Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-200608-26
HistoryAug 29, 2006 - 12:00 a.m.

Wireshark: Multiple vulnerabilities

2006-08-2900:00:00
Gentoo Foundation
security.gentoo.org
23

0.02 Low

EPSS

Percentile

88.9%

JSON

Background

Wireshark is a feature-rich network protocol analyzer.

Description

The following vulnerabilities have been discovered in Wireshark. Firstly, if the IPsec ESP parser is used it is susceptible to off-by-one errors, this parser is disabled by default; secondly, the SCSI dissector is vulnerable to an unspecified crash; and finally, the Q.2931 dissector of the SSCOP payload may use all the available memory if a port range is configured. By default, no port ranges are configured.

Impact

An attacker might be able to exploit these vulnerabilities, resulting in a crash or the execution of arbitrary code with the permissions of the user running Wireshark, possibly the root user.

Workaround

Disable the SCSI and Q.2931 dissectors with the “Analyse” and “Enabled protocols” menus. Make sure the ESP decryption is disabled, with the “Edit -> Preferences -> Protocols -> ESP” menu.

Resolution

All Wireshark users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-0.99.3"
OSVersionArchitecturePackageVersionFilename
Gentooanyallnet-analyzer/wireshark< 0.99.3UNKNOWN

Related

openvas 8
nessus 11
centos 2
redhat 1
oraclelinux 3
cve 4
cert 4
debiancve 4
ubuntucve 4
fedora 1
debian 1
osv 1
openvas
openvas
Gentoo Security Advisory GLSA 200608-26 (wireshark)
2008-09-24 00:00:00
SLES9: Security update for ethereal
2009-10-10 00:00:00
SLES9: Security update for ethereal
2009-10-10 00:00:00
nessus
nessus
openSUSE 10 Security Update : ethereal (ethereal-2029)
2007-10-17 00:00:00
Mandrake Linux Security Advisory : wireshark (MDKSA-2006:152)
2006-12-16 00:00:00
SuSE 10 Security Update : ethereal (ZYPP Patch Number 2028)
2007-12-13 00:00:00
centos
centos
wireshark security update
2006-09-13 01:51:28
wireshark security update
2006-09-12 19:03:59
redhat
redhat
(RHSA-2006:0658) wireshark security update
2006-09-12 00:00:00
oraclelinux
oraclelinux
Moderate wireshark security update
2006-12-07 00:00:00
Moderate wireshark security update
2006-12-07 00:00:00
Moderate wireshark security update
2006-12-07 00:00:00
cve
cve
CVE-2006-4333
2006-08-24 20:04:00
CVE-2006-4331
2006-08-24 20:04:00
CVE-2006-4332
2006-08-24 20:04:00
cert
cert
Wireshark SSCOP dissector fails to properly handle malformed packets
2006-10-25 00:00:00
Wireshark contains multiple off-by-one errors in the IPSec ESP preference parser
2006-10-25 00:00:00
Wireshark contains an unspecified vulnerability in the DHCP dissector
2006-10-12 00:00:00
debiancve
debiancve
CVE-2006-4333
2006-08-24 20:04:00
CVE-2006-4332
2006-08-24 20:04:00
CVE-2006-4330
2006-08-24 20:04:00
ubuntucve
ubuntucve
CVE-2006-4333
2006-08-24 00:00:00
CVE-2006-4332
2006-08-24 00:00:00
CVE-2006-4331
2006-08-24 00:00:00
fedora
fedora
[SECURITY] Fedora Core 5 Update: wireshark-0.99.5-1.fc5
2007-02-06 17:14:14
debian
debian
[SECURITY] [DSA 1171-1] New ethereal packages fix execution of arbitrary code
2006-09-07 00:00:00
osv
osv
ethereal - several
2006-09-07 00:00:00

0.02 Low

EPSS

Percentile

88.9%

JSON
Related for GLSA-200608-26
openvas8nessus11centos2redhat1oraclelinux3cve4cert4debiancve4ubuntucve4fedora1debian1osv1