Lucene search
This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.F5_BIGIP_SOL06725231.NASLHistoryJul 09, 2020 - 12:00 a.m.
F5 Networks BIG-IP : Wireshark vulnerability (K06725231)
2020-07-0900:00:00
This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11
7.4 High
AI Score
Confidence
High
In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting recursion.
(CVE-2019-12295)
Impact
An attacker can leverage this issue to stop the affected application and deny service to legitimate users.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from F5 Networks BIG-IP Solution K06725231.
#
# The text description of this plugin is (C) F5 Networks.
#
include('compat.inc');
if (description)
{
script_id(138229);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/02");
script_cve_id("CVE-2019-12295");
script_name(english:"F5 Networks BIG-IP : Wireshark vulnerability (K06725231)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
script_set_attribute(attribute:"description", value:
"In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the
dissection engine could crash. This was addressed in epan/packet.c by
restricting the number of layers and consequently limiting recursion.
(CVE-2019-12295)
Impact
An attacker can leverage this issue to stop the affected application
and deny service to legitimate users.");
script_set_attribute(attribute:"see_also", value:"https://my.f5.com/manage/s/article/K06725231");
script_set_attribute(attribute:"solution", value:
"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K06725231.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-12295");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/05/23");
script_set_attribute(attribute:"patch_publication_date", value:"2019/09/10");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/07/09");
script_set_attribute(attribute:"potential_vulnerability", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_access_policy_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_advanced_firewall_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_acceleration_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_security_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_visibility_and_reporting");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_domain_name_system");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_global_traffic_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_link_controller");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_local_traffic_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_policy_enforcement_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_webaccelerator");
script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"F5 Networks Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("f5_bigip_detect.nbin");
script_require_keys("Host/local_checks_enabled", "Host/BIG-IP/hotfix", "Host/BIG-IP/modules", "Host/BIG-IP/version", "Settings/ParanoidReport");
exit(0);
}
include('f5_func.inc');
if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var version = get_kb_item('Host/BIG-IP/version');
if ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');
if ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');
if ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');
if (report_paranoia < 2) audit(AUDIT_PARANOID);
var sol = 'K06725231';
var vmatrix = {
'AFM': {
'affected': [
'15.1.0','15.0.0-15.0.1','14.1.0-14.1.2','14.0.0.3-14.0.1','13.1.1.2-13.1.3','12.1.3.6-12.1.5'
],
'unaffected': [
'16.0.0','15.1.1','14.1.2.8','13.1.3.5','12.1.5.3'
],
},
'AM': {
'affected': [
'15.1.0','15.0.0-15.0.1','14.1.0-14.1.2','14.0.0.3-14.0.1','13.1.1.2-13.1.3','12.1.3.6-12.1.5'
],
'unaffected': [
'16.0.0','15.1.1','14.1.2.8','13.1.3.5','12.1.5.3'
],
},
'APM': {
'affected': [
'15.1.0','15.0.0-15.0.1','14.1.0-14.1.2','14.0.0.3-14.0.1','13.1.1.2-13.1.3','12.1.3.6-12.1.5'
],
'unaffected': [
'16.0.0','15.1.1','14.1.2.8','13.1.3.5','12.1.5.3'
],
},
'ASM': {
'affected': [
'15.1.0','15.0.0-15.0.1','14.1.0-14.1.2','14.0.0.3-14.0.1','13.1.1.2-13.1.3','12.1.3.6-12.1.5'
],
'unaffected': [
'16.0.0','15.1.1','14.1.2.8','13.1.3.5','12.1.5.3'
],
},
'AVR': {
'affected': [
'15.1.0','15.0.0-15.0.1','14.1.0-14.1.2','14.0.0.3-14.0.1','13.1.1.2-13.1.3','12.1.3.6-12.1.5'
],
'unaffected': [
'16.0.0','15.1.1','14.1.2.8','13.1.3.5','12.1.5.3'
],
},
'DNS': {
'affected': [
'15.1.0','15.0.0-15.0.1','14.1.0-14.1.2','14.0.0.3-14.0.1','13.1.1.2-13.1.3','12.1.3.6-12.1.5'
],
'unaffected': [
'16.0.0','15.1.1','14.1.2.8','13.1.3.5','12.1.5.3'
],
},
'GTM': {
'affected': [
'15.1.0','15.0.0-15.0.1','14.1.0-14.1.2','14.0.0.3-14.0.1','13.1.1.2-13.1.3','12.1.3.6-12.1.5'
],
'unaffected': [
'16.0.0','15.1.1','14.1.2.8','13.1.3.5','12.1.5.3'
],
},
'LC': {
'affected': [
'15.1.0','15.0.0-15.0.1','14.1.0-14.1.2','14.0.0.3-14.0.1','13.1.1.2-13.1.3','12.1.3.6-12.1.5'
],
'unaffected': [
'16.0.0','15.1.1','14.1.2.8','13.1.3.5','12.1.5.3'
],
},
'LTM': {
'affected': [
'15.1.0','15.0.0-15.0.1','14.1.0-14.1.2','14.0.0.3-14.0.1','13.1.1.2-13.1.3','12.1.3.6-12.1.5'
],
'unaffected': [
'16.0.0','15.1.1','14.1.2.8','13.1.3.5','12.1.5.3'
],
},
'PEM': {
'affected': [
'15.1.0','15.0.0-15.0.1','14.1.0-14.1.2','14.0.0.3-14.0.1','13.1.1.2-13.1.3','12.1.3.6-12.1.5'
],
'unaffected': [
'16.0.0','15.1.1','14.1.2.8','13.1.3.5','12.1.5.3'
],
},
'WAM': {
'affected': [
'15.1.0','15.0.0-15.0.1','14.1.0-14.1.2','14.0.0.3-14.0.1','13.1.1.2-13.1.3','12.1.3.6-12.1.5'
],
'unaffected': [
'16.0.0','15.1.1','14.1.2.8','13.1.3.5','12.1.5.3'
],
}
};
if (bigip_is_affected(vmatrix:vmatrix, sol:sol))
{
var extra = NULL;
if (report_verbosity > 0) extra = bigip_report_get();
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : extra
);
}
else
{
var tested = bigip_get_tested_modules();
var audit_extra = 'For BIG-IP module(s) ' + tested + ',';
if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);
else audit(AUDIT_HOST_NOT, 'running any of the affected modules');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| f5 | big-ip_access_policy_manager | cpe:/a:f5:big-ip_access_policy_manager | |
| f5 | big-ip_advanced_firewall_manager | cpe:/a:f5:big-ip_advanced_firewall_manager | |
| f5 | big-ip_application_acceleration_manager | cpe:/a:f5:big-ip_application_acceleration_manager | |
| f5 | big-ip_application_security_manager | cpe:/a:f5:big-ip_application_security_manager | |
| f5 | big-ip_application_visibility_and_reporting | cpe:/a:f5:big-ip_application_visibility_and_reporting | |
| f5 | big-ip_domain_name_system | cpe:/a:f5:big-ip_domain_name_system | |
| f5 | big-ip_global_traffic_manager | cpe:/a:f5:big-ip_global_traffic_manager | |
| f5 | big-ip_link_controller | cpe:/a:f5:big-ip_link_controller | |
| f5 | big-ip_local_traffic_manager | cpe:/a:f5:big-ip_local_traffic_manager | |
| f5 | big-ip_policy_enforcement_manager | cpe:/a:f5:big-ip_policy_enforcement_manager |
Related
nessus
nessus
Wireshark 2.4.x < 2.4.15 A Vulnerability (macOS)
2019-05-23 00:00:00
Wireshark 3.0.x < 3.0.2 A Vulnerability
2019-05-23 00:00:00
Wireshark 2.6.x < 2.6.9 A Vulnerability (macOS)
2019-05-23 00:00:00
kaspersky
kaspersky
KLA11568 DoS vulnerability in Wireshark
2019-05-21 00:00:00
redhatcve
redhatcve
CVE-2019-12295
2020-05-05 13:39:53
altlinux
altlinux
Security fix for the ALT Linux 9 package wireshark version 3.0.2-alt1
2019-05-31 00:00:00
f5
f5
K06725231 : Wireshark vulnerability CVE-2019-12295
2019-09-10 00:00:00
cve
cve
CVE-2019-12295
2019-05-23 12:29:00
debiancve
debiancve
CVE-2019-12295
2019-05-23 12:29:00
veracode
veracode
Denial Of Service (DoS)
2020-09-21 06:29:05
prion
prion
Design/Logic Flaw
2019-05-23 12:29:00
alpinelinux
alpinelinux
CVE-2019-12295
2019-05-23 12:29:00
ubuntucve
ubuntucve
CVE-2019-12295
2019-05-23 00:00:00
ubuntu
ubuntu
Wireshark vulnerabilities
2019-09-16 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-4133-1)
2019-09-17 00:00:00
Debian: Security Advisory (DLA-2423-1)
2020-11-03 00:00:00
Debian: Security Advisory (DLA-2547-1)
2021-02-07 00:00:00
osv
osv
wireshark - security update
2020-10-31 00:00:00
wireshark - security update
2021-02-06 00:00:00
debian
debian
[SECURITY] [DLA 2423-1] wireshark security update
2020-10-31 21:05:56