-2018-14340", "CVE-2018-14341", "CVE-2018-14368", "CVE-2018-16057", "CVE-2018-19622", "CVE-2018-7418"], "modified": "2020-06-05T00:00:00", "cpe": ["p-cpe:/a:centos:centos:wireshark", "p-cpe:/a:centos:centos:wireshark-devel", "p-cpe:/a:centos:centos:wireshark-gnome", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2020-1047.NASL", "href": "https://www.tenable.com/plugins/nessus/135324", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2020:1047 and \n# CentOS Errata and Security Advisory 2020:1047 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135324);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/05\");\n\n script_cve_id(\"CVE-2018-11362\", \"CVE-2018-14340\", \"CVE-2018-14341\", \"CVE-2018-14368\", \"CVE-2018-16057\", \"CVE-2018-19622\", \"CVE-2018-7418\");\n script_xref(name:\"RHSA\", value:\"2020:1047\");\n\n script_name(english:\"CentOS 7 : wireshark (CESA-2020:1047)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1047 advisory.\n\n - wireshark: Out-of-bounds read in packet-ldss.c\n (CVE-2018-11362)\n\n - wireshark: Multiple dissectors could crash (wnpa-\n sec-2018-36) (CVE-2018-14340)\n\n - wireshark: DICOM dissector infinite loop (wnpa-\n sec-2018-39) (CVE-2018-14341)\n\n - wireshark: Bazaar dissector infinite loop (wnpa-\n sec-2018-40) (CVE-2018-14368)\n\n - wireshark: Radiotap dissector crash (CVE-2018-16057)\n\n - wireshark: Infinite loop in the MMSE dissector\n (CVE-2018-19622)\n\n - wireshark: SIGCOMP dissector crash in packet-sigcomp.c\n (CVE-2018-7418)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2020-April/012642.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0b95f64b\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-14341\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"wireshark-1.10.14-24.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"wireshark-devel-1.10.14-24.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"wireshark-gnome-1.10.14-24.el7\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-devel / wireshark-gnome\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:58:34", "description": "* wireshark: Out-of-bounds read in packet-ldss.c * wireshark: Multiple dissectors could crash (wnpa-sec-2018-36) * wireshark: DICOM dissector infinite loop (wnpa-sec-2018-39) * wireshark: Bazaar dissector infinite loop (wnpa-sec-2018-40) * wireshark: SIGCOMP dissector crash in packet-sigcomp.c * wireshark: Radiotap dissector crash * wireshark:\nInfinite loop in the MMSE dissector", "cvss3": {}, "published": "2020-04-21T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : wireshark on SL7.x x86_64 (20200407)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11362", "CVE-2018-14340", "CVE-2018-14341", "CVE-2018-14368", "CVE-2018-16057", "CVE-2018-19622", "CVE-2018-7418"], "modified": "2020-04-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:wireshark", "p-cpe:/a:fermilab:scientific_linux:wireshark-debuginfo", "p-cpe:/a:fermilab:scientific_linux:wireshark-devel", "p-cpe:/a:fermilab:scientific_linux:wireshark-gnome", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20200407_WIRESHARK_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/135842", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135842);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/24\");\n\n script_cve_id(\"CVE-2018-11362\", \"CVE-2018-14340\", \"CVE-2018-14341\", \"CVE-2018-14368\", \"CVE-2018-16057\", \"CVE-2018-19622\", \"CVE-2018-7418\");\n\n script_name(english:\"Scientific Linux Security Update : wireshark on SL7.x x86_64 (20200407)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"* wireshark: Out-of-bounds read in packet-ldss.c * wireshark: Multiple\ndissectors could crash (wnpa-sec-2018-36) * wireshark: DICOM dissector\ninfinite loop (wnpa-sec-2018-39) * wireshark: Bazaar dissector\ninfinite loop (wnpa-sec-2018-40) * wireshark: SIGCOMP dissector crash\nin packet-sigcomp.c * wireshark: Radiotap dissector crash * wireshark:\nInfinite loop in the MMSE dissector\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind2004&L=SCIENTIFIC-LINUX-ERRATA&P=12944\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b6a3525a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"wireshark-1.10.14-24.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"wireshark-debuginfo-1.10.14-24.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"wireshark-devel-1.10.14-24.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"wireshark-gnome-1.10.14-24.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-debuginfo / wireshark-devel / wireshark-gnome\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T15:07:26", "description": "According to the versions of the wireshark packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value.(CVE-2018-7418)\n\n - In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.(CVE-2019-10903)\n\n - In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.(CVE-2019-10894)\n\n - In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly.(CVE-2019-10901)\n\n - In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation.(CVE-2019-10895)\n\n - In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read.(CVE-2019-10899)\n\n - In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash.\n This was addressed in epan/tvbparse.c by limiting the recursion depth.(CVE-2018-5336)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read.(CVE-2018-14340)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too long.(CVE-2018-14368)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow.(CVE-2018-14341)\n\n - In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.(CVE-2018-16057)\n\n - In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows.(CVE-2018-19622)\n\n - In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\\0' character.(CVE-2018-11362)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-04-30T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : wireshark (EulerOS-SA-2021-1859)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11362", "CVE-2018-14340", "CVE-2018-14341", "CVE-2018-14368", "CVE-2018-16057", "CVE-2018-19622", "CVE-2018-5336", "CVE-2018-7418", "CVE-2019-10894", "CVE-2019-10895", "CVE-2019-10899", "CVE-2019-10901", "CVE-2019-10903"], "modified": "2021-05-04T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:wireshark", "p-cpe:/a:huawei:euleros:wireshark-gnome", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-1859.NASL", "href": "https://www.tenable.com/plugins/nessus/149199", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149199);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/04\");\n\n script_cve_id(\n \"CVE-2018-11362\",\n \"CVE-2018-14340\",\n \"CVE-2018-14341\",\n \"CVE-2018-14368\",\n \"CVE-2018-16057\",\n \"CVE-2018-19622\",\n \"CVE-2018-5336\",\n \"CVE-2018-7418\",\n \"CVE-2019-10894\",\n \"CVE-2019-10895\",\n \"CVE-2019-10899\",\n \"CVE-2019-10901\",\n \"CVE-2019-10903\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : wireshark (EulerOS-SA-2021-1859)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the wireshark packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the\n SIGCOMP dissector could crash. This was addressed in\n epan/dissectors/packet-sigcomp.c by correcting the\n extraction of the length value.(CVE-2018-7418)\n\n - In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and\n 3.0.0, the DCERPC SPOOLSS dissector could crash. This\n was addressed in\n epan/dissectors/packet-dcerpc-spoolss.c by adding a\n boundary check.(CVE-2019-10903)\n\n - In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and\n 3.0.0, the GSS-API dissector could crash. This was\n addressed in epan/dissectors/packet-gssapi.c by\n ensuring that a valid dissector is\n called.(CVE-2019-10894)\n\n - In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and\n 3.0.0, the LDSS dissector could crash. This was\n addressed in epan/dissectors/packet-ldss.c by handling\n file digests properly.(CVE-2019-10901)\n\n - In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and\n 3.0.0, the NetScaler file parser could crash. This was\n addressed in wiretap/netscaler.c by improving data\n validation.(CVE-2019-10895)\n\n - In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and\n 3.0.0, the SRVLOC dissector could crash. This was\n addressed in epan/dissectors/packet-srvloc.c by\n preventing a heap-based buffer\n under-read.(CVE-2019-10899)\n\n - In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the\n JSON, XML, NTP, XMPP, and GDB dissectors could crash.\n This was addressed in epan/tvbparse.c by limiting the\n recursion depth.(CVE-2018-5336)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0\n to 2.2.15, dissectors that support zlib decompression\n could crash. This was addressed in epan/tvbuff_zlib.c\n by rejecting negative lengths to avoid a buffer\n over-read.(CVE-2018-14340)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0\n to 2.2.15, the Bazaar protocol dissector could go into\n an infinite loop. This was addressed in\n epan/dissectors/packet-bzr.c by properly handling items\n that are too long.(CVE-2018-14368)\n\n - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0\n to 2.2.15, the DICOM dissector could go into a large or\n infinite loop. This was addressed in\n epan/dissectors/packet-dcm.c by preventing an offset\n overflow.(CVE-2018-14341)\n\n - In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0\n to 2.2.16, the Radiotap dissector could crash. This was\n addressed in\n epan/dissectors/packet-ieee80211-radiotap-iter.c by\n validating iterator operations.(CVE-2018-16057)\n\n - In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the\n MMSE dissector could go into an infinite loop. This was\n addressed in epan/dissectors/packet-mmse.c by\n preventing length overflows.(CVE-2018-19622)\n\n - In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to\n 2.2.14, the LDSS dissector could crash. This was\n addressed in epan/dissectors/packet-ldss.c by avoiding\n a buffer over-read upon encountering a missing '\\0'\n character.(CVE-2018-11362)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1859\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2025aba1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected wireshark packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"wireshark-1.10.14-7.h4\",\n \"wireshark-gnome-1.10.14-7.h4\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:19", "description": "According to the versions of the wireshark packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Wireshark is a network traffic analyzer for Unix-ish operating systems.This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package.Security Fix(es):In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read.(CVE-2018-14340)In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow.(CVE-2018-14341)In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth.(CVE-2018-5336)In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value.(CVE-2018-7418)In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/asn1/ros/packet-ros-template.c by validating an OID.(CVE-2017-9347)In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. This was addressed in epan/dissectors/packet-dcm.c by validating a length value.(CVE-2017-9349)In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows.(CVE-2018-19622)The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.(CVE-2015-8714)In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM dissector has a buffer over-read and application crash. This was addressed in plugins/irda/packet-ircomm.c by adding length validation.(CVE-2017-13765)In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer.(CVE-2017-17083)The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.(CVE-2015-8712)epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.(CVE-2015-8713)In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly.(CVE-2017-7703)In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dns.c by trying to detect self-referencing pointers.(CVE-2017-9345)In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by ensuring that backwards parsing cannot occur.(CVE-2017-9352)In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.(CVE-2018-16057)epan/dissectors/packet-catap ult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 does not restrict the number of channels, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet.(CVE-2016-7177)Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted packet.(CVE-2016-7179)In Wireshark 2.2.0, the NCP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/CMakeLists.txt by registering this dissector.(CVE-2016-7958)In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful.(CVE-2016-9375)epan/dissectors/packet-wbxml.\n c in the WBXML dissector in Wireshark 1.12.x before 1.12.12 mishandles offsets, which allows remote attackers to cause a denial of service (integer overflow and infinite loop) via a crafted packet.(CVE-2016-5359)epan/dissectors/packet-packetbb.c in the PacketBB dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted packet.(CVE-2016-6505)epan/dissectors/packet-mmse.c in the MMSE dissector in Wireshark 1.12.x before 1.12.13 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.(CVE-2016-6507)epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (large loop) via a crafted packet.(CVE-2016-6508)Off-by-one error in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.(CVE-2016-6510)epan/dissectors/packet-iax2.c in the IAX2 dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.(CVE-2016-4081)Stack-based buffer overflow in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.12.x before 1.12.11 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in a packet.(CVE-2016-4085)epan/dissectors/packet-dcerpc-spo olss.c in the SPOOLS component in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles unexpected offsets, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.(CVE-2016-5350)epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles the reserved C/T value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.(CVE-2016-5353)Off-by-one error in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that triggers a 0xff tag value, a different vulnerability than CVE-2016-2530.(CVE-2016-2531)The dissect_llrp_parameters function in epan/dissectors/packet-llrp.c in the LLRP dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 does not limit the recursion depth, which allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted packet.(CVE-2016-2532)epan/proto.c in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not limit the protocol-tree depth, which allows remote attackers to cause a denial of service (stack memory consumption and application crash) via a crafted packet.(CVE-2016-4006)epan/reassemble.c in TShark in Wireshark 2.0.x before 2.0.3 relies on incorrect special-case handling of truncated Tvb data structures, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.(CVE-2016-4077)The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.(CVE-2015-8723)The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\\0' character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.(CVE-2015-8729)The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.(CVE-2015-8731)The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 mishandles the case of an unrecognized TLV type, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet, a different vulnerability than CVE-2016-2531.(CVE-2016-2530)The dnp3_al_process_object function in epan/dissectors/packet-dnp.c in the DNP3 dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.(CVE-2016-2523)The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.(CVE-2015-8716)The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.(CVE-2015-8717)Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the 'Match MSG/RES packets for async NLM' option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet.(CVE-2015-8718)The dissect_dns_answer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.12.x before 1.12.9 mishandles the EDNS0 Client Subnet option, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.(CVE-2015-8719)Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression.(CVE-2015-8721)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-04T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : wireshark (EulerOS-SA-2019-2425)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8712", "CVE-2015-8713", "CVE-2015-8714", "CVE-2015-8716", "CVE-2015-8717", "CVE-2015-8718", "CVE-2015-8719", "CVE-2015-8721", "CVE-2015-8723", "CVE-2015-8729", "CVE-2015-8731", "CVE-2016-2523", "CVE-2016-2530", "CVE-2016-2531", "CVE-2016-2532", "CVE-2016-4006", "CVE-2016-4077", "CVE-2016-4081", "CVE-2016-4085", "CVE-2016-5350", "CVE-2016-5353", "CVE-2016-5359", "CVE-2016-6505", "CVE-2016-6507", "CVE-2016-6508", "CVE-2016-6510", "CVE-2016-7177", "CVE-2016-7179", "CVE-2016-7958", "CVE-2016-9375", "CVE-2017-13765", "CVE-2017-17083", "CVE-2017-7703", "CVE-2017-9345", "CVE-2017-9347", "CVE-2017-9349", "CVE-2017-9352", "CVE-2018-14340", "CVE-2018-14341", "CVE-2018-16057", "CVE-2018-19622", "CVE-2018-5336", "CVE-2018-7418"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:wireshark", "p-cpe:/a:huawei:euleros:wireshark-gnome", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2425.NASL", "href": "https://www.tenable.com/plugins/nessus/131579", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131579);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2015-8712\",\n \"CVE-2015-8713\",\n \"CVE-2015-8714\",\n \"CVE-2015-8716\",\n \"CVE-2015-8717\",\n \"CVE-2015-8718\",\n \"CVE-2015-8719\",\n \"CVE-2015-8721\",\n \"CVE-2015-8723\",\n \"CVE-2015-8729\",\n \"CVE-2015-8731\",\n \"CVE-2016-2523\",\n \"CVE-2016-2530\",\n \"CVE-2016-2531\",\n \"CVE-2016-2532\",\n \"CVE-2016-4006\",\n \"CVE-2016-4077\",\n \"CVE-2016-4081\",\n \"CVE-2016-4085\",\n \"CVE-2016-5350\",\n \"CVE-2016-5353\",\n \"CVE-2016-5359\",\n \"CVE-2016-6505\",\n \"CVE-2016-6507\",\n \"CVE-2016-6508\",\n \"CVE-2016-6510\",\n \"CVE-2016-7177\",\n \"CVE-2016-7179\",\n \"CVE-2016-7958\",\n \"CVE-2016-9375\",\n \"CVE-2017-13765\",\n \"CVE-2017-17083\",\n \"CVE-2017-7703\",\n \"CVE-2017-9345\",\n \"CVE-2017-9347\",\n \"CVE-2017-9349\",\n \"CVE-2017-9352\",\n \"CVE-2018-14340\",\n \"CVE-2018-14341\",\n \"CVE-2018-16057\",\n \"CVE-2018-19622\",\n \"CVE-2018-5336\",\n \"CVE-2018-7418\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : wireshark (EulerOS-SA-2019-2425)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the wireshark packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Wireshark is a network traffic analyzer for Unix-ish\n operating systems.This package lays base for libpcap, a\n packet capture and filtering library, contains\n command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface\n is packaged separately to GTK+ package.Security\n Fix(es):In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7,\n and 2.2.0 to 2.2.15, dissectors that support zlib\n decompression could crash. This was addressed in\n epan/tvbuff_zlib.c by rejecting negative lengths to\n avoid a buffer over-read.(CVE-2018-14340)In Wireshark\n 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15,\n the DICOM dissector could go into a large or infinite\n loop. This was addressed in\n epan/dissectors/packet-dcm.c by preventing an offset\n overflow.(CVE-2018-14341)In Wireshark 2.4.0 to 2.4.3\n and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB\n dissectors could crash. This was addressed in\n epan/tvbparse.c by limiting the recursion\n depth.(CVE-2018-5336)In Wireshark 2.2.0 to 2.2.12 and\n 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This\n was addressed in epan/dissectors/packet-sigcomp.c by\n correcting the extraction of the length\n value.(CVE-2018-7418)In Wireshark 2.2.0 to 2.2.6, the\n ROS dissector could crash with a NULL pointer\n dereference. This was addressed in\n epan/dissectors/asn1/ros/packet-ros-template.c by\n validating an OID.(CVE-2017-9347)In Wireshark 2.2.0 to\n 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an\n infinite loop. This was addressed in\n epan/dissectors/packet-dcm.c by validating a length\n value.(CVE-2017-9349)In Wireshark 2.6.0 to 2.6.4 and\n 2.4.0 to 2.4.10, the MMSE dissector could go into an\n infinite loop. This was addressed in\n epan/dissectors/packet-mmse.c by preventing length\n overflows.(CVE-2018-19622)The dissect_dcom_OBJREF\n function in epan/dissectors/packet-dcom.c in the DCOM\n dissector in Wireshark 1.12.x before 1.12.9 does not\n initialize a certain IPv4 data structure, which allows\n remote attackers to cause a denial of service\n (application crash) via a crafted\n packet.(CVE-2015-8714)In Wireshark 2.4.0, 2.2.0 to\n 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM dissector has a\n buffer over-read and application crash. This was\n addressed in plugins/irda/packet-ircomm.c by adding\n length validation.(CVE-2017-13765)In Wireshark 2.4.0 to\n 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could\n crash. This was addressed in\n epan/dissectors/packet-netbios.c by ensuring that write\n operations are bounded by the beginning of a\n buffer.(CVE-2017-17083)The dissect_hsdsch_channel_info\n function in epan/dissectors/packet-umts_fp.c in the\n UMTS FP dissector in Wireshark 1.12.x before 1.12.9\n does not validate the number of PDUs, which allows\n remote attackers to cause a denial of service\n (application crash) via a crafted\n packet.(CVE-2015-8712)epan/dissectors/packet-umts_fp.c\n in the UMTS FP dissector in Wireshark 1.12.x before\n 1.12.9 does not properly reserve memory for channel ID\n mappings, which allows remote attackers to cause a\n denial of service (out-of-bounds memory access and\n application crash) via a crafted\n packet.(CVE-2015-8713)In Wireshark 2.2.0 to 2.2.5 and\n 2.0.0 to 2.0.11, the IMAP dissector could crash,\n triggered by packet injection or a malformed capture\n file. This was addressed in\n epan/dissectors/packet-imap.c by calculating a line's\n end correctly.(CVE-2017-7703)In Wireshark 2.2.0 to\n 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go\n into an infinite loop. This was addressed in\n epan/dissectors/packet-dns.c by trying to detect\n self-referencing pointers.(CVE-2017-9345)In Wireshark\n 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar\n dissector could go into an infinite loop. This was\n addressed in epan/dissectors/packet-bzr.c by ensuring\n that backwards parsing cannot occur.(CVE-2017-9352)In\n Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to\n 2.2.16, the Radiotap dissector could crash. This was\n addressed in\n epan/dissectors/packet-ieee80211-radiotap-iter.c by\n validating iterator\n operations.(CVE-2018-16057)epan/dissectors/packet-catap\n ult-dct2000.c in the Catapult DCT2000 dissector in\n Wireshark 2.x before 2.0.6 does not restrict the number\n of channels, which allows remote attackers to cause a\n denial of service (buffer over-read and application\n crash) via a crafted packet.(CVE-2016-7177)Stack-based\n buffer overflow in\n epan/dissectors/packet-catapult-dct2000.c in the\n Catapult DCT2000 dissector in Wireshark 2.x before\n 2.0.6 allows remote attackers to cause a denial of\n service (application crash) via a crafted\n packet.(CVE-2016-7179)In Wireshark 2.2.0, the NCP\n dissector could crash, triggered by packet injection or\n a malformed capture file. This was addressed in\n epan/dissectors/CMakeLists.txt by registering this\n dissector.(CVE-2016-7958)In Wireshark 2.2.0 to 2.2.1\n and 2.0.0 to 2.0.7, the DTN dissector could go into an\n infinite loop, triggered by network traffic or a\n capture file. This was addressed in\n epan/dissectors/packet-dtn.c by checking whether SDNV\n evaluation was\n successful.(CVE-2016-9375)epan/dissectors/packet-wbxml.\n c in the WBXML dissector in Wireshark 1.12.x before\n 1.12.12 mishandles offsets, which allows remote\n attackers to cause a denial of service (integer\n overflow and infinite loop) via a crafted\n packet.(CVE-2016-5359)epan/dissectors/packet-packetbb.c\n in the PacketBB dissector in Wireshark 1.12.x before\n 1.12.13 and 2.x before 2.0.5 allows remote attackers to\n cause a denial of service (divide-by-zero error and\n application crash) via a crafted\n packet.(CVE-2016-6505)epan/dissectors/packet-mmse.c in\n the MMSE dissector in Wireshark 1.12.x before 1.12.13\n allows remote attackers to cause a denial of service\n (infinite loop) via a crafted\n packet.(CVE-2016-6507)epan/dissectors/packet-rlc.c in\n the RLC dissector in Wireshark 1.12.x before 1.12.13\n and 2.x before 2.0.5 uses an incorrect integer data\n type, which allows remote attackers to cause a denial\n of service (large loop) via a crafted\n packet.(CVE-2016-6508)Off-by-one error in\n epan/dissectors/packet-rlc.c in the RLC dissector in\n Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5\n allows remote attackers to cause a denial of service\n (stack-based buffer overflow and application crash) via\n a crafted\n packet.(CVE-2016-6510)epan/dissectors/packet-iax2.c in\n the IAX2 dissector in Wireshark 1.12.x before 1.12.11\n and 2.0.x before 2.0.3 uses an incorrect integer data\n type, which allows remote attackers to cause a denial\n of service (infinite loop) via a crafted\n packet.(CVE-2016-4081)Stack-based buffer overflow in\n epan/dissectors/packet-ncp2222.inc in the NCP dissector\n in Wireshark 1.12.x before 1.12.11 allows remote\n attackers to cause a denial of service (application\n crash) or possibly have unspecified other impact via a\n long string in a\n packet.(CVE-2016-4085)epan/dissectors/packet-dcerpc-spo\n olss.c in the SPOOLS component in Wireshark 1.12.x\n before 1.12.12 and 2.x before 2.0.4 mishandles\n unexpected offsets, which allows remote attackers to\n cause a denial of service (infinite loop) via a crafted\n packet.(CVE-2016-5350)epan/dissectors/packet-umts_fp.c\n in the UMTS FP dissector in Wireshark 1.12.x before\n 1.12.12 and 2.x before 2.0.4 mishandles the reserved\n C/T value, which allows remote attackers to cause a\n denial of service (application crash) via a crafted\n packet.(CVE-2016-5353)Off-by-one error in\n epan/dissectors/packet-rsl.c in the RSL dissector in\n Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2\n allows remote attackers to cause a denial of service\n (out-of-bounds read and application crash) via a\n crafted packet that triggers a 0xff tag value, a\n different vulnerability than\n CVE-2016-2530.(CVE-2016-2531)The\n dissect_llrp_parameters function in\n epan/dissectors/packet-llrp.c in the LLRP dissector in\n Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2\n does not limit the recursion depth, which allows remote\n attackers to cause a denial of service (memory\n consumption or application crash) via a crafted\n packet.(CVE-2016-2532)epan/proto.c in Wireshark 1.12.x\n before 1.12.11 and 2.0.x before 2.0.3 does not limit\n the protocol-tree depth, which allows remote attackers\n to cause a denial of service (stack memory consumption\n and application crash) via a crafted\n packet.(CVE-2016-4006)epan/reassemble.c in TShark in\n Wireshark 2.0.x before 2.0.3 relies on incorrect\n special-case handling of truncated Tvb data structures,\n which allows remote attackers to cause a denial of\n service (use-after-free and application crash) via a\n crafted packet.(CVE-2016-4077)The AirPDcapPacketProcess\n function in epan/crypt/airpdcap.c in the 802.11\n dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x\n before 2.0.1 does not validate the relationship between\n the total length and the capture length, which allows\n remote attackers to cause a denial of service\n (stack-based buffer overflow and application crash) via\n a crafted packet.(CVE-2015-8723)The ascend_seek\n function in wiretap/ascendtext.c in the Ascend file\n parser in Wireshark 1.12.x before 1.12.9 and 2.0.x\n before 2.0.1 does not ensure the presence of a '\\0'\n character at the end of a date string, which allows\n remote attackers to cause a denial of service\n (out-of-bounds read and application crash) via a\n crafted file.(CVE-2015-8729)The dissct_rsl_ipaccess_msg\n function in epan/dissectors/packet-rsl.c in the RSL\n dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x\n before 2.0.1 does not reject unknown TLV types, which\n allows remote attackers to cause a denial of service\n (out-of-bounds read and application crash) via a\n crafted packet.(CVE-2015-8731)The\n dissct_rsl_ipaccess_msg function in\n epan/dissectors/packet-rsl.c in the RSL dissector in\n Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2\n mishandles the case of an unrecognized TLV type, which\n allows remote attackers to cause a denial of service\n (out-of-bounds read and application crash) via a\n crafted packet, a different vulnerability than\n CVE-2016-2531.(CVE-2016-2530)The dnp3_al_process_object\n function in epan/dissectors/packet-dnp.c in the DNP3\n dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x\n before 2.0.2 allows remote attackers to cause a denial\n of service (infinite loop) via a crafted\n packet.(CVE-2016-2523)The init_t38_info_conv function\n in epan/dissectors/packet-t38.c in the T.38 dissector\n in Wireshark 1.12.x before 1.12.9 does not ensure that\n a conversation exists, which allows remote attackers to\n cause a denial of service (application crash) via a\n crafted packet.(CVE-2015-8716)The dissect_sdp function\n in epan/dissectors/packet-sdp.c in the SDP dissector in\n Wireshark 1.12.x before 1.12.9 does not prevent use of\n a negative media count, which allows remote attackers\n to cause a denial of service (application crash) via a\n crafted packet.(CVE-2015-8717)Double free vulnerability\n in epan/dissectors/packet-nlm.c in the NLM dissector in\n Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1,\n when the 'Match MSG/RES packets for async NLM' option\n is enabled, allows remote attackers to cause a denial\n of service (application crash) via a crafted\n packet.(CVE-2015-8718)The dissect_dns_answer function\n in epan/dissectors/packet-dns.c in the DNS dissector in\n Wireshark 1.12.x before 1.12.9 mishandles the EDNS0\n Client Subnet option, which allows remote attackers to\n cause a denial of service (application crash) via a\n crafted packet.(CVE-2015-8719)Buffer overflow in the\n tvb_uncompress function in epan/tvbuff_zlib.c in\n Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1\n allows remote attackers to cause a denial of service\n (application crash) via a crafted packet with zlib\n compression.(CVE-2015-8721)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2425\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?53098281\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected wireshark packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"wireshark-1.10.14-7.h12\",\n \"wireshark-gnome-1.10.14-7.h12\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "osv": [{"lastseen": "2022-08-10T07:06:59", "description": "\nMultiple vulnerabilities have been discovered in Wireshark, a network\nprotocol analyzer, which could result in denial of service or the\nexecution of arbitrary code.\n\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2.6.5-1~deb9u1.\n\n\nWe recommend that you upgrade your wireshark packages.\n\n\nFor the detailed security status of wireshark please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/wireshark](https://security-tracker.debian.org/tracker/wireshark)\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-12-27T00:00:00", "type": "osv", "title": "wireshark - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19627", "CVE-2018-12086", "CVE-2018-19626", "CVE-2018-18227", "CVE-2018-19625", "CVE-2018-19622", "CVE-2018-19628", "CVE-2018-18225", "CVE-2018-18226", "CVE-2018-19623", "CVE-2018-19624"], "modified": "2022-08-10T07:06:57", "id": "OSV:DSA-4359-1", "href": "https://osv.dev/vulnerability/DSA-4359-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-03-28T05:46:44", "description": "Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-16T19:51:31", "type": "osv", "title": "High severity vulnerability that affects OPCFoundation.NetStandard.Opc.Ua", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12086"], "modified": "2023-03-28T05:46:35", "id": "OSV:GHSA-782P-53WQ-CXMJ", "href": "https://osv.dev/vulnerability/GHSA-782p-53wq-cxmj", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-05T05:18:24", "description": "\nSeveral issues in wireshark, a tool that captures and analyzes packets\noff the wire, have been found by different people.\nThese are basically issues with length checks or invalid memory access in\ndifferent dissectors. This could result in infinite loops or crashes by\nmalicious packets.\n\n\nFor Debian 8 Jessie, these problems have been fixed in version\n1.12.1+g01b65bf-4+deb8u16.\n\n\nWe recommend that you upgrade your wireshark packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-01-15T00:00:00", "type": "osv", "title": "wireshark - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11407", "CVE-2018-9268", "CVE-2018-7336", "CVE-2018-9259", "CVE-2018-19626", "CVE-2018-11357", "CVE-2018-11359", "CVE-2018-7332", "CVE-2018-7323", "CVE-2017-7747", "CVE-2018-19625", "CVE-2018-19622", "CVE-2018-9258", "CVE-2018-7417", "CVE-2017-17935", "CVE-2018-9269", "CVE-2018-7418", "CVE-2018-9270", "CVE-2017-15191", "CVE-2017-7746", "CVE-2018-7420", "CVE-2018-16057", "CVE-2017-13765", "CVE-2018-9256", "CVE-2018-9260", "CVE-2018-9263", "CVE-2017-9766", "CVE-2018-7331", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-16058", "CVE-2017-11409", "CVE-2017-7703", "CVE-2018-11356", "CVE-2017-7700", "CVE-2018-9262", "CVE-2017-11406", "CVE-2018-7322", "CVE-2018-7325", "CVE-2018-7324", "CVE-2017-17997"], "modified": "2022-08-05T05:18:21", "id": "OSV:DLA-1634-1", "href": "https://osv.dev/vulnerability/DLA-1634-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "openvas": [{"lastseen": "2019-07-04T18:56:07", "description": "Multiple vulnerabilities have been discovered in Wireshark, a network\nprotocol analyzer, which could result in denial of service or the\nexecution of arbitrary code.", "cvss3": {}, "published": "2018-12-27T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4359-1 (wireshark - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19627", "CVE-2018-12086", "CVE-2018-19626", "CVE-2018-18227", "CVE-2018-19625", "CVE-2018-19622", "CVE-2018-19628", "CVE-2018-18225", "CVE-2018-18226", "CVE-2018-19623", "CVE-2018-19624"], "modified": "2019-07-04T00:00:00", "id": "OPENVAS:1361412562310704359", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704359", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4359-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704359\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-12086\", \"CVE-2018-18225\", \"CVE-2018-18226\", \"CVE-2018-18227\", \"CVE-2018-19622\",\n \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\",\n \"CVE-2018-19628\");\n script_name(\"Debian Security Advisory DSA 4359-1 (wireshark - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-12-27 00:00:00 +0100 (Thu, 27 Dec 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4359.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"wireshark on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 2.6.5-1~deb9u1.\n\nWe recommend that you upgrade your wireshark packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/wireshark\");\n script_tag(name:\"summary\", value:\"Multiple vulnerabilities have been discovered in Wireshark, a network\nprotocol analyzer, which could result in denial of service or the\nexecution of arbitrary code.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark-data\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark-dev\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark11\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwiretap-dev\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwiretap8\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwscodecs2\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwsutil-dev\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwsutil9\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"tshark\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-doc\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-gtk\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-qt\", ver:\"2.6.5-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-07-17T14:04:06", "description": "This host is installed with Wireshark\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-11-29T00:00:00", "type": "openvas", "title": "Wireshark Multiple Vulnerabilities-Nov18 (MACOSX)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19627", "CVE-2018-19626", "CVE-2018-19625", "CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310814515", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814515", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Wireshark Multiple Vulnerabilities-Nov18 (MACOSX)\n#\n# Authors:\n# Antu Sanadi <santusecpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814515\");\n script_version(\"2019-07-05T09:12:25+0000\");\n script_cve_id(\"CVE-2018-19627\", \"CVE-2018-19626\", \"CVE-2018-19625\", \"CVE-2018-19624\",\n \"CVE-2018-19623\", \"CVE-2018-19622\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 09:12:25 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-11-29 11:28:24 +0530 (Thu, 29 Nov 2018)\");\n script_name(\"Wireshark Multiple Vulnerabilities-Nov18 (MACOSX)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - The IxVeriWave file parser could crash,\n\n - The DCOM dissector could crash,\n\n - The Wireshark dissection engine could crash,\n\n - The PVFS dissector could crash,\n\n - The LBMPDM dissector could crash and\n\n - The MMSE dissector could go into an infinite loop.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attackers to cause denial of service conditions.\");\n\n script_tag(name:\"affected\", value:\"Wireshark versions 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10 on MACOSX.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 2.6.5, 2.4.11 or later. Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-55\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-52\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-51\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-56\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-53\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-54\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_mandatory_keys(\"Wireshark/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nwirversion = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:wirversion, test_version:\"2.6.0\", test_version2:\"2.6.4\")){\n fix = \"2.6.5\";\n}\n\nelse if(version_in_range(version:wirversion, test_version:\"2.4.0\", test_version2:\"2.4.10\")){\n fix = \"2.4.11\";\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:wirversion, fixed_version:fix, install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-07-17T14:04:06", "description": "This host is installed with Wireshark\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-11-29T00:00:00", "type": "openvas", "title": "Wireshark Multiple Vulnerabilities-Nov18 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19627", "CVE-2018-19626", "CVE-2018-19625", "CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310814514", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814514", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Wireshark Multiple Vulnerabilities-Nov18 (Windows)\n#\n# Authors:\n# Antu Sanadi <santusecpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814514\");\n script_version(\"2019-07-05T09:12:25+0000\");\n script_cve_id(\"CVE-2018-19627\", \"CVE-2018-19626\", \"CVE-2018-19625\", \"CVE-2018-19624\",\n \"CVE-2018-19623\", \"CVE-2018-19622\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 09:12:25 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-11-29 11:28:23 +0530 (Thu, 29 Nov 2018)\");\n script_name(\"Wireshark Multiple Vulnerabilities-Nov18 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - The IxVeriWave file parser could crash,\n\n - The DCOM dissector could crash,\n\n - The Wireshark dissection engine could crash,\n\n - The PVFS dissector could crash,\n\n - The LBMPDM dissector could crash and\n\n - The MMSE dissector could go into an infinite loop.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attackers to cause denial of service conditions.\");\n\n script_tag(name:\"affected\", value:\"Wireshark versions 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 2.6.5, 2.4.11 or later. Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-55\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-52\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-51\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-56\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-53\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-54\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nwirversion = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:wirversion, test_version:\"2.6.0\", test_version2:\"2.6.4\")){\n fix = \"2.6.5\";\n}\n\nelse if(version_in_range(version:wirversion, test_version:\"2.4.0\", test_version2:\"2.4.10\")){\n fix = \"2.4.11\";\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:wirversion, fixed_version:fix, install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T16:48:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-01-01T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for wireshark (openSUSE-SU-2018:4307-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19627", "CVE-2018-19626", "CVE-2018-19625", "CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852219", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852219", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852219\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-01-01 04:00:58 +0100 (Tue, 01 Jan 2019)\");\n script_name(\"openSUSE: Security Advisory for wireshark (openSUSE-SU-2018:4307-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:4307-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-12/msg00077.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the openSUSE-SU-2018:4307-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for wireshark fixes the following issues:\n\n Update to Wireshark 2.4.11 (bsc#1117740).\n\n Security issues fixed:\n\n - CVE-2018-19625: The Wireshark dissection engine could crash\n (wnpa-sec-2018-51)\n\n - CVE-2018-19626: The DCOM dissector could crash (wnpa-sec-2018-52)\n\n - CVE-2018-19623: The LBMPDM dissector could crash (wnpa-sec-2018-53)\n\n - CVE-2018-19622: The MMSE dissector could go into an infinite loop\n (wnpa-sec-2018-54)\n\n - CVE-2018-19627: The IxVeriWave file parser could crash (wnpa-sec-2018-55)\n\n - CVE-2018-19624: The PVFS dissector could crash (wnpa-sec-2018-56)\n\n Further bug fixes and updated protocol support as listed in:\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2018-1620=1\");\n\n script_tag(name:\"affected\", value:\"wireshark on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"libwireshark9\", rpm:\"libwireshark9~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwireshark9-debuginfo\", rpm:\"libwireshark9-debuginfo~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwiretap7\", rpm:\"libwiretap7~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwiretap7-debuginfo\", rpm:\"libwiretap7-debuginfo~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwscodecs1\", rpm:\"libwscodecs1~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwscodecs1-debuginfo\", rpm:\"libwscodecs1-debuginfo~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwsutil8\", rpm:\"libwsutil8~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwsutil8-debuginfo\", rpm:\"libwsutil8-debuginfo~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-debugsource\", rpm:\"wireshark-debugsource~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-devel\", rpm:\"wireshark-devel~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-ui-qt\", rpm:\"wireshark-ui-qt~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-ui-qt-debuginfo\", rpm:\"wireshark-ui-qt-debuginfo~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:19", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2018-cb410a3812", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19627", "CVE-2018-19626", "CVE-2018-19625", "CVE-2018-19622", "CVE-2018-19628", "CVE-2018-16056", "CVE-2018-16057", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-16058"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875672", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875672", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875672\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\", \"CVE-2018-19628\", \"CVE-2018-16056\", \"CVE-2018-16057\", \"CVE-2018-16058\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:15:18 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for wireshark FEDORA-2018-cb410a3812\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2018-cb410a3812\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3NMZYPRNUMMUL7FJJD2MY3J6NL4YZNB\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the FEDORA-2018-cb410a3812 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Wireshark allows you to examine protocol data stored in files or as it is\ncaptured from wired or wireless (WiFi or Bluetooth) networks, USB devices,\nand many other sources. It supports dozens of protocol capture file formats\nand understands more than a thousand protocols.\n\nIt has many powerful features including a rich display filter language\nand the ability to reassemble multiple protocol packets in order to, for\nexample, view a complete TCP stream, save the contents of a file which was\ntransferred over HTTP or CIFS, or play back an RTP audio stream.\");\n\n script_tag(name:\"affected\", value:\"'wireshark' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~2.6.5~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2019-866b01407a", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19627", "CVE-2019-5719", "CVE-2018-19626", "CVE-2019-5718", "CVE-2018-19625", "CVE-2018-19622", "CVE-2018-19628", "CVE-2019-5717", "CVE-2018-16056", "CVE-2018-16057", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-16058", "CVE-2019-5716"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875889", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875889", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875889\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2019-5716\", \"CVE-2019-5717\", \"CVE-2019-5718\", \"CVE-2019-5719\", \"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\", \"CVE-2018-19628\", \"CVE-2018-16056\", \"CVE-2018-16057\", \"CVE-2018-16058\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:25:45 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for wireshark FEDORA-2019-866b01407a\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-866b01407a\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4XUCWNJ4WXFZ5ZH5QGE5YGN5FMDC4XTH\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the FEDORA-2019-866b01407a advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Wireshark allows you to examine protocol data stored in files or as it is\ncaptured from wired or wireless (WiFi or Bluetooth) networks, USB devices,\nand many other sources. It supports dozens of protocol capture file formats\nand understands more than a thousand protocols.\n\nIt has many powerful features including a rich display filter language\nand the ability to reassemble multiple protocol packets in order to, for\nexample, view a complete TCP stream, save the contents of a file which was\ntransferred over HTTP or CIFS, or play back an RTP audio stream.\");\n\n script_tag(name:\"affected\", value:\"'wireshark' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~2.6.6~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-11T16:41:25", "description": "This host is installed with Wireshark\n and is prone to multiple denial of service vulnerabilities.", "cvss3": {}, "published": "2018-10-15T00:00:00", "type": "openvas", "title": "Wireshark Steam IHS Discovery/CoAP Dissector DoS Vulnerabilities (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18225", "CVE-2018-18226"], "modified": "2020-06-09T00:00:00", "id": "OPENVAS:1361412562310814134", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814134", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814134\");\n script_version(\"2020-06-09T14:44:58+0000\");\n script_cve_id(\"CVE-2018-18225\", \"CVE-2018-18226\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 14:44:58 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-15 12:30:47 +0530 (Mon, 15 Oct 2018)\");\n script_name(\"Wireshark Steam IHS Discovery/CoAP Dissector DoS Vulnerabilities (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to multiple denial of service vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaws are due to insufficient validation\n of user-supplied input processed by Steam In-Home Streaming (IHS) Discovery\n and Constrained Application Protocol (CoAP) dissector components.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers\n to cause a denial of service (DoS) condition on a targeted system.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 2.6.0 to 2.6.3 on MACOSX.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark 2.6.4 or later. Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-48.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-49.html\");\n script_xref(name:\"URL\", value:\"https://tools.cisco.com/security/center/viewAlert.x?alertId=59009\");\n script_xref(name:\"URL\", value:\"https://tools.cisco.com/security/center/viewAlert.x?alertId=59008\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_mandatory_keys(\"Wireshark/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nwirversion = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:wirversion, test_version:\"2.6.0\", test_version2:\"2.6.3\"))\n{\n report = report_fixed_ver(installed_version:wirversion, fixed_version:\"2.6.4\", install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-06-11T16:41:25", "description": "This host is installed with Wireshark\n and is prone to multiple denial of service vulnerabilities.", "cvss3": {}, "published": "2018-10-15T00:00:00", "type": "openvas", "title": "Wireshark Steam IHS Discovery/CoAP Dissector DoS Vulnerabilities (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18225", "CVE-2018-18226"], "modified": "2020-06-09T00:00:00", "id": "OPENVAS:1361412562310814133", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814133", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814133\");\n script_version(\"2020-06-09T14:44:58+0000\");\n script_cve_id(\"CVE-2018-18225\", \"CVE-2018-18226\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 14:44:58 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-15 12:24:51 +0530 (Mon, 15 Oct 2018)\");\n script_name(\"Wireshark Steam IHS Discovery/CoAP Dissector DoS Vulnerabilities (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to multiple denial of service vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaws are due to insufficient validation\n of user-supplied input processed by Steam In-Home Streaming (IHS) Discovery\n and Constrained Application Protocol (CoAP) dissector components.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers\n to cause a denial of service (DoS) condition on a targeted system.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 2.6.0 to 2.6.3 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark 2.6.4 or later. Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-48.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-49.html\");\n script_xref(name:\"URL\", value:\"https://tools.cisco.com/security/center/viewAlert.x?alertId=59009\");\n script_xref(name:\"URL\", value:\"https://tools.cisco.com/security/center/viewAlert.x?alertId=59008\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nwirversion = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:wirversion, test_version:\"2.6.0\", test_version2:\"2.6.3\"))\n{\n report = report_fixed_ver(installed_version:wirversion, fixed_version:\"2.6.4\", install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T17:34:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-10-26T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for wireshark (openSUSE-SU-2018:3368-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12086", "CVE-2018-18227"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851997", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851997", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851997\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-12086\", \"CVE-2018-18227\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-26 06:33:08 +0200 (Fri, 26 Oct 2018)\");\n script_name(\"openSUSE: Security Advisory for wireshark (openSUSE-SU-2018:3368-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:3368-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-10/msg00053.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the openSUSE-SU-2018:3368-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for wireshark fixes the following issues:\n\n Wireshark was updated to 2.4.10 (bsc#1111647).\n\n The following security issues were fixed:\n\n - CVE-2018-18227: MS-WSP dissector crash (wnpa-sec-2018-47)\n\n - CVE-2018-12086: OpcUA dissector crash (wnpa-sec-2018-50)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2018-1238=1\");\n\n script_tag(name:\"affected\", value:\"wireshark on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"libwireshark9\", rpm:\"libwireshark9~2.4.10~lp150.2.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwireshark9-debuginfo\", rpm:\"libwireshark9-debuginfo~2.4.10~lp150.2.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwiretap7\", rpm:\"libwiretap7~2.4.10~lp150.2.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwiretap7-debuginfo\", rpm:\"libwiretap7-debuginfo~2.4.10~lp150.2.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwscodecs1\", rpm:\"libwscodecs1~2.4.10~lp150.2.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwscodecs1-debuginfo\", rpm:\"libwscodecs1-debuginfo~2.4.10~lp150.2.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwsutil8\", rpm:\"libwsutil8~2.4.10~lp150.2.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwsutil8-debuginfo\", rpm:\"libwsutil8-debuginfo~2.4.10~lp150.2.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~2.4.10~lp150.2.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~2.4.10~lp150.2.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-debugsource\", rpm:\"wireshark-debugsource~2.4.10~lp150.2.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-devel\", rpm:\"wireshark-devel~2.4.10~lp150.2.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-ui-qt\", rpm:\"wireshark-ui-qt~2.4.10~lp150.2.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-ui-qt-debuginfo\", rpm:\"wireshark-ui-qt-debuginfo~2.4.10~lp150.2.13.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:33:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-19T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2018-1b6cb1df72", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19627", "CVE-2018-14339", "CVE-2018-19626", "CVE-2018-14343", "CVE-2018-14367", "CVE-2018-19625", "CVE-2018-19622", "CVE-2018-19628", "CVE-2018-14341", "CVE-2018-14344", "CVE-2018-16056", "CVE-2018-16057", "CVE-2018-14369", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-14370", "CVE-2018-16058", "CVE-2018-14342", "CVE-2018-14368", "CVE-2018-14340"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875367", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875367", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id$\n#\n# Fedora Update for wireshark FEDORA-2018-1b6cb1df72\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875367\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\",\n \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\", \"CVE-2018-19628\",\n \"CVE-2018-16056\", \"CVE-2018-16057\", \"CVE-2018-16058\", \"CVE-2018-14339\",\n \"CVE-2018-14340\", \"CVE-2018-14341\", \"CVE-2018-14342\", \"CVE-2018-14343\",\n \"CVE-2018-14344\", \"CVE-2018-14367\", \"CVE-2018-14368\", \"CVE-2018-14369\",\n \"CVE-2018-14370\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-19 10:29:12 +0100 (Wed, 19 Dec 2018)\");\n script_name(\"Fedora Update for wireshark FEDORA-2018-1b6cb1df72\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2018-1b6cb1df72\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YYWXKA5SI2MYIJ5SWKKJRNUYFIZLOXEF\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the FEDORA-2018-1b6cb1df72 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"wireshark on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~2.6.5~1.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:32:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2019-77b2d840ef", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19627", "CVE-2019-5719", "CVE-2018-19626", "CVE-2019-10896", "CVE-2019-5718", "CVE-2019-10899", "CVE-2018-19625", "CVE-2018-19622", "CVE-2018-19628", "CVE-2019-10894", "CVE-2019-5717", "CVE-2019-10902", "CVE-2019-10895", "CVE-2018-16056", "CVE-2019-10901", "CVE-2018-16057", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-16058", "CVE-2019-10897", "CVE-2019-5716", "CVE-2019-10898", "CVE-2019-10903", "CVE-2019-10900"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875646", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875646", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875646\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2019-10894\", \"CVE-2019-10895\", \"CVE-2019-10896\", \"CVE-2019-10897\", \"CVE-2019-10898\", \"CVE-2019-10899\", \"CVE-2019-10900\", \"CVE-2019-10901\", \"CVE-2019-10902\", \"CVE-2019-10903\", \"CVE-2019-5716\", \"CVE-2019-5717\", \"CVE-2019-5718\", \"CVE-2019-5719\", \"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\", \"CVE-2018-19628\", \"CVE-2018-16056\", \"CVE-2018-16057\", \"CVE-2018-16058\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:14:04 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for wireshark FEDORA-2019-77b2d840ef\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-77b2d840ef\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4LYIOOQIMFQ3PA7AFBK4DNXHISTEYUC5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the FEDORA-2019-77b2d840ef advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Wireshark allows you to examine protocol data stored in files or as it is\ncaptured from wired or wireless (WiFi or Bluetooth) networks, USB devices,\nand many other sources. It supports dozens of protocol capture file formats\nand understands more than a thousand protocols.\n\nIt has many powerful features including a rich display filter language\nand the ability to reassemble multiple protocol packets in order to, for\nexample, view a complete TCP stream, save the contents of a file which was\ntransferred over HTTP or CIFS, or play back an RTP audio stream.\");\n\n script_tag(name:\"affected\", value:\"'wireshark' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~3.0.1~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-01-31T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2019-fbd2bad9f9", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19627", "CVE-2018-14339", "CVE-2019-5719", "CVE-2018-19626", "CVE-2019-5718", "CVE-2018-14343", "CVE-2018-14367", "CVE-2018-19625", "CVE-2018-19622", "CVE-2018-19628", "CVE-2018-14341", "CVE-2019-5717", "CVE-2018-14344", "CVE-2018-16056", "CVE-2018-16057", "CVE-2018-14369", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-14370", "CVE-2018-16058", "CVE-2018-14342", "CVE-2019-5716", "CVE-2018-14368", "CVE-2018-14340"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875436", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875436", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2019_fbd2bad9f9_wireshark_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for wireshark FEDORA-2019-fbd2bad9f9\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875436\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2019-5716\", \"CVE-2019-5717\", \"CVE-2019-5718\", \"CVE-2019-5719\", \"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\", \"CVE-2018-19628\", \"CVE-2018-16056\", \"CVE-2018-16057\", \"CVE-2018-16058\", \"CVE-2018-14339\", \"CVE-2018-14340\", \"CVE-2018-14341\", \"CVE-2018-14342\", \"CVE-2018-14343\", \"CVE-2018-14344\", \"CVE-2018-14367\", \"CVE-2018-14368\", \"CVE-2018-14369\", \"CVE-2018-14370\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2019-01-31 04:06:56 +0100 (Thu, 31 Jan 2019)\");\n script_name(\"Fedora Update for wireshark FEDORA-2019-fbd2bad9f9\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-fbd2bad9f9\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q575PWQ6ACDNUHBG6QOIDNTJ5AF2JAU5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the FEDORA-2019-fbd2bad9f9 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"wireshark on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~2.6.6~1.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-09-06T18:51:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-08-31T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2019-23f7634765", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19627", "CVE-2019-5719", "CVE-2018-19626", "CVE-2019-10896", "CVE-2019-5718", "CVE-2019-10899", "CVE-2018-19625", "CVE-2018-19622", "CVE-2018-19628", "CVE-2019-10894", "CVE-2019-5717", "CVE-2019-10902", "CVE-2019-10895", "CVE-2018-16056", "CVE-2019-10901", "CVE-2018-16057", "CVE-2019-13619", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-16058", "CVE-2019-10897", "CVE-2019-5716", "CVE-2019-10898", "CVE-2019-10903", "CVE-2019-10900"], "modified": "2019-09-05T00:00:00", "id": "OPENVAS:1361412562310876728", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876728", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876728\");\n script_version(\"2019-09-05T09:53:24+0000\");\n script_cve_id(\"CVE-2019-13619\", \"CVE-2019-10894\", \"CVE-2019-10895\", \"CVE-2019-10896\", \"CVE-2019-10897\", \"CVE-2019-10898\", \"CVE-2019-10899\", \"CVE-2019-10900\", \"CVE-2019-10901\", \"CVE-2019-10902\", \"CVE-2019-10903\", \"CVE-2019-5716\", \"CVE-2019-5717\", \"CVE-2019-5718\", \"CVE-2019-5719\", \"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\", \"CVE-2018-19628\", \"CVE-2018-16056\", \"CVE-2018-16057\", \"CVE-2018-16058\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-09-05 09:53:24 +0000 (Thu, 05 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-08-31 02:19:04 +0000 (Sat, 31 Aug 2019)\");\n script_name(\"Fedora Update for wireshark FEDORA-2019-23f7634765\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-23f7634765\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q4QVJALLGVVC7MBUT4B4SHQVDXGJKGI7\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the FEDORA-2019-23f7634765 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Wireshark allows you to examine protocol data stored in files or as it is\ncaptured from wired or wireless (WiFi or Bluetooth) networks, USB devices,\nand many other sources. It supports dozens of protocol capture file formats\nand understands more than a thousand protocols.\n\nIt has many powerful features including a rich display filter language\nand the ability to reassemble multiple protocol packets in order to, for\nexample, view a complete TCP stream, save the contents of a file which was\ntransferred over HTTP or CIFS, or play back an RTP audio stream.\");\n\n script_tag(name:\"affected\", value:\"'wireshark' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~3.0.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-07-17T14:04:06", "description": "This host is installed with Wireshark\n and is prone to denial of service vulnerability", "cvss3": {}, "published": "2018-11-29T00:00:00", "type": "openvas", "title": "Wireshark 'ZigBee ZCL' Dissector Denial of Service Vulnerability (wnpa-sec-2018-57)-MACOSX", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19628"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310814507", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814507", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Wireshark 'ZigBee ZCL' Dissector Denial of Service Vulnerability (wnpa-sec-2018-57)-MACOSX\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814507\");\n script_version(\"2019-07-05T09:12:25+0000\");\n script_cve_id(\"CVE-2018-19628\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 09:12:25 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-11-29 11:27:40 +0530 (Thu, 29 Nov 2018)\");\n script_name(\"Wireshark 'ZigBee ZCL' Dissector Denial of Service Vulnerability (wnpa-sec-2018-57)-MACOSX\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to denial of service vulnerability\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists due to error in 'ZigBee ZCL'\n dissector could crash.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers\n to crash by injecting a malformed packet onto the wire or by convincing someone\n to read a malformed packet trace file.\");\n\n script_tag(name:\"affected\", value:\"Wireshark versions 2.6.0 to 2.6.4 on MACOSX.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 2.6.5 or later. Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-57\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_mandatory_keys(\"Wireshark/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nwirversion = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:wirversion, test_version:\"2.6.0\", test_version2:\"2.6.4\"))\n{\n report = report_fixed_ver(installed_version:wirversion, fixed_version:\"2.6.5\", install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-07-17T14:04:06", "description": "This host is installed with Wireshark\n and is prone to denial of service vulnerability", "cvss3": {}, "published": "2018-11-29T00:00:00", "type": "openvas", "title": "Wireshark 'ZigBee ZCL' Dissector Denial of Service Vulnerability (wnpa-sec-2018-57)-Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19628"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310814506", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814506", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Wireshark 'ZigBee ZCL' Dissector Denial of Service Vulnerability (wnpa-sec-2018-57)-Windows\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814506\");\n script_version(\"2019-07-05T09:12:25+0000\");\n script_cve_id(\"CVE-2018-19628\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 09:12:25 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-11-29 11:27:40 +0530 (Thu, 29 Nov 2018)\");\n script_name(\"Wireshark 'ZigBee ZCL' Dissector Denial of Service Vulnerability (wnpa-sec-2018-57)-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to denial of service vulnerability\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists due to error in 'ZigBee ZCL'\n dissector could crash.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers\n to crash by injecting a malformed packet onto the wire or by convincing someone\n to read a malformed packet trace file.\");\n\n script_tag(name:\"affected\", value:\"Wireshark versions 2.6.0 to 2.6.4 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 2.6.5 or later. Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-57\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nwirversion = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:wirversion, test_version:\"2.6.0\", test_version2:\"2.6.4\"))\n{\n report = report_fixed_ver(installed_version:wirversion, fixed_version:\"2.6.5\", install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-07-17T14:04:06", "description": "This host is installed with Wireshark\n and is prone to denial of service vulnerability.", "cvss3": {}, "published": "2018-10-15T00:00:00", "type": "openvas", "title": "Wireshark MS-WSP Dissector Denial of Service Vulnerability(wnpa-sec-2018-47)-MACOSX", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18227"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310814132", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814132", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Wireshark MS-WSP Dissector Denial of Service Vulnerability(wnpa-sec-2018-47)-MACOSX\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814132\");\n script_version(\"2019-07-05T09:12:25+0000\");\n script_cve_id(\"CVE-2018-18227\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 09:12:25 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-10-15 12:15:57 +0530 (Mon, 15 Oct 2018)\");\n script_name(\"Wireshark MS-WSP Dissector Denial of Service Vulnerability(wnpa-sec-2018-47)-MACOSX\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to denial of service vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to an insufficient validation\n of user-supplied input processed by Microsoft Windows Search Protocol (MS-WSP)\n dissector component.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers\n to cause a denial of service (DoS) condition on a targeted system.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 2.6.0 to 2.6.3, 2.4.0 to 2.4.9 on MACOSX.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark 2.6.4, 2.4.10 or later. Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-47.html\");\n script_xref(name:\"URL\", value:\"https://tools.cisco.com/security/center/viewAlert.x?alertId=59010\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_mandatory_keys(\"Wireshark/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nwirversion = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:wirversion, test_version:\"2.6.0\", test_version2:\"2.6.3\")){\n fix = \"2.6.4\";\n}\n\nelse if(version_in_range(version:wirversion, test_version:\"2.4.0\", test_version2:\"2.4.9\")){\n fix = \"2.4.10\";\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:wirversion, fixed_version:fix, install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-07-17T14:04:06", "description": "This host is installed with Wireshark\n and is prone to denial of service vulnerability.", "cvss3": {}, "published": "2018-10-15T00:00:00", "type": "openvas", "title": "Wireshark MS-WSP Dissector Denial of Service Vulnerability(wnpa-sec-2018-47)-Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18227"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310814131", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814131", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Wireshark MS-WSP Dissector Denial of Service Vulnerability(wnpa-sec-2018-47)-Windows\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814131\");\n script_version(\"2019-07-05T09:12:25+0000\");\n script_cve_id(\"CVE-2018-18227\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 09:12:25 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-10-15 12:06:29 +0530 (Mon, 15 Oct 2018)\");\n script_name(\"Wireshark MS-WSP Dissector Denial of Service Vulnerability(wnpa-sec-2018-47)-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to denial of service vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to an insufficient validation\n of user-supplied input processed by Microsoft Windows Search Protocol (MS-WSP)\n dissector component.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers\n to cause a denial of service (DoS) condition on a targeted system.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 2.6.0 to 2.6.3, 2.4.0 to 2.4.9 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark 2.6.4, 2.4.10 or later. Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-47.html\");\n script_xref(name:\"URL\", value:\"https://tools.cisco.com/security/center/viewAlert.x?alertId=59010\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nwirversion = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:wirversion, test_version:\"2.6.0\", test_version2:\"2.6.3\")){\n fix = \"2.6.4\";\n}\n\nelse if(version_in_range(version:wirversion, test_version:\"2.4.0\", test_version2:\"2.4.9\")){\n fix = \"2.4.10\";\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:wirversion, fixed_version:fix, install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:33:06", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-04T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2018-89413a04e0", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12086", "CVE-2018-14339", "CVE-2018-18227", "CVE-2018-14343", "CVE-2018-14367", "CVE-2018-18225", "CVE-2018-18226", "CVE-2018-14341", "CVE-2018-14344", "CVE-2018-16056", "CVE-2018-16057", "CVE-2018-14369", "CVE-2018-14370", "CVE-2018-16058", "CVE-2018-14342", "CVE-2018-14368", "CVE-2018-14340"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875300", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875300", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_89413a04e0_wireshark_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for wireshark FEDORA-2018-89413a04e0\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875300\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2018-16056\", \"CVE-2018-16057\", \"CVE-2018-16058\", \"CVE-2018-18225\", \"CVE-2018-18226\", \"CVE-2018-18227\", \"CVE-2018-12086\", \"CVE-2018-14339\", \"CVE-2018-14340\", \"CVE-2018-14341\", \"CVE-2018-14342\", \"CVE-2018-14343\", \"CVE-2018-14344\", \"CVE-2018-14367\", \"CVE-2018-14368\", \"CVE-2018-14369\", \"CVE-2018-14370\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-04 08:20:58 +0100 (Tue, 04 Dec 2018)\");\n script_name(\"Fedora Update for wireshark FEDORA-2018-89413a04e0\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2018-89413a04e0\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXS5DAT7UAY3W2K7M3FOXRIFPLX5UFSB\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the FEDORA-2018-89413a04e0 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"wireshark on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~2.6.4~1.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-23T14:37:53", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-03-20T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for wireshark (openSUSE-SU-2020:0362-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19627", "CVE-2018-11354", "CVE-2019-16319", "CVE-2018-12086", "CVE-2019-9208", "CVE-2018-14339", "CVE-2019-5719", "CVE-2018-19626", "CVE-2018-18227", "CVE-2018-11357", "CVE-2019-10896", "CVE-2019-5718", "CVE-2019-10899", "CVE-2018-14343", "CVE-2018-14367", "CVE-2018-11359", "CVE-2018-11361", "CVE-2020-9431", "CVE-2018-11358", "CVE-2018-19625", "CVE-2018-19622", "CVE-2018-19628", "CVE-2018-18225", "CVE-2018-11362", "CVE-2018-18226", "CVE-2019-19553", "CVE-2020-9428", "CVE-2019-10894", "CVE-2018-14341", "CVE-2019-5717", "CVE-2019-10902", "CVE-2020-9429", "CVE-2018-14344", "CVE-2019-10895", "CVE-2019-9214", "CVE-2018-11360", "CVE-2018-16056", "CVE-2019-10901", "CVE-2018-16057", "CVE-2019-13619", "CVE-2018-14369", "CVE-2018-19623", "CVE-2020-7044", "CVE-2018-19624", "CVE-2018-14370", "CVE-2018-16058", "CVE-2019-10897", "CVE-2018-14342", "CVE-2019-5716", "CVE-2018-14368", "CVE-2018-11356", "CVE-2020-9430", "CVE-2019-10898", "CVE-2019-5721", "CVE-2018-14340", "CVE-2019-10903", "CVE-2019-10900", "CVE-2018-11355", "CVE-2019-9209"], "modified": "2020-03-20T00:00:00", "id": "OPENVAS:1361412562310853075", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310853075", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.853075\");\n script_version(\"2020-03-20T06:19:59+0000\");\n script_cve_id(\"CVE-2018-11354\", \"CVE-2018-11355\", \"CVE-2018-11356\", \"CVE-2018-11357\", \"CVE-2018-11358\", \"CVE-2018-11359\", \"CVE-2018-11360\", \"CVE-2018-11361\", \"CVE-2018-11362\", \"CVE-2018-12086\", \"CVE-2018-14339\", \"CVE-2018-14340\", \"CVE-2018-14341\", \"CVE-2018-14342\", \"CVE-2018-14343\", \"CVE-2018-14344\", \"CVE-2018-14367\", \"CVE-2018-14368\", \"CVE-2018-14369\", \"CVE-2018-14370\", \"CVE-2018-16056\", \"CVE-2018-16057\", \"CVE-2018-16058\", \"CVE-2018-18225\", \"CVE-2018-18226\", \"CVE-2018-18227\", \"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\", \"CVE-2018-19628\", \"CVE-2019-10894\", \"CVE-2019-10895\", \"CVE-2019-10896\", \"CVE-2019-10897\", \"CVE-2019-10898\", \"CVE-2019-10899\", \"CVE-2019-10900\", \"CVE-2019-10901\", \"CVE-2019-10902\", \"CVE-2019-10903\", \"CVE-2019-13619\", \"CVE-2019-16319\", \"CVE-2019-19553\", \"CVE-2019-5716\", \"CVE-2019-5717\", \"CVE-2019-5718\", \"CVE-2019-5719\", \"CVE-2019-5721\", \"CVE-2019-9208\", \"CVE-2019-9209\", \"CVE-2019-9214\", \"CVE-2020-7044\", \"CVE-2020-9428\", \"CVE-2020-9429\", \"CVE-2020-9430\", \"CVE-2020-9431\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-03-20 06:19:59 +0000 (Fri, 20 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-20 04:00:44 +0000 (Fri, 20 Mar 2020)\");\n script_name(\"openSUSE: Security Advisory for wireshark (openSUSE-SU-2020:0362-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2020:0362-1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the openSUSE-SU-2020:0362-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for wireshark and libmaxminddb fixes the following issues:\n\n Update wireshark to new major version 3.2.2 and introduce libmaxminddb for\n GeoIP support (bsc#1156288).\n\n New features include:\n\n - Added support for 111 new protocols, including WireGuard, LoRaWAN, TPM\n 2.0, 802.11ax and QUIC\n\n - Improved support for existing protocols, like HTTP/2\n\n - Improved analytics and usability functionalities\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-362=1\");\n\n script_tag(name:\"affected\", value:\"'wireshark' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libmaxminddb-debugsource\", rpm:\"libmaxminddb-debugsource~1.4.2~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libmaxminddb-devel\", rpm:\"libmaxminddb-devel~1.4.2~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libmaxminddb0\", rpm:\"libmaxminddb0~1.4.2~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libmaxminddb0-debuginfo\", rpm:\"libmaxminddb0-debuginfo~1.4.2~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libspandsp2\", rpm:\"libspandsp2~0.0.6~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libspandsp2-debuginfo\", rpm:\"libspandsp2-debuginfo~0.0.6~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwireshark13\", rpm:\"libwireshark13~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwireshark13-debuginfo\", rpm:\"libwireshark13-debuginfo~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwiretap10\", rpm:\"libwiretap10~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwiretap10-debuginfo\", rpm:\"libwiretap10-debuginfo~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwsutil11\", rpm:\"libwsutil11~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwsutil11-debuginfo\", rpm:\"libwsutil11-debuginfo~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mmdblookup\", rpm:\"mmdblookup~1.4.2~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mmdblookup-debuginfo\", rpm:\"mmdblookup-debuginfo~1.4.2~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"spandsp-debugsource\", rpm:\"spandsp-debugsource~0.0.6~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"spandsp-devel\", rpm:\"spandsp-devel~0.0.6~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-debugsource\", rpm:\"wireshark-debugsource~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-devel\", rpm:\"wireshark-devel~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-ui-qt\", rpm:\"wireshark-ui-qt~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-ui-qt-debuginfo\", rpm:\"wireshark-ui-qt-debuginfo~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"spandsp-doc\", rpm:\"spandsp-doc~0.0.6~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libmaxminddb0-32bit\", rpm:\"libmaxminddb0-32bit~1.4.2~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libmaxminddb0-32bit-debuginfo\", rpm:\"libmaxminddb0-32bit-debuginfo~1.4.2~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libspandsp2-32bit\", rpm:\"libspandsp2-32bit~0.0.6~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libspandsp2-32bit-debuginfo\", rpm:\"libspandsp2-32bit-debuginfo~0.0.6~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-29T19:29:04", "description": "Several issues in wireshark, a tool that captures and analyzes packets\noff the wire, have been found by different people.\nThese are basically issues with length checks or invalid memory access in\ndifferent dissectors. This could result in infinite loops or crashes by\nmalicious packets.", "cvss3": {}, "published": "2019-01-16T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for wireshark (DLA-1634-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-11407", "CVE-2018-9268", "CVE-2018-7336", "CVE-2018-9259", "CVE-2018-19626", "CVE-2018-9265", "CVE-2018-11357", "CVE-2018-11359", "CVE-2018-7323", "CVE-2017-7747", "CVE-2018-19625", "CVE-2018-19622", "CVE-2018-7417", "CVE-2017-17935", "CVE-2018-9269", "CVE-2018-7418", "CVE-2018-9270", "CVE-2017-15191", "CVE-2017-7746", "CVE-2018-7420", "CVE-2018-16057", "CVE-2017-13765", "CVE-2018-9256", "CVE-2018-9260", "CVE-2018-9263", "CVE-2017-9766", "CVE-2018-7331", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-16058", "CVE-2017-11409", "CVE-2017-7703", "CVE-2018-11356", "CVE-2017-7700", "CVE-2018-9267", "CVE-2018-9262", "CVE-2017-11406", "CVE-2018-7322", "CVE-2018-7325", "CVE-2018-7324", "CVE-2017-17997"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891634", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891634", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891634\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2017-11406\", \"CVE-2017-11407\", \"CVE-2017-11409\", \"CVE-2017-13765\", \"CVE-2017-15191\",\n \"CVE-2017-17935\", \"CVE-2017-17997\", \"CVE-2017-7700\", \"CVE-2017-7703\", \"CVE-2017-7746\",\n \"CVE-2017-7747\", \"CVE-2017-9766\", \"CVE-2018-11356\", \"CVE-2018-11357\", \"CVE-2018-11359\",\n \"CVE-2018-16057\", \"CVE-2018-16058\", \"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\",\n \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-7322\", \"CVE-2018-7323\", \"CVE-2018-7324\",\n \"CVE-2018-7325\", \"CVE-2018-7331\", \"CVE-2018-7336\", \"CVE-2018-7417\", \"CVE-2018-7418\",\n \"CVE-2018-7420\", \"CVE-2018-9256\", \"CVE-2018-9259\", \"CVE-2018-9260\", \"CVE-2018-9262\",\n \"CVE-2018-9263\", \"CVE-2018-9265\", \"CVE-2018-9267\", \"CVE-2018-9268\", \"CVE-2018-9269\",\n \"CVE-2018-9270\");\n script_name(\"Debian LTS: Security Advisory for wireshark (DLA-1634-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-01-16 00:00:00 +0100 (Wed, 16 Jan 2019)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"wireshark on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n1.12.1+g01b65bf-4+deb8u16.\n\nWe recommend that you upgrade your wireshark packages.\");\n\n script_tag(name:\"summary\", value:\"Several issues in wireshark, a tool that captures and analyzes packets\noff the wire, have been found by different people.\nThese are basically issues with length checks or invalid memory access in\ndifferent dissectors. This could result in infinite loops or crashes by\nmalicious packets.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark-data\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark-dev\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark5\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwiretap-dev\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwiretap4\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwsutil-dev\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwsutil4\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"tshark\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-dbg\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-doc\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-qt\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-27T18:34:20", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for wireshark (EulerOS-SA-2019-2425)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9347", "CVE-2015-8713", "CVE-2015-8717", "CVE-2016-5350", "CVE-2015-8714", "CVE-2016-2531", "CVE-2016-6505", "CVE-2016-2530", "CVE-2016-6510", "CVE-2016-4081", "CVE-2016-7177", "CVE-2015-8719", "CVE-2017-9349", "CVE-2016-7179", "CVE-2016-4077", "CVE-2015-8731", "CVE-2018-19622", "CVE-2018-14341", "CVE-2015-8723", "CVE-2018-7418", "CVE-2016-4085", "CVE-2018-5336", "CVE-2016-6508", "CVE-2016-5353", "CVE-2016-5359", "CVE-2018-16057", "CVE-2017-13765", "CVE-2015-8729", "CVE-2015-8721", "CVE-2016-9375", "CVE-2016-6507", "CVE-2017-9345", "CVE-2016-2532", "CVE-2017-7703", "CVE-2016-7958", "CVE-2015-8712", "CVE-2016-4006", "CVE-2016-2523", "CVE-2018-14340", "CVE-2015-8716", "CVE-2017-9352", "CVE-2015-8718", "CVE-2017-17083"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192425", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192425", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2425\");\n script_version(\"2020-01-23T15:31:18+0000\");\n script_cve_id(\"CVE-2015-8712\", \"CVE-2015-8713\", \"CVE-2015-8714\", \"CVE-2015-8716\", \"CVE-2015-8717\", \"CVE-2015-8718\", \"CVE-2015-8719\", \"CVE-2015-8721\", \"CVE-2015-8723\", \"CVE-2015-8729\", \"CVE-2015-8731\", \"CVE-2016-2523\", \"CVE-2016-2530\", \"CVE-2016-2531\", \"CVE-2016-2532\", \"CVE-2016-4006\", \"CVE-2016-4077\", \"CVE-2016-4081\", \"CVE-2016-4085\", \"CVE-2016-5350\", \"CVE-2016-5353\", \"CVE-2016-5359\", \"CVE-2016-6505\", \"CVE-2016-6507\", \"CVE-2016-6508\", \"CVE-2016-6510\", \"CVE-2016-7177\", \"CVE-2016-7179\", \"CVE-2016-7958\", \"CVE-2016-9375\", \"CVE-2017-13765\", \"CVE-2017-17083\", \"CVE-2017-7703\", \"CVE-2017-9345\", \"CVE-2017-9347\", \"CVE-2017-9349\", \"CVE-2017-9352\", \"CVE-2018-14340\", \"CVE-2018-14341\", \"CVE-2018-16057\", \"CVE-2018-19622\", \"CVE-2018-5336\", \"CVE-2018-7418\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 15:31:18 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:54:39 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for wireshark (EulerOS-SA-2019-2425)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2425\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2425\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'wireshark' package(s) announced via the EulerOS-SA-2019-2425 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read.(CVE-2018-14340)\n\nIn Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow.(CVE-2018-14341)\n\nIn Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth.(CVE-2018-5336)\n\nIn Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value.(CVE-2018-7418)\n\nIn Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/asn1/ros/packet-ros-template.c by validating an OID.(CVE-2017-9347)\n\nIn Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. This was addressed in epan/dissectors/packet-dcm.c by validating a length value.(CVE-2017-9349)\n\nIn Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read.(CVE-2018-14340)\n\nIn Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow.(CVE-2018-14341)\n\nIn Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows.(CVE-2018-19622)\n\nThe dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.(CVE-2015-8714)\n\nIn Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM dissector has a buffer over-read and application crash. This was addressed in plugins/irda/packet-ircomm.c by adding length validation.(CVE-2017-13765)\n\nIn Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'wireshark' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.10.14~7.h12\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.10.14~7.h12\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "kaspersky": [{"lastseen": "2023-09-25T12:53:32", "description": "### *Detect date*:\n11/27/2018\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple serious vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions.\n\n### *Affected products*:\nWireshark 2.6.x earlier than 2.6.5 \nWireshark 2.4.x earlier than 2.4.11\n\n### *Solution*:\nUpdate to the latest version \n[Get Wireshark](<https://www.wireshark.org/#download>)\n\n### *Original advisories*:\n[wnpa-sec-2018-51](<https://www.wireshark.org/security/wnpa-sec-2018-51.html>) \n[wnpa-sec-2018-52](<https://www.wireshark.org/security/wnpa-sec-2018-52.html>) \n[wnpa-sec-2018-53](<https://www.wireshark.org/security/wnpa-sec-2018-53.html>) \n[wnpa-sec-2018-54](<https://www.wireshark.org/security/wnpa-sec-2018-54.html>) \n[wnpa-sec-2018-55](<https://www.wireshark.org/security/wnpa-sec-2018-55.html>) \n[wnpa-sec-2018-56](<https://www.wireshark.org/security/wnpa-sec-2018-56.html>) \n[wnpa-sec-2018-57](<https://www.wireshark.org/security/wnpa-sec-2018-57.html>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[Wireshark](<https://threats.kaspersky.com/en/product/Wireshark/>)\n\n### *CVE-IDS*:\n[CVE-2018-19625](<https://vulners.com/cve/CVE-2018-19625>)4.3Warning \n[CVE-2018-19626](<https://vulners.com/cve/CVE-2018-19626>)4.3Warning \n[CVE-2018-19623](<https://vulners.com/cve/CVE-2018-19623>)5.0Critical \n[CVE-2018-19622](<https://vulners.com/cve/CVE-2018-19622>)5.0Critical \n[CVE-2018-19627](<https://vulners.com/cve/CVE-2018-19627>)5.0Critical \n[CVE-2018-19624](<https://vulners.com/cve/CVE-2018-19624>)4.3Warning \n[CVE-2018-19628](<https://vulners.com/cve/CVE-2018-19628>)5.0Critical\n\n### *Exploitation*:\nPublic exploits exist for this vulnerability.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-27T00:00:00", "type": "kaspersky", "title": "KLA11377 Multiple vulnerabilities in Wireshark", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-19627", "CVE-2018-19628"], "modified": "2023-09-21T00:00:00", "id": "KLA11377", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11377/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-09-25T12:57:22", "description": "### *Detect date*:\n10/10/2018\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple serious vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities:\n\n### *Affected products*:\nWireshark 2.6.x earlier than 2.6.4 \nWireshark 2.4.x earlier than 2.4.10\n\n### *Solution*:\nUpdate to the latest version \n[Get Wireshark](<https://www.wireshark.org/#download>)\n\n### *Original advisories*:\n[wnpa-sec-2018-47](<https://www.wireshark.org/security/wnpa-sec-2018-47.html>) \n[wnpa-sec-2018-48](<https://www.wireshark.org/security/wnpa-sec-2018-48.html>) \n[wnpa-sec-2018-49](<https://www.wireshark.org/security/wnpa-sec-2018-49.html>) \n[wnpa-sec-2018-50](<https://www.wireshark.org/security/wnpa-sec-2018-50.html>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[Wireshark](<https://threats.kaspersky.com/en/product/Wireshark/>)\n\n### *CVE-IDS*:\n[CVE-2018-18227](<https://vulners.com/cve/CVE-2018-18227>)5.0Critical \n[CVE-2018-18226](<https://vulners.com/cve/CVE-2018-18226>)7.8Critical \n[CVE-2018-18225](<https://vulners.com/cve/CVE-2018-18225>)5.0Critical \n[CVE-2018-12086](<https://vulners.com/cve/CVE-2018-12086>)5.0Critical\n\n### *Exploitation*:\nPublic exploits exist for this vulnerability.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-10T00:00:00", "type": "kaspersky", "title": "KLA11337 Multiple DoS vulnerabilities in Wireshark", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12086", "CVE-2018-18225", "CVE-2018-18226", "CVE-2018-18227"], "modified": "2023-09-21T00:00:00", "id": "KLA11337", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11337/", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "altlinux": [{"lastseen": "2023-05-07T11:50:04", "description": "Dec. 3, 2018 Anton Farygin 2.6.5-alt1\n \n \n - 2.6.5\n - added devel package (closes: [#29869](<https://bugzilla.altlinux.org/29869>))\n - fixes:\n * The Wireshark dissection engine could crash. CVE-2018-19625\n * The DCOM dissector could crash. CVE-2018-19626\n * The LBMPDM dissector could crash. CVE-2018-19623\n * The MMSE dissector could go into an infinite loop. CVE-2018-19622\n * The IxVeriWave file parser could crash. CVE-2018-19627\n * The PVFS dissector could crash. CVE-2018-19624\n * The ZigBee ZCL dissector could crash. CVE-2018-19628\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-12-03T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 9 package wireshark version 2.6.5-alt1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-19627", "CVE-2018-19628"], "modified": "2018-12-03T00:00:00", "id": "01F31584613D4BB057BDC770C1513FF2", "href": "https://packages.altlinux.org/en/p9/srpms/wireshark/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-05-07T11:50:04", "description": "Oct. 13, 2018 Anton Farygin 2.6.4-alt1\n \n \n - 2.6.4 (fixes: CVE-2018-18227, CVE-2018-18225, CVE-2018-18225, CVE-2018-12086)\n - disabled build gtk+ UI\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-13T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 9 package wireshark version 2.6.4-alt1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12086", "CVE-2018-18225", "CVE-2018-18227"], "modified": "2018-10-13T00:00:00", "id": "797482F358D9F7C39B8CED8CDAB0AE0A", "href": "https://packages.altlinux.org/en/p9/srpms/wireshark/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "archlinux": [{"lastseen": "2023-06-23T14:57:34", "description": "Arch Linux Security Advisory ASA-201812-3\n=========================================\n\nSeverity: Critical\nDate : 2018-12-08\nCVE-ID : CVE-2018-19622 CVE-2018-19623 CVE-2018-19624 CVE-2018-19625\nCVE-2018-19626 CVE-2018-19627 CVE-2018-19628\nPackage : wireshark-cli\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-825\n\nSummary\n=======\n\nThe package wireshark-cli before version 2.6.5-1 is vulnerable to\nmultiple issues including arbitrary code execution, information\ndisclosure and denial of service.\n\nResolution\n==========\n\nUpgrade to 2.6.5-1.\n\n# pacman -Syu \"wireshark-cli>=2.6.5-1\"\n\nThe problems have been fixed upstream in version 2.6.5.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2018-19622 (denial of service)\n\nA security issue has been found in the MMSE dissector of Wireshark\nversions prior to 2.6.5, which could be made to consume excessive CPU\nresources by injecting a malformed packet onto the wire or by\nconvincing someone to read a malformed packet trace file\n\n- CVE-2018-19623 (arbitrary code execution)\n\nA heap-based out-of-bounds write has been found in the LBMPDM dissector\nof Wireshark versions prior to 2.6.5, which could be triggered by\ninjecting a malformed packet onto the wire or by convincing someone to\nread a malformed packet trace file\n\n- CVE-2018-19624 (denial of service)\n\nA NULL-pointer dereference has been found in the PVFS dissector of\nWireshark versions prior to 2.6.5, which could be triggered by\ninjecting a malformed packet onto the wire or by convincing someone to\nread a malformed packet trace file\n\n- CVE-2018-19625 (information disclosure)\n\nAn out-of-bounds read has been found in the dissection engine of\nWireshark versions prior to 2.6.5, which could be triggered by\ninjecting a malformed packet onto the wire or by convincing someone to\nread a malformed packet trace file\n\n- CVE-2018-19626 (information disclosure)\n\nAn out-of-bounds read has been found in the DCOM dissector of Wireshark\nversions prior to 2.6.5, which could be triggered by injecting a\nmalformed packet onto the wire or by convincing someone to read a\nmalformed packet trace file\n\n- CVE-2018-19627 (information disclosure)\n\nAn out-of-bounds read has been found in the IxVeriWave file parser of\nWireshark versions prior to 2.6.5, which could be triggered by\ninjecting a malformed packet onto the wire or by convincing someone to\nread a malformed packet trace file\n\n- CVE-2018-19628 (denial of service)\n\nA divide-by-zero error has been found in the ZigBee ZCL dissector of\nWireshark versions prior to 2.6.5, which could be triggered by\ninjecting a malformed packet onto the wire or by convincing someone to\nread a malformed packet trace file\n\nImpact\n======\n\nA remote attacker can execute arbitrary code, access sensitive\ninformation or crash wireshark via a crafted network packet or a\ncapture file.\n\nReferences\n==========\n\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.6.5.html\nhttps://www.wireshark.org/security/wnpa-sec-2018-54\nhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15250\nhttps://code.wireshark.org/review/#/c/30613/\nhttps://www.wireshark.org/security/wnpa-sec-2018-53\nhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15132\nhttps://code.wireshark.org/review/#/c/30346/\nhttps://www.wireshark.org/security/wnpa-sec-2018-56\nhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15280\nhttps://code.wireshark.org/review/#/c/30811/\nhttps://www.wireshark.org/security/wnpa-sec-2018-51\nhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14466\nhttps://code.wireshark.org/review/#/c/30152/\nhttps://www.wireshark.org/security/wnpa-sec-2018-52\nhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15130\nhttps://code.wireshark.org/review/#/c/30158/\nhttps://www.wireshark.org/security/wnpa-sec-2018-55\nhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15279\nhttps://code.wireshark.org/review/#/c/30813/\nhttps://www.wireshark.org/security/wnpa-sec-2018-57\nhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15281\nhttps://code.wireshark.org/review/#/c/30810/\nhttps://security.archlinux.org/CVE-2018-19622\nhttps://security.archlinux.org/CVE-2018-19623\nhttps://security.archlinux.org/CVE-2018-19624\nhttps://security.archlinux.org/CVE-2018-19625\nhttps://security.archlinux.org/CVE-2018-19626\nhttps://security.archlinux.org/CVE-2018-19627\nhttps://security.archlinux.org/CVE-2018-19628", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-12-08T00:00:00", "type": "archlinux", "title": "[ASA-201812-3] wireshark-cli: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-19627", "CVE-2018-19628"], "modified": "2018-12-08T00:00:00", "id": "ASA-201812-3", "href": "https://security.archlinux.org/ASA-201812-3", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T14:57:38", "description": "Arch Linux Security Advisory ASA-201810-9\n=========================================\n\nSeverity: High\nDate : 2018-10-12\nCVE-ID : CVE-2018-12086 CVE-2018-18225 CVE-2018-18226 CVE-2018-18227\nPackage : wireshark-cli\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-779\n\nSummary\n=======\n\nThe package wireshark-cli before version 2.6.4-1 is vulnerable to\nmultiple issues including arbitrary code execution and denial of\nservice.\n\nResolution\n==========\n\nUpgrade to 2.6.4-1.\n\n# pacman -Syu \"wireshark-cli>=2.6.4-1\"\n\nThe problems have been fixed upstream in version 2.6.4.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2018-12086 (arbitrary code execution)\n\nA flaw has been discovered in wireshark >= 2.6.0 and < 2.6.4 in the\nOpcUa dissector where a specially crafted structured request could lead\nto stack overflow. This could be used by an attacker to crash wireshark\nor execute arbitrary code on the affected host by injecting a malformed\npacket onto the wire or by convincing someone to read a malformed\npacket trace file.\n\n- CVE-2018-18225 (denial of service)\n\nA flaw has been discovered in wireshark >= 2.6.0 and < 2.6.4 in the\nCoAP dissector where an invalid frame could lead to NULL-pointer\ndereference. This could be used by an attacker to crash wireshark by\ninjecting a malformed packet onto the wire or by convincing someone to\nread a malformed packet trace file.\n\n- CVE-2018-18226 (denial of service)\n\nA flaw has been discovered in wireshark >= 2.6.0 and < 2.6.4 in the\nSteam IHS Discovery dissector where dynamically allocated memory was\nnot properly freed on exception. This could be used by an attacker to\ncrash wireshark by injecting a malformed packet onto the wire or by\nconvincing someone to read a malformed packet trace file.\n\n- CVE-2018-18227 (denial of service)\n\nA flaw has been discovered in wireshark >= 2.6.0 and < 2.6.4 in the\nMS-WSP dissector where an invalid type could lead to an assertion\nfailure. This could be used by an attacker to crash wireshark by\ninjecting a malformed packet onto the wire or by convincing someone to\nread a malformed packet trace file.\n\nImpact\n======\n\nAn attacker can crash wireshark or execute arbitrary code on the\naffected host by injecting a malformed packet onto the wire or by\nconvincing a local user to read a malformed packet trace file.\n\nReferences\n==========\n\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.6.4.html\nhttps://www.wireshark.org/security/wnpa-sec-2018-50\nhttps://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2018-12086.pdf\nhttps://code.wireshark.org/review/gitweb?p=wireshark.git;a=commitdiff;h=fc956747a139269a6fb4f67c639e12b3f4e9ccd9\nhttps://www.wireshark.org/security/wnpa-sec-2018-49\nhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15172\nhttps://code.wireshark.org/review/gitweb?p=wireshark.git;a=commitdiff;h=b2bbd9fdf209911d94b23cc33f4daccbceb7fa8a\nhttps://www.wireshark.org/security/wnpa-sec-2018-48\nhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15171\nhttps://code.wireshark.org/review/gitweb?p=wireshark.git;a=commitdiff;h=6e920ddc3cad2886ef07ca1a8e50e2a5c50986f7\nhttps://www.wireshark.org/security/wnpa-sec-2018-47\nhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15119\nhttps://code.wireshark.org/review/gitweb?p=wireshark.git;a=commitdiff;h=536fb9403a5f6bcc060aaa2a1f35d8d0225bb1fd\nhttps://security.archlinux.org/CVE-2018-12086\nhttps://security.archlinux.org/CVE-2018-18225\nhttps://security.archlinux.org/CVE-2018-18226\nhttps://security.archlinux.org/CVE-2018-18227", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-12T00:00:00", "type": "archlinux", "title": "[ASA-201810-9] wireshark-cli: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12086", "CVE-2018-18225", "CVE-2018-18226", "CVE-2018-18227"], "modified": "2018-10-12T00:00:00", "id": "ASA-201810-9", "href": "https://security.archlinux.org/ASA-201810-9", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "suse": [{"lastseen": "2018-12-30T14:02:09", "description": "This update for wireshark fixes the following issues:\n\n Update to Wireshark 2.4.11 (bsc#1117740).\n\n Security issues fixed:\n\n - CVE-2018-19625: The Wireshark dissection engine could crash\n (wnpa-sec-2018-51)\n - CVE-2018-19626: The DCOM dissector could crash (wnpa-sec-2018-52)\n - CVE-2018-19623: The LBMPDM dissector could crash (wnpa-sec-2018-53)\n - CVE-2018-19622: The MMSE dissector could go into an infinite loop\n (wnpa-sec-2018-54)\n - CVE-2018-19627: The IxVeriWave file parser could crash (wnpa-sec-2018-55)\n - CVE-2018-19624: The PVFS dissector could crash (wnpa-sec-2018-56)\n\n Further bug fixes and updated protocol support as listed in:\n\n - <a rel=\"nofollow\" href=\"https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\">https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html</a>\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "cvss3": {}, "published": "2018-12-29T15:17:25", "type": "suse", "title": "Security update for wireshark (moderate)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2018-19627", "CVE-2018-19626", "CVE-2018-19625", "CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624"], "modified": "2018-12-29T15:17:25", "id": "OPENSUSE-SU-2018:4307-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00077.html", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-10-24T04:31:05", "description": "This update for wireshark fixes the following issues:\n\n Wireshark was updated to 2.4.10 (bsc#1111647).\n\n Following security issues were fixed:\n\n - CVE-2018-18227: MS-WSP dissector crash (wnpa-sec-2018-47)\n - CVE-2018-12086: OpcUA dissector crash (wnpa-sec-2018-50)\n\n Further bug fixes and updated protocol support that were done are listed\n in:\n\n <a rel=\"nofollow\" href=\"https://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html\">https://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html</a>\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "cvss3": {}, "published": "2018-10-24T03:15:41", "type": "suse", "title": "Security update for wireshark (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2018-12086", "CVE-2018-18227"], "modified": "2018-10-24T03:15:41", "id": "OPENSUSE-SU-2018:3368-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00053.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-08T04:09:51", "description": "An update that fixes 59 vulnerabilities is now available.\n\nDescription:\n\n This update for wireshark and libmaxminddb fixes the following issues:\n\n Update wireshark to new major version 3.2.2 and introduce libmaxminddb for\n GeoIP support (bsc#1156288).\n\n New features include:\n\n - Added support for 111 new protocols, including WireGuard, LoRaWAN, TPM\n 2.0, 802.11ax and QUIC\n - Improved support for existing protocols, like HTTP/2\n - Improved analytics and usability functionalities\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-362=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-03-19T00:00:00", "type": "suse", "title": "Security update for wireshark (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11354", "CVE-2018-11355", "CVE-2018-11356", "CVE-2018-11357", "CVE-2018-11358", "CVE-2018-11359", "CVE-2018-11360", "CVE-2018-11361", "CVE-2018-11362", "CVE-2018-12086", "CVE-2018-14339", "CVE-2018-14340", "CVE-2018-14341", "CVE-2018-14342", "CVE-2018-14343", "CVE-2018-14344", "CVE-2018-14367", "CVE-2018-14368", "CVE-2018-14369", "CVE-2018-14370", "CVE-2018-16056", "CVE-2018-16057", "CVE-2018-16058", "CVE-2018-18225", "CVE-2018-18226", "CVE-2018-18227", "CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-19627", "CVE-2018-19628", "CVE-2019-10894", "CVE-2019-10895", "CVE-2019-10896", "CVE-2019-10897", "CVE-2019-10898", "CVE-2019-10899", "CVE-2019-10900", "CVE-2019-10901", "CVE-2019-10902", "CVE-2019-10903", "CVE-2019-13619", "CVE-2019-16319", "CVE-2019-19553", "CVE-2019-5716", "CVE-2019-5717", "CVE-2019-5718", "CVE-2019-5719", "CVE-2019-5721", "CVE-2019-9208", "CVE-2019-9209", "CVE-2019-9214", "CVE-2020-7044", "CVE-2020-9428", "CVE-2020-9429", "CVE-2020-9430", "CVE-2020-9431"], "modified": "2020-03-19T00:00:00", "id": "OPENSUSE-SU-2020:0362-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5IUFGOOBYOJSD6ELATYP2KAV4TMLYPWB/", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "fedora": [{"lastseen": "2021-07-28T14:46:50", "description": "Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich display filter language and the ability to reassemble multiple protocol packets in order to, for example, view a complete TCP stream, save the contents of a file which was transferred over HTTP or CIFS, or play back an RTP audio stream. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-12-18T03:06:54", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: wireshark-2.6.5-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16056", "CVE-2018-16057", "CVE-2018-16058", "CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-19627", "CVE-2018-19628"], "modified": "2018-12-18T03:06:54", "id": "FEDORA:BB0F9605F088", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/F3NMZYPRNUMMUL7FJJD2MY3J6NL4YZNB/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich display filter language and the ability to reassemble multiple protocol packets in order to, for example, view a complete TCP stream, save the contents of a file which was transferred over HTTP or CIFS, or play back an RTP audio stream. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-01-26T02:15:39", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: wireshark-2.6.6-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16056", "CVE-2018-16057", "CVE-2018-16058", "CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19626", "CVE-2018-19627", "CVE-2018-19628", "CVE-2019-5716", "CVE-2019-5717", "CVE-2019-5718", "CVE-2019-5719"], "modified": "2019-01-26T02:15:39", "id": "FEDORA:4413B6120A17", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4XUCWNJ4WXFZ5ZH5QGE5YGN5FMDC4XTH/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Metapackage with installs wireshark-cli and wireshark-qt. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-12-19T01:51:31", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: wireshark-2.6.5-1.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14339", "CVE-2018-14340", "CVE-2018-14341", "CVE-2018-14343", "CVE-2018-14344", "CVE-2018-14367", "CVE-2018-14368", "CVE-2018-14370", "CVE-2018-16056", "CVE-2018-16057", "CVE-2018-16058", "CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-19627", "CVE-2018-19628"], "modified": "2018-12-19T01:51:31", "id": "FEDORA:E1F03604CCFB", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/YYWXKA5SI2MYIJ5SWKKJRNUYFIZLOXEF/", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich display filter language and the ability to reassemble multiple protocol packets in order to, for example, view a complete TCP stream, save the contents of a file which was transferred over HTTP or CIFS, or play back an RTP audio stream. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-08-30T00:51:53", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: wireshark-3.0.3-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16056", "CVE-2018-16057", "CVE-2018-16058", "CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19626", "CVE-2018-19627", "CVE-2018-19628", "CVE-2019-10894", "CVE-2019-10895", "CVE-2019-10896", "CVE-2019-10897", "CVE-2019-10899", "CVE-2019-10900", "CVE-2019-10901", "CVE-2019-10902", "CVE-2019-10903", "CVE-2019-13619", "CVE-2019-5716", "CVE-2019-5717", "CVE-2019-5718"], "modified": "2019-08-30T00:51:53", "id": "FEDORA:A65C46509BD7", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/Q4QVJALLGVVC7MBUT4B4SHQVDXGJKGI7/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Metapackage with installs wireshark-cli and wireshark-qt. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-01-31T02:12:28", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: wireshark-2.6.6-1.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14339", "CVE-2018-14340", "CVE-2018-14341", "CVE-2018-14343", "CVE-2018-14344", "CVE-2018-14367", "CVE-2018-14368", "CVE-2018-14370", "CVE-2018-16056", "CVE-2018-16057", "CVE-2018-16058", "CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19626", "CVE-2018-19627", "CVE-2018-19628", "CVE-2019-5716", "CVE-2019-5717", "CVE-2019-5718", "CVE-2019-5719"], "modified": "2019-01-31T02:12:28", "id": "FEDORA:05CC8610B02D", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/Q575PWQ6ACDNUHBG6QOIDNTJ5AF2JAU5/", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich display filter language and the ability to reassemble multiple protocol packets in order to, for example, view a complete TCP stream, save the contents of a file which was transferred over HTTP or CIFS, or play back an RTP audio stream. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-04-19T19:09:47", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: wireshark-3.0.1-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16056", "CVE-2018-16057", "CVE-2018-16058", "CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19626", "CVE-2018-19627", "CVE-2018-19628", "CVE-2019-10894", "CVE-2019-10895", "CVE-2019-10896", "CVE-2019-10897", "CVE-2019-10898", "CVE-2019-10899", "CVE-2019-10900", "CVE-2019-10901", "CVE-2019-10902", "CVE-2019-10903", "CVE-2019-5716", "CVE-2019-5717", "CVE-2019-5718"], "modified": "2019-04-19T19:09:47", "id": "FEDORA:1D3596042F2D", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4LYIOOQIMFQ3PA7AFBK4DNXHISTEYUC5/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Metapackage with installs wireshark-cli and wireshark-qt. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-11-28T02:46:18", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: wireshark-2.6.4-1.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14339", "CVE-2018-14340", "CVE-2018-14341", "CVE-2018-14343", "CVE-2018-14344", "CVE-2018-14367", "CVE-2018-14368", "CVE-2018-14370", "CVE-2018-16056", "CVE-2018-16057", "CVE-2018-16058", "CVE-2018-18225", "CVE-2018-18226", "CVE-2018-18227"], "modified": "2018-11-28T02:46:18", "id": "FEDORA:69A7A604D2CE", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XXS5DAT7UAY3W2K7M3FOXRIFPLX5UFSB/", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "debiancve": [{"lastseen": "2023-09-09T02:56:47", "description": "In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was addressed in epan/dissectors/packet-coap.c by ensuring that the piv length is correctly computed.", "cvss3": {}, "published": "2018-10-12T06:29:00", "type": "debiancve", "title": "CVE-2018-18225", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2018-18225"], "modified": "2018-10-12T06:29:00", "id": "DEBIANCVE:CVE-2018-18225", "href": "https://security-tracker.debian.org/tracker/CVE-2018-18225", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T02:56:47", "description": "In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could consume system memory. This was addressed in epan/dissectors/packet-steam-ihs-discovery.c by changing the memory-management approach.", "cvss3": {}, "published": "2018-10-12T06:29:00", "type": "debiancve", "title": "CVE-2018-18226", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2018-18226"], "modified": "2018-10-12T06:29:00", "id": "DEBIANCVE:CVE-2018-18226", "href": "https://security-tracker.debian.org/tracker/CVE-2018-18226", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T02:56:47", "description": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by adjusting a buffer boundary.", "cvss3": {}, "published": "2018-11-29T04:29:00", "type": "debiancve", "title": "CVE-2018-19627", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2018-19627"], "modified": "2018-11-29T04:29:00", "id": "DEBIANCVE:CVE-2018-19627", "href": "https://security-tracker.debian.org/tracker/CVE-2018-19627", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T02:56:47", "description": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. This was addressed in epan/tvbuff_composite.c by preventing a heap-based buffer over-read.", "cvss3": {}, "published": "2018-11-29T04:29:00", "type": "debiancve", "title": "CVE-2018-19625", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2018-19625"], "modified": "2018-11-29T04:29:00", "id": "DEBIANCVE:CVE-2018-19625", "href": "https://security-tracker.debian.org/tracker/CVE-2018-19625", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T02:56:47", "description": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows.", "cvss3": {}, "published": "2018-11-29T04:29:00", "type": "debiancve", "title": "CVE-2018-19622", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2018-19622"], "modified": "2018-11-29T04:29:00", "id": "DEBIANCVE:CVE-2018-19622", "href": "https://security-tracker.debian.org/tracker/CVE-2018-19622", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T02:56:47", "description": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash. In addition, a remote attacker could write arbitrary data to any memory locations before the packet-scoped memory. This was addressed in epan/dissectors/packet-lbmpdm.c by disallowing certain negative values.", "cvss3": {}, "published": "2018-11-29T04:29:00", "type": "debiancve", "title": "CVE-2018-19623", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2018-19623"], "modified": "2018-11-29T04:29:00", "id": "DEBIANCVE:CVE-2018-19623", "href": "https://security-tracker.debian.org/tracker/CVE-2018-19623", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T02:56:47", "description": "In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values.", "cvss3": {}, "published": "2018-10-12T06:29:00", "type": "debiancve", "title": "CVE-2018-18227", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2018-18227"], "modified": "2018-10-12T06:29:00", "id": "DEBIANCVE:CVE-2018-18227", "href": "https://security-tracker.debian.org/tracker/CVE-2018-18227", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T02:56:47", "description": "In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash. This was addressed in epan/dissectors/packet-zbee-zcl-lighting.c by preventing a divide-by-zero error.", "cvss3": {}, "published": "2018-11-29T04:29:00", "type": "debiancve", "title": "CVE-2018-19628", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2018-19628"], "modified": "2018-11-29T04:29:00", "id": "DEBIANCVE:CVE-2018-19628", "href": "https://security-tracker.debian.org/tracker/CVE-2018-19628", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T02:56:47", "description": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding '\\0' termination.", "cvss3": {}, "published": "2018-11-29T04:29:00", "type": "debiancve", "title": "CVE-2018-19626", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2018-19626"], "modified": "2018-11-29T04:29:00", "id": "DEBIANCVE:CVE-2018-19626", "href": "https://security-tracker.debian.org/tracker/CVE-2018-19626", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T02:56:47", "description": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash. This was addressed in epan/dissectors/packet-pvfs2.c by preventing a NULL pointer dereference.", "cvss3": {}, "published": "2018-11-29T04:29:00", "type": "debiancve", "title": "CVE-2018-19624", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2018-19624"], "modified": "2018-11-29T04:29:00", "id": "DEBIANCVE:CVE-2018-19624", "href": "https://security-tracker.debian.org/tracker/CVE-2018-19624", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T02:56:47", "description": "Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests.", "cvss3": {}, "published": "2018-09-14T21:29:00", "type": "debiancve", "title": "CVE-2018-12086", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2018-12086"], "modified": "2018-09-14T21:29:00", "id": "DEBIANCVE:CVE-2018-12086", "href": "https://security-tracker.debian.org/tracker/CVE-2018-12086", "cvss": {"score": 0.0, "vector": "NONE"}}], "cve": [{"lastseen": "2023-06-23T14:42:31", "description": "In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could consume system memory. This was addressed in epan/dissectors/packet-steam-ihs-discovery.c by changing the memory-management approach.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-12T06:29:00", "type": "cve", "title": "CVE-2018-18226", "cwe": ["CWE-772"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-18226"], "modified": "2020-03-20T01:15:00", "cpe": ["cpe:/o:debian:debian_linux:9.0", "cpe:/a:wireshark:wireshark:2.6.3"], "id": "CVE-2018-18226", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-18226", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.6.3:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-23T14:47:49", "description": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. This was addressed in epan/tvbuff_composite.c by preventing a heap-based buffer over-read.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-11-29T04:29:00", "type": "cve", "title": "CVE-2018-19625", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19625"], "modified": "2020-03-20T01:15:00", "cpe": ["cpe:/a:wireshark:wireshark:2.4.10", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:wireshark:wireshark:2.6.4"], "id": "CVE-2018-19625", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-19625", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.4.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-23T14:47:45", "description": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash. In addition, a remote attacker could write arbitrary data to any memory locations before the packet-scoped memory. This was addressed in epan/dissectors/packet-lbmpdm.c by disallowing certain negative values.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-29T04:29:00", "type": "cve", "title": "CVE-2018-19623", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19623"], "modified": "2020-03-20T01:15:00", "cpe": ["cpe:/a:wireshark:wireshark:2.4.10", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:wireshark:wireshark:2.6.4"], "id": "CVE-2018-19623", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-19623", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.4.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-23T14:47:45", "description": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by adjusting a buffer boundary.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-29T04:29:00", "type": "cve", "title": "CVE-2018-19627", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19627"], "modified": "2020-03-20T01:15:00", "cpe": ["cpe:/a:wireshark:wireshark:2.4.10", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:wireshark:wireshark:2.6.4"], "id": "CVE-2018-19627", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-19627", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.4.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-23T14:42:31", "description": "In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was addressed in epan/dissectors/packet-coap.c by ensuring that the piv length is correctly computed.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-12T06:29:00", "type": "cve", "title": "CVE-2018-18225", "cwe": ["CWE-682"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-18225"], "modified": "2020-10-15T16:13:00", "cpe": ["cpe:/o:debian:debian_linux:9.0", "cpe:/o:opensuse:leap:15.1", "cpe:/a:wireshark:wireshark:2.6.3"], "id": "CVE-2018-18225", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-18225", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.6.3:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-23T14:47:50", "description": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash. This was addressed in epan/dissectors/packet-pvfs2.c by preventing a NULL pointer dereference.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-11-29T04:29:00", "type": "cve", "title": "CVE-2018-19624", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19624"], "modified": "2020-03-20T01:15:00", "cpe": ["cpe:/a:wireshark:wireshark:2.4.10", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:wireshark:wireshark:2.6.4"], "id": "CVE-2018-19624", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-19624", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.4.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-23T14:47:49", "description": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding '\\0' termination.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-11-29T04:29:00", "type": "cve", "title": "CVE-2018-19626", "cwe": ["CWE-908", "CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19626"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:wireshark:wireshark:2.4.10", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:wireshark:wireshark:2.6.4"], "id": "CVE-2018-19626", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-19626", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.4.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-23T14:47:45", "description": "In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash. This was addressed in epan/dissectors/packet-zbee-zcl-lighting.c by preventing a divide-by-zero error.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-29T04:29:00", "type": "cve", "title": "CVE-2018-19628", "cwe": ["CWE-369"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19628"], "modified": "2020-03-20T01:15:00", "cpe": ["cpe:/o:debian:debian_linux:9.0", "cpe:/a:wireshark:wireshark:2.6.4"], "id": "CVE-2018-19628", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-19628", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-23T14:42:31", "description": "In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-12T06:29:00", "type": "cve", "title": "CVE-2018-18227", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-18227"], "modified": "2020-03-20T01:15:00", "cpe": ["cpe:/o:debian:debian_linux:9.0", "cpe:/a:wireshark:wireshark:2.4.9", "cpe:/a:wireshark:wireshark:2.6.3"], "id": "CVE-2018-18227", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-18227", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.6.3:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-23T14:47:48", "description": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-29T04:29:00", "type": "cve", "title": "CVE-2018-19622", "cwe": ["CWE-835"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19622"], "modified": "2020-03-20T01:15:00", "cpe": ["cpe:/a:wireshark:wireshark:2.4.10", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:wireshark:wireshark:2.6.4"], "id": "CVE-2018-19622", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-19622", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.4.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-23T14:16:09", "description": "Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-09-14T21:29:00", "type": "cve", "title": "CVE-2018-12086", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12086"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:opcfoundation:unified_architecture-java:1.03.343", "cpe:/a:opcfoundation:unified_architecture_.net-standard:1.03.352.12", "cpe:/a:opcfoundation:unified_architecture-.net-legacy:1.03.342", "cpe:/a:opcfoundation:unified_architecture_ansic:1.03.340", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-12086", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12086", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:opcfoundation:unified_architecture-.net-legacy:1.03.342:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:opcfoundation:unified_architecture-java:1.03.343:*:*:*:*:*:*:*", "cpe:2.3:a:opcfoundation:unified_architecture_.net-standard:1.03.352.12:*:*:*:*:*:*:*", "cpe:2.3:a:opcfoundation:unified_architecture_ansic:1.03.340:*:*:*:*:*:*:*"]}], "alpinelinux": [{"lastseen": "2023-06-23T15:26:36", "description": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. This was addressed in epan/tvbuff_composite.c by preventing a heap-based buffer over-read.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-11-29T04:29:00", "type": "alpinelinux", "title": "CVE-2018-19625", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19625"], "modified": "2020-03-20T01:15:00", "id": "ALPINE:CVE-2018-19625", "href": "https://security.alpinelinux.org/vuln/CVE-2018-19625", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T15:26:36", "description": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding '\\0' termination.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-11-29T04:29:00", "type": "alpinelinux", "title": "CVE-2018-19626", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19626"], "modified": "2020-08-24T17:37:00", "id": "ALPINE:CVE-2018-19626", "href": "https://security.alpinelinux.org/vuln/CVE-2018-19626", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T15:26:36", "description": "In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was addressed in epan/dissectors/packet-coap.c by ensuring that the piv length is correctly computed.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-12T06:29:00", "type": "alpinelinux", "title": "CVE-2018-18225", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-18225"], "modified": "2020-10-15T16:13:00", "id": "ALPINE:CVE-2018-18225", "href": "https://security.alpinelinux.org/vuln/CVE-2018-18225", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T15:26:36", "description": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash. This was addressed in epan/dissectors/packet-pvfs2.c by preventing a NULL pointer dereference.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-11-29T04:29:00", "type": "alpinelinux", "title": "CVE-2018-19624", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19624"], "modified": "2020-03-20T01:15:00", "id": "ALPINE:CVE-2018-19624", "href": "https://security.alpinelinux.org/vuln/CVE-2018-19624", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T15:26:36", "description": "In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could consume system memory. This was addressed in epan/dissectors/packet-steam-ihs-discovery.c by changing the memory-management approach.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-12T06:29:00", "type": "alpinelinux", "title": "CVE-2018-18226", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-18226"], "modified": "2020-03-20T01:15:00", "id": "ALPINE:CVE-2018-18226", "href": "https://security.alpinelinux.org/vuln/CVE-2018-18226", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-23T15:26:36", "description": "In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-12T06:29:00", "type": "alpinelinux", "title": "CVE-2018-18227", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-18227"], "modified": "2020-03-20T01:15:00", "id": "ALPINE:CVE-2018-18227", "href": "https://security.alpinelinux.org/vuln/CVE-2018-18227", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T15:26:36", "description": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash. In addition, a remote attacker could write arbitrary data to any memory locations before the packet-scoped memory. This was addressed in epan/dissectors/packet-lbmpdm.c by disallowing certain negative values.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-29T04:29:00", "type": "alpinelinux", "title": "CVE-2018-19623", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19623"], "modified": "2020-03-20T01:15:00", "id": "ALPINE:CVE-2018-19623", "href": "https://security.alpinelinux.org/vuln/CVE-2018-19623", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T15:26:36", "description": "In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash. This was addressed in epan/dissectors/packet-zbee-zcl-lighting.c by preventing a divide-by-zero error.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-29T04:29:00", "type": "alpinelinux", "title": "CVE-2018-19628", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19628"], "modified": "2020-03-20T01:15:00", "id": "ALPINE:CVE-2018-19628", "href": "https://security.alpinelinux.org/vuln/CVE-2018-19628", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T15:26:36", "description": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-29T04:29:00", "type": "alpinelinux", "title": "CVE-2018-19622", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19622"], "modified": "2020-03-20T01:15:00", "id": "ALPINE:CVE-2018-19622", "href": "https://security.alpinelinux.org/vuln/CVE-2018-19622", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T15:26:36", "description": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by adjusting a buffer boundary.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-29T04:29:00", "type": "alpinelinux", "title": "CVE-2018-19627", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19627"], "modified": "2020-03-20T01:15:00", "id": "ALPINE:CVE-2018-19627", "href": "https://security.alpinelinux.org/vuln/CVE-2018-19627", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T15:26:36", "description": "Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-09-14T21:29:00", "type": "alpinelinux", "title": "CVE-2018-12086", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12086"], "modified": "2020-08-24T17:37:00", "id": "ALPINE:CVE-2018-12086", "href": "https://security.alpinelinux.org/vuln/CVE-2018-12086", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhatcve": [{"lastseen": "2023-06-23T20:30:03", "description": "A divide-by-zero vulnerability in ZigBee ZCL dissector allows Wireshark to crash when parsing a specially crafted pcap file. An attacker could cause a denial of service to Wireshark by injecting malicious packets into victim's WPAN network.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-12-04T10:22:55", "type": "redhatcve", "title": "CVE-2018-19628", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19628"], "modified": "2023-04-06T04:26:23", "id": "RH:CVE-2018-19628", "href": "https://access.redhat.com/security/cve/cve-2018-19628", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T20:30:04", "description": "An out of bounds heap read vulnerability in the wiretap library of Wireshark could allow Wireshark to crash when parsing specially crafted pcap file.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-12-04T10:20:01", "type": "redhatcve", "title": "CVE-2018-19627", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19627"], "modified": "2023-04-06T04:26:18", "id": "RH:CVE-2018-19627", "href": "https://access.redhat.com/security/cve/cve-2018-19627", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T20:30:02", "description": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash. In addition, a remote attacker could write arbitrary data to any memory locations before the packet-scoped memory. This was addressed in epan/dissectors/packet-lbmpdm.c by disallowing certain negative values.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-12-04T10:22:19", "type": "redhatcve", "title": "CVE-2018-19623", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19623"], "modified": "2023-04-06T04:26:03", "id": "RH:CVE-2018-19623", "href": "https://access.redhat.com/security/cve/cve-2018-19623", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T20:30:26", "description": "In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was addressed in epan/dissectors/packet-coap.c by ensuring that the piv length is correctly computed.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-25T10:19:17", "type": "redhatcve", "title": "CVE-2018-18225", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-18225"], "modified": "2023-06-13T12:53:06", "id": "RH:CVE-2018-18225", "href": "https://access.redhat.com/security/cve/cve-2018-18225", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T20:30:03", "description": "An out of bounds heap read vulnerability in the dissection engine could allow Wireshark to crash when parsing a specially crafted pcap file. A remote attacker could cause a denial of service to Wireshark by injecting malicious packets into the network that are automatically processed.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-12-04T10:21:11", "type": "redhatcve", "title": "CVE-2018-19625", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19625"], "modified": "2023-04-06T04:26:13", "id": "RH:CVE-2018-19625", "href": "https://access.redhat.com/security/cve/cve-2018-19625", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T20:30:26", "description": "In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could consume system memory. This was addressed in epan/dissectors/packet-steam-ihs-discovery.c by changing the memory-management approach.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-25T10:20:10", "type": "redhatcve", "title": "CVE-2018-18226", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-18226"], "modified": "2023-04-06T05:20:25", "id": "RH:CVE-2018-18226", "href": "https://access.redhat.com/security/cve/cve-2018-18226", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-23T20:30:27", "description": "In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-25T10:20:58", "type": "redhatcve", "title": "CVE-2018-18227", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-18227"], "modified": "2023-04-06T05:20:30", "id": "RH:CVE-2018-18227", "href": "https://access.redhat.com/security/cve/cve-2018-18227", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T20:30:03", "description": "A vulnerability in MMSE dissector allows Wireshark to loop infinitely when parsing a specially crafted pcap file. Remote attacker could cause a denial of service to Wireshark by injecting malicious packets into the network that are automatically processed.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-12-04T09:50:24", "type": "redhatcve", "title": "CVE-2018-19622", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19622"], "modified": "2023-04-06T04:25:57", "id": "RH:CVE-2018-19622", "href": "https://access.redhat.com/security/cve/cve-2018-19622", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T20:30:02", "description": "Missing initialization of buffer in DCOM dissector could allow Wireshark to crash when parsing a specially crafted pcap file. A remote attacker could cause a denial of service to Wireshark by injecting malicious packets into the network that are automatically processed. Moreover, the content of uninitialized stack memory is leaked to the local user via Wireshark, causing an information leak as secondary impact.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-12-04T10:20:45", "type": "redhatcve", "title": "CVE-2018-19626", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19626"], "modified": "2023-04-06T04:26:16", "id": "RH:CVE-2018-19626", "href": "https://access.redhat.com/security/cve/cve-2018-19626", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T20:30:03", "description": "A NULL pointer dereference vulnerability in the PVFS dissector allows Wireshark to crash when parsing a specially crafted pcap file. A remote attacker could cause a denial of service to Wireshark by injecting malicious packets into the network that are automatically processed.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-12-04T10:21:45", "type": "redhatcve", "title": "CVE-2018-19624", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19624"], "modified": "2023-04-06T04:26:15", "id": "RH:CVE-2018-19624", "href": "https://access.redhat.com/security/cve/cve-2018-19624", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-23T20:30:25", "description": "Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-25T10:21:39", "type": "redhatcve", "title": "CVE-2018-12086", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12086"], "modified": "2023-04-06T05:32:52", "id": "RH:CVE-2018-12086", "href": "https://access.redhat.com/security/cve/cve-2018-12086", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntucve": [{"lastseen": "2023-06-28T14:05:20", "description": "In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could\nconsume system memory. This was addressed in\nepan/dissectors/packet-steam-ihs-discovery.c by changing the\nmemory-management approach.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-12T00:00:00", "type": "ubuntucve", "title": "CVE-2018-18226", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-18226"], "modified": "2018-10-12T00:00:00", "id": "UB:CVE-2018-18226", "href": "https://ubuntu.com/security/CVE-2018-18226", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-29T14:40:00", "description": "In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was\naddressed in epan/dissectors/packet-coap.c by ensuring that the piv length\nis correctly computed.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-12T00:00:00", "type": "ubuntucve", "title": "CVE-2018-18225", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-18225"], "modified": "2018-10-12T00:00:00", "id": "UB:CVE-2018-18225", "href": "https://ubuntu.com/security/CVE-2018-18225", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-28T14:04:06", "description": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could\ncrash. In addition, a remote attacker could write arbitrary data to any\nmemory locations before the packet-scoped memory. This was addressed in\nepan/dissectors/packet-lbmpdm.c by disallowing certain negative values.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-29T00:00:00", "type": "ubuntucve", "title": "CVE-2018-19623", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19623"], "modified": "2018-11-29T00:00:00", "id": "UB:CVE-2018-19623", "href": "https://ubuntu.com/security/CVE-2018-19623", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-28T14:04:05", "description": "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could\ncrash. This was addressed in epan/dissectors/packet-dcom.c by adding '\\0'\ntermination.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, &qu
[SECURITY] [DSA 4359-1] wireshark security update
