| Reporter | Title | Published | Views | Family All 706 |
|---|---|---|---|---|
| CVE-2026-6534 | 30 Apr 202605:36 | – | attackerkb | |
| CVE-2026-6532 | 30 Apr 202605:36 | – | attackerkb | |
| CVE-2026-6522 | 30 Apr 202605:33 | – | attackerkb | |
| CVE-2026-6868 | 30 Apr 202605:04 | – | attackerkb | |
| CVE-2026-5409 | 30 Apr 202605:41 | – | attackerkb | |
| CVE-2026-6524 | 30 Apr 202605:34 | – | attackerkb | |
| CVE-2026-6521 | 30 Apr 202605:34 | – | attackerkb | |
| CVE-2026-6531 | 30 Apr 202605:36 | – | attackerkb | |
| CVE-2026-6538 | 30 Apr 202605:38 | – | attackerkb | |
| CVE-2026-6869 | 30 Apr 202605:33 | – | attackerkb |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux 2023 Security Advisory ALAS2023-2026-1904.
##
include('compat.inc');
if (description)
{
script_id(327387);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/07/16");
script_cve_id(
"CVE-2026-5299",
"CVE-2026-5401",
"CVE-2026-5404",
"CVE-2026-5406",
"CVE-2026-5407",
"CVE-2026-5408",
"CVE-2026-5409",
"CVE-2026-5653",
"CVE-2026-5654",
"CVE-2026-5657",
"CVE-2026-6519",
"CVE-2026-6520",
"CVE-2026-6521",
"CVE-2026-6522",
"CVE-2026-6523",
"CVE-2026-6524",
"CVE-2026-6527",
"CVE-2026-6529",
"CVE-2026-6530",
"CVE-2026-6531",
"CVE-2026-6532",
"CVE-2026-6533",
"CVE-2026-6534",
"CVE-2026-6535",
"CVE-2026-6537",
"CVE-2026-6538",
"CVE-2026-6867",
"CVE-2026-6868",
"CVE-2026-6869",
"CVE-2026-6870",
"CVE-2026-7375",
"CVE-2026-7376",
"CVE-2026-7378",
"CVE-2026-7379",
"CVE-2026-9759"
);
script_name(english:"Amazon Linux 2023 : wireshark-cli, wireshark-devel (ALAS2023-2026-1904)");
script_set_attribute(attribute:"synopsis", value:
"The remote Amazon Linux 2023 host is missing a security update.");
script_set_attribute(attribute:"description", value:
"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1904 advisory.
ICMPv6 PvD protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of
service (CVE-2026-5299)
AFP Spotlight protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of
service (CVE-2026-5401)
K12 RF5 file parser crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
(CVE-2026-5404)
FC-SWILS protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
(CVE-2026-5406)
SMB2 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of
service (CVE-2026-5407)
BT-DHT protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
(CVE-2026-5408)
Monero protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
(CVE-2026-5409)
DCP-ETSI protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
(CVE-2026-5653)
AMR-NB codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
(CVE-2026-5654)
iLBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service (CVE-2026-5657)
MBIM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of
service (CVE-2026-6519)
OpenFlow v6 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial
of service (CVE-2026-6520)
OpenFlow v5 protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows
denial of service (CVE-2026-6521)
RPKI-Router protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial
of service (CVE-2026-6522)
GNW protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of
service (CVE-2026-6523)
MySQL protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
(CVE-2026-6524)
ASN.1 PER protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of
service (CVE-2026-6527)
iLBC audio codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
(CVE-2026-6529)
DCP-ETSI protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
(CVE-2026-6530)
SANE protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of
service (CVE-2026-6531)
Kismet protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
(CVE-2026-6532)
Dissection engine LZ77 decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial
of service (CVE-2026-6533)
USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of
service (CVE-2026-6534)
Dissection engine zlib decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial
of service (CVE-2026-6535)
ZigBee protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
(CVE-2026-6537)
BEEP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
(CVE-2026-6538)
SMB2 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
(CVE-2026-6867)
HTTP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
(CVE-2026-6868)
WebSocket protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of
service (CVE-2026-6869)
GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
(CVE-2026-6870)
UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of
service (CVE-2026-7375)
Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service (CVE-2026-7376)
Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service (CVE-2026-7378)
Memory leak in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service (CVE-2026-7379)
ROHC protocol dissector crash in Wireshark 4.6.0 to 4.6.5 and 4.4.0 to 4.4.15 allows denial of service
(CVE-2026-9759)
Tenable has extracted the preceding description block directly from the tested product security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com//AL2023/ALAS2023-2026-1904.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/faqs.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-5299.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-5401.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-5404.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-5406.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-5407.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-5408.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-5409.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-5653.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-5654.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-5657.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-6519.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-6520.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-6521.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-6522.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-6523.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-6524.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-6527.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-6529.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-6530.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-6531.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-6532.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-6533.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-6534.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-6535.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-6537.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-6538.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-6867.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-6868.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-6869.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-6870.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-7375.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-7376.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-7378.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-7379.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2026-9759.html");
script_set_attribute(attribute:"solution", value:
"Run 'dnf update wireshark --releasever 2023.12.20260706' or
or 'dnf update --advisory ALAS2023-2026-1904 --releasever 2023.12.20260706' to update your system.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2026-7379");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2025/11/19");
script_set_attribute(attribute:"patch_publication_date", value:"2026/07/07");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/07/16");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:wireshark-cli");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:wireshark-cli-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:wireshark-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:wireshark-devel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux:2023");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Amazon Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
exit(0);
}
include("rpm2.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var alas_release = get_kb_item("Host/AmazonLinux/release");
if (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, "Amazon Linux");
var os_ver = pregmatch(pattern: "^AL(A|\d+|-\d+)", string:alas_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "-2023")
{
if (os_ver == 'A') os_ver = 'AMI';
audit(AUDIT_OS_NOT, "Amazon Linux 2023", "Amazon Linux " + os_ver);
}
if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var pkgs = [
{'reference':'wireshark-cli-4.6.6-1.amzn2023.0.1', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'wireshark-cli-4.6.6-1.amzn2023.0.1', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'wireshark-cli-debuginfo-4.6.6-1.amzn2023.0.1', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'wireshark-cli-debuginfo-4.6.6-1.amzn2023.0.1', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'wireshark-debugsource-4.6.6-1.amzn2023.0.1', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'wireshark-debugsource-4.6.6-1.amzn2023.0.1', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'wireshark-devel-4.6.6-1.amzn2023.0.1', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'wireshark-devel-4.6.6-1.amzn2023.0.1', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
var cves = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (!empty_or_null(package_array['cves'])) cves = package_array['cves'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "wireshark-cli / wireshark-cli-debuginfo / wireshark-debugsource / etc");
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation