5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
The following vulnerabilities were discovered in the Squeeze’s Wireshark version :
CVE-2015-2188 The WCP dissector could crash CVE-2015-0564 Wireshark could crash while decypting TLS/SSL sessions CVE-2015-0562 The DEC DNA Routing Protocol dissector could crash CVE-2014-8714 TN5250 infinite loops CVE-2014-8713 NCP crashes CVE-2014-8712 NCP crashes CVE-2014-8711 AMQP crash CVE-2014-8710 SigComp UDVM buffer overflow CVE-2014-6432 Sniffer file parser crash CVE-2014-6431 Sniffer file parser crash CVE-2014-6430 Sniffer file parser crash CVE-2014-6429 Sniffer file parser crash CVE-2014-6428 SES dissector crash CVE-2014-6423 MEGACO dissector infinite loop CVE-2014-6422 RTP dissector crash
Since back-porting upstream patches to 1.2.11-6+squeeze15 did not fix all the outstanding issues and some issues are not even tracked publicly the LTS Team decided to sync squeeze-lts’s wireshark package with wheezy-security to provide the best possible security support.
Note that upgrading Wireshark from 1.2.x to 1.8.x introduces several backward-incompatible changes in package structure, shared library API/ABI, availability of dissectors and in syntax of command line parameters.
NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DLA-198-1. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(83002);
script_version("1.11");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2014-6422", "CVE-2014-6423", "CVE-2014-6428", "CVE-2014-6429", "CVE-2014-6430", "CVE-2014-6431", "CVE-2014-6432", "CVE-2014-8710", "CVE-2014-8711", "CVE-2014-8712", "CVE-2014-8713", "CVE-2014-8714", "CVE-2015-0562", "CVE-2015-0564", "CVE-2015-2188", "CVE-2015-2191");
script_bugtraq_id(69853, 69856, 69857, 69858, 69859, 69860, 69865, 71069, 71070, 71071, 71072, 71073, 71921, 71922, 72941, 72942);
script_name(english:"Debian DLA-198-1 : wireshark security update");
script_summary(english:"Checks dpkg output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"The following vulnerabilities were discovered in the Squeeze's
Wireshark version :
CVE-2015-2188 The WCP dissector could crash CVE-2015-0564 Wireshark
could crash while decypting TLS/SSL sessions CVE-2015-0562 The DEC DNA
Routing Protocol dissector could crash CVE-2014-8714 TN5250 infinite
loops CVE-2014-8713 NCP crashes CVE-2014-8712 NCP crashes
CVE-2014-8711 AMQP crash CVE-2014-8710 SigComp UDVM buffer overflow
CVE-2014-6432 Sniffer file parser crash CVE-2014-6431 Sniffer file
parser crash CVE-2014-6430 Sniffer file parser crash CVE-2014-6429
Sniffer file parser crash CVE-2014-6428 SES dissector crash
CVE-2014-6423 MEGACO dissector infinite loop CVE-2014-6422 RTP
dissector crash
Since back-porting upstream patches to 1.2.11-6+squeeze15 did not fix
all the outstanding issues and some issues are not even tracked
publicly the LTS Team decided to sync squeeze-lts's wireshark package
with wheezy-security to provide the best possible security support.
Note that upgrading Wireshark from 1.2.x to 1.8.x introduces several
backward-incompatible changes in package structure, shared library
API/ABI, availability of dissectors and in syntax of command line
parameters.
NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://lists.debian.org/debian-lts-announce/2015/04/msg00020.html"
);
script_set_attribute(
attribute:"see_also",
value:"https://packages.debian.org/source/squeeze-lts/wireshark"
);
script_set_attribute(attribute:"solution", value:"Upgrade the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwireshark-data");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwireshark-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwireshark2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwiretap-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwiretap2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwsutil-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwsutil2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:tshark");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:wireshark");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:wireshark-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:wireshark-dbg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:wireshark-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:wireshark-doc");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");
script_set_attribute(attribute:"patch_publication_date", value:"2015/04/22");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/04/23");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"6.0", prefix:"libwireshark-data", reference:"1.8.2-5wheezy15~deb6u1")) flag++;
if (deb_check(release:"6.0", prefix:"libwireshark-dev", reference:"1.8.2-5wheezy15~deb6u1")) flag++;
if (deb_check(release:"6.0", prefix:"libwireshark2", reference:"1.8.2-5wheezy15~deb6u1")) flag++;
if (deb_check(release:"6.0", prefix:"libwiretap-dev", reference:"1.8.2-5wheezy15~deb6u1")) flag++;
if (deb_check(release:"6.0", prefix:"libwiretap2", reference:"1.8.2-5wheezy15~deb6u1")) flag++;
if (deb_check(release:"6.0", prefix:"libwsutil-dev", reference:"1.8.2-5wheezy15~deb6u1")) flag++;
if (deb_check(release:"6.0", prefix:"libwsutil2", reference:"1.8.2-5wheezy15~deb6u1")) flag++;
if (deb_check(release:"6.0", prefix:"tshark", reference:"1.8.2-5wheezy15~deb6u1")) flag++;
if (deb_check(release:"6.0", prefix:"wireshark", reference:"1.8.2-5wheezy15~deb6u1")) flag++;
if (deb_check(release:"6.0", prefix:"wireshark-common", reference:"1.8.2-5wheezy15~deb6u1")) flag++;
if (deb_check(release:"6.0", prefix:"wireshark-dbg", reference:"1.8.2-5wheezy15~deb6u1")) flag++;
if (deb_check(release:"6.0", prefix:"wireshark-dev", reference:"1.8.2-5wheezy15~deb6u1")) flag++;
if (deb_check(release:"6.0", prefix:"wireshark-doc", reference:"1.8.2-5wheezy15~deb6u1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Vendor | Product | Version | CPE |
---|---|---|---|
debian | debian_linux | libwireshark-data | p-cpe:/a:debian:debian_linux:libwireshark-data |
debian | debian_linux | libwireshark-dev | p-cpe:/a:debian:debian_linux:libwireshark-dev |
debian | debian_linux | libwireshark2 | p-cpe:/a:debian:debian_linux:libwireshark2 |
debian | debian_linux | libwiretap-dev | p-cpe:/a:debian:debian_linux:libwiretap-dev |
debian | debian_linux | libwiretap2 | p-cpe:/a:debian:debian_linux:libwiretap2 |
debian | debian_linux | libwsutil-dev | p-cpe:/a:debian:debian_linux:libwsutil-dev |
debian | debian_linux | libwsutil2 | p-cpe:/a:debian:debian_linux:libwsutil2 |
debian | debian_linux | tshark | p-cpe:/a:debian:debian_linux:tshark |
debian | debian_linux | wireshark | p-cpe:/a:debian:debian_linux:wireshark |
debian | debian_linux | wireshark-common | p-cpe:/a:debian:debian_linux:wireshark-common |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6422
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6423
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6428
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6429
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6430
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6431
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6432
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8710
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8711
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8712
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8713
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8714
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0562
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0564
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2188
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2191
lists.debian.org/debian-lts-announce/2015/04/msg00020.html
packages.debian.org/source/squeeze-lts/wireshark