Several vulnerabilities have been found in wireshark, a network traffic analyzer.
CVE-2019-10894
Assertion failure in dissect_gssapi_work (packet-gssapi.c) leading to crash of the GSS-API dissector. Remote attackers might leverage this vulnerability to trigger DoS via a packet containing crafted GSS-API payload.
CVE-2019-10895
Insufficient data validation leading to large number of heap buffer overflows read and write in the NetScaler trace handling module (netscaler.c). Remote attackers might leverage these vulnerabilities to trigger DoS, or any other unspecified impact via crafted packets.
CVE-2019-10899
Heap-based buffer under-read vulnerability in the Service Location Protocol dissector. Remote attackers might leverage these vulnerabilities to trigger DoS, or any other unspecified impact via crafted SRVLOC packets.
CVE-2019-10901
NULL pointer dereference in the Local Download Sharing Service protocol dissector. Remote attackers might leverage these flaws to trigger DoS via crafted LDSS packets.
CVE-2019-10903
Missing boundary checks leading to heap out-of-bounds read vulnerability in the Microsoft Spool Subsystem protocol dissector.
Remote attackers might leverage these vulnerabilities to trigger DoS, or any other unspecified impact via crafted SPOOLSS packets.
For Debian 8 ‘Jessie’, these problems have been fixed in version 1.12.1+g01b65bf-4+deb8u19.
We recommend that you upgrade your wireshark packages.
NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DLA-1802-1. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(125408);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2019-10894", "CVE-2019-10895", "CVE-2019-10899", "CVE-2019-10901", "CVE-2019-10903");
script_name(english:"Debian DLA-1802-1 : wireshark security update");
script_summary(english:"Checks dpkg output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Several vulnerabilities have been found in wireshark, a network
traffic analyzer.
CVE-2019-10894
Assertion failure in dissect_gssapi_work (packet-gssapi.c) leading to
crash of the GSS-API dissector. Remote attackers might leverage this
vulnerability to trigger DoS via a packet containing crafted GSS-API
payload.
CVE-2019-10895
Insufficient data validation leading to large number of heap buffer
overflows read and write in the NetScaler trace handling module
(netscaler.c). Remote attackers might leverage these vulnerabilities
to trigger DoS, or any other unspecified impact via crafted packets.
CVE-2019-10899
Heap-based buffer under-read vulnerability in the Service Location
Protocol dissector. Remote attackers might leverage these
vulnerabilities to trigger DoS, or any other unspecified impact via
crafted SRVLOC packets.
CVE-2019-10901
NULL pointer dereference in the Local Download Sharing Service
protocol dissector. Remote attackers might leverage these flaws to
trigger DoS via crafted LDSS packets.
CVE-2019-10903
Missing boundary checks leading to heap out-of-bounds read
vulnerability in the Microsoft Spool Subsystem protocol dissector.
Remote attackers might leverage these vulnerabilities to trigger DoS,
or any other unspecified impact via crafted SPOOLSS packets.
For Debian 8 'Jessie', these problems have been fixed in version
1.12.1+g01b65bf-4+deb8u19.
We recommend that you upgrade your wireshark packages.
NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://lists.debian.org/debian-lts-announce/2019/05/msg00034.html"
);
script_set_attribute(
attribute:"see_also",
value:"https://packages.debian.org/source/jessie/wireshark"
);
script_set_attribute(attribute:"solution", value:"Upgrade the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwireshark-data");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwireshark-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwireshark5");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwiretap-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwiretap4");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwsutil-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwsutil4");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:tshark");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:wireshark");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:wireshark-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:wireshark-dbg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:wireshark-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:wireshark-doc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:wireshark-qt");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/09");
script_set_attribute(attribute:"patch_publication_date", value:"2019/05/25");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/28");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"8.0", prefix:"libwireshark-data", reference:"1.12.1+g01b65bf-4+deb8u19")) flag++;
if (deb_check(release:"8.0", prefix:"libwireshark-dev", reference:"1.12.1+g01b65bf-4+deb8u19")) flag++;
if (deb_check(release:"8.0", prefix:"libwireshark5", reference:"1.12.1+g01b65bf-4+deb8u19")) flag++;
if (deb_check(release:"8.0", prefix:"libwiretap-dev", reference:"1.12.1+g01b65bf-4+deb8u19")) flag++;
if (deb_check(release:"8.0", prefix:"libwiretap4", reference:"1.12.1+g01b65bf-4+deb8u19")) flag++;
if (deb_check(release:"8.0", prefix:"libwsutil-dev", reference:"1.12.1+g01b65bf-4+deb8u19")) flag++;
if (deb_check(release:"8.0", prefix:"libwsutil4", reference:"1.12.1+g01b65bf-4+deb8u19")) flag++;
if (deb_check(release:"8.0", prefix:"tshark", reference:"1.12.1+g01b65bf-4+deb8u19")) flag++;
if (deb_check(release:"8.0", prefix:"wireshark", reference:"1.12.1+g01b65bf-4+deb8u19")) flag++;
if (deb_check(release:"8.0", prefix:"wireshark-common", reference:"1.12.1+g01b65bf-4+deb8u19")) flag++;
if (deb_check(release:"8.0", prefix:"wireshark-dbg", reference:"1.12.1+g01b65bf-4+deb8u19")) flag++;
if (deb_check(release:"8.0", prefix:"wireshark-dev", reference:"1.12.1+g01b65bf-4+deb8u19")) flag++;
if (deb_check(release:"8.0", prefix:"wireshark-doc", reference:"1.12.1+g01b65bf-4+deb8u19")) flag++;
if (deb_check(release:"8.0", prefix:"wireshark-qt", reference:"1.12.1+g01b65bf-4+deb8u19")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Vendor | Product | Version | CPE |
---|---|---|---|
debian | debian_linux | libwireshark-data | p-cpe:/a:debian:debian_linux:libwireshark-data |
debian | debian_linux | libwireshark-dev | p-cpe:/a:debian:debian_linux:libwireshark-dev |
debian | debian_linux | libwireshark5 | p-cpe:/a:debian:debian_linux:libwireshark5 |
debian | debian_linux | libwiretap-dev | p-cpe:/a:debian:debian_linux:libwiretap-dev |
debian | debian_linux | libwiretap4 | p-cpe:/a:debian:debian_linux:libwiretap4 |
debian | debian_linux | libwsutil-dev | p-cpe:/a:debian:debian_linux:libwsutil-dev |
debian | debian_linux | libwsutil4 | p-cpe:/a:debian:debian_linux:libwsutil4 |
debian | debian_linux | tshark | p-cpe:/a:debian:debian_linux:tshark |
debian | debian_linux | wireshark | p-cpe:/a:debian:debian_linux:wireshark |
debian | debian_linux | wireshark-common | p-cpe:/a:debian:debian_linux:wireshark-common |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10894
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10895
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10899
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10901
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10903
lists.debian.org/debian-lts-announce/2019/05/msg00034.html
packages.debian.org/source/jessie/wireshark