Multiple vulnerabilities were discovered in the dissectors/parsers for Pcapng, NBAP, UMTS FP, DCOM, AllJoyn, T.38, SDP, NLM, DNS, BED, SCTP, 802.11, DIAMETER, VeriWave, RVSP, ANSi A, GSM A, Ascend, NBAP, ZigBee ZCL and Sniffer which could result in denial of service.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-3505. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(89695);
script_version("2.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2015-7830", "CVE-2015-8711", "CVE-2015-8712", "CVE-2015-8713", "CVE-2015-8714", "CVE-2015-8715", "CVE-2015-8716", "CVE-2015-8717", "CVE-2015-8718", "CVE-2015-8719", "CVE-2015-8720", "CVE-2015-8721", "CVE-2015-8722", "CVE-2015-8723", "CVE-2015-8724", "CVE-2015-8725", "CVE-2015-8726", "CVE-2015-8727", "CVE-2015-8728", "CVE-2015-8729", "CVE-2015-8730", "CVE-2015-8732", "CVE-2015-8733");
script_xref(name:"DSA", value:"3505");
script_name(english:"Debian DSA-3505-1 : wireshark - security update");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"Multiple vulnerabilities were discovered in the dissectors/parsers for
Pcapng, NBAP, UMTS FP, DCOM, AllJoyn, T.38, SDP, NLM, DNS, BED, SCTP,
802.11, DIAMETER, VeriWave, RVSP, ANSi A, GSM A, Ascend, NBAP, ZigBee
ZCL and Sniffer which could result in denial of service."
);
script_set_attribute(
attribute:"see_also",
value:"https://packages.debian.org/source/wheezy/wireshark"
);
script_set_attribute(
attribute:"see_also",
value:"https://packages.debian.org/source/jessie/wireshark"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.debian.org/security/2016/dsa-3505"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade the wireshark packages.
For the oldstable distribution (wheezy), these problems have been
fixed in version 1.8.2-5wheezy17.
For the stable distribution (jessie), these problems have been fixed
in version 1.12.1+g01b65bf-4+deb8u4."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:wireshark");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/11/14");
script_set_attribute(attribute:"patch_publication_date", value:"2016/03/04");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/03/07");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"7.0", prefix:"libwireshark-data", reference:"1.8.2-5wheezy17")) flag++;
if (deb_check(release:"7.0", prefix:"libwireshark-dev", reference:"1.8.2-5wheezy17")) flag++;
if (deb_check(release:"7.0", prefix:"libwireshark2", reference:"1.8.2-5wheezy17")) flag++;
if (deb_check(release:"7.0", prefix:"libwiretap-dev", reference:"1.8.2-5wheezy17")) flag++;
if (deb_check(release:"7.0", prefix:"libwiretap2", reference:"1.8.2-5wheezy17")) flag++;
if (deb_check(release:"7.0", prefix:"libwsutil-dev", reference:"1.8.2-5wheezy17")) flag++;
if (deb_check(release:"7.0", prefix:"libwsutil2", reference:"1.8.2-5wheezy17")) flag++;
if (deb_check(release:"7.0", prefix:"tshark", reference:"1.8.2-5wheezy17")) flag++;
if (deb_check(release:"7.0", prefix:"wireshark", reference:"1.8.2-5wheezy17")) flag++;
if (deb_check(release:"7.0", prefix:"wireshark-common", reference:"1.8.2-5wheezy17")) flag++;
if (deb_check(release:"7.0", prefix:"wireshark-dbg", reference:"1.8.2-5wheezy17")) flag++;
if (deb_check(release:"7.0", prefix:"wireshark-dev", reference:"1.8.2-5wheezy17")) flag++;
if (deb_check(release:"7.0", prefix:"wireshark-doc", reference:"1.8.2-5wheezy17")) flag++;
if (deb_check(release:"8.0", prefix:"libwireshark-data", reference:"1.12.1+g01b65bf-4+deb8u4")) flag++;
if (deb_check(release:"8.0", prefix:"libwireshark-dev", reference:"1.12.1+g01b65bf-4+deb8u4")) flag++;
if (deb_check(release:"8.0", prefix:"libwireshark5", reference:"1.12.1+g01b65bf-4+deb8u4")) flag++;
if (deb_check(release:"8.0", prefix:"libwiretap-dev", reference:"1.12.1+g01b65bf-4+deb8u4")) flag++;
if (deb_check(release:"8.0", prefix:"libwiretap4", reference:"1.12.1+g01b65bf-4+deb8u4")) flag++;
if (deb_check(release:"8.0", prefix:"libwsutil-dev", reference:"1.12.1+g01b65bf-4+deb8u4")) flag++;
if (deb_check(release:"8.0", prefix:"libwsutil4", reference:"1.12.1+g01b65bf-4+deb8u4")) flag++;
if (deb_check(release:"8.0", prefix:"tshark", reference:"1.12.1+g01b65bf-4+deb8u4")) flag++;
if (deb_check(release:"8.0", prefix:"wireshark", reference:"1.12.1+g01b65bf-4+deb8u4")) flag++;
if (deb_check(release:"8.0", prefix:"wireshark-common", reference:"1.12.1+g01b65bf-4+deb8u4")) flag++;
if (deb_check(release:"8.0", prefix:"wireshark-dbg", reference:"1.12.1+g01b65bf-4+deb8u4")) flag++;
if (deb_check(release:"8.0", prefix:"wireshark-dev", reference:"1.12.1+g01b65bf-4+deb8u4")) flag++;
if (deb_check(release:"8.0", prefix:"wireshark-doc", reference:"1.12.1+g01b65bf-4+deb8u4")) flag++;
if (deb_check(release:"8.0", prefix:"wireshark-qt", reference:"1.12.1+g01b65bf-4+deb8u4")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Vendor | Product | Version | CPE |
---|---|---|---|
debian | debian_linux | wireshark | p-cpe:/a:debian:debian_linux:wireshark |
debian | debian_linux | 7.0 | cpe:/o:debian:debian_linux:7.0 |
debian | debian_linux | 8.0 | cpe:/o:debian:debian_linux:8.0 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7830
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8711
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8712
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8713
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8714
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8715
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8716
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8717
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8718
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8719
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8720
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8721
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8722
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8723
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8724
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8725
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8726
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8727
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8728
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8729
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8730
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8732
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8733
packages.debian.org/source/jessie/wireshark
packages.debian.org/source/wheezy/wireshark
www.debian.org/security/2016/dsa-3505