Fedora 13 : wireshark-1.2.13-2.fc13 (2011-0167)

2011-01-14T00:00:00

Description

- Wed Jan 5 2011 Jan Safranek <jsafrane at redhat.com> - 1.2.13-2 - fixed buffer overflow in ENTTEC dissector (#666897) - Mon Nov 22 2010 Jan Safranek <jsafrane at redhat.com> - 1.2.13-1 - upgrade to 1.2.13 - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.1 3.html - Mon Sep 13 2010 Jan Safranek <jsafrane at redhat.com> - 1.2.11-1 - upgrade to 1.2.11 - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.1 1.html - Resolves: #632539 - Tue Aug 24 2010 Jan Safranek <jsafrane at redhat.com> - 1.2.10-1 - upgrade to 1.2.10 - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.1 0.html - Resolves: #625940 CVE-2010-2287 CVE-2010-2286 CVE-2010-2284 CVE-2010-2283 - Mon May 17 2010 Radek Vokal <rvokal at redhat.com> - 1.2.8-3 - removing traling bracket from python_sitearch (#592391) - Fri May 7 2010 Radek Vokal <rvokal at redhat.com> - 1.2.8-2 - add libtool patch - Fri May 7 2010 Radek Vokal <rvokal at redhat.com> - 1.2.8-1 - use sitearch instead of sitelib to avoid pyo and pyc conflicts - upgrade to 1.2.8 - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.8 .html - rebuild with GeoIP support (needs to be turned on in IP protocol preferences) - bring back -pie Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

{"id": "FEDORA_2011-0167.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Fedora 13 : wireshark-1.2.13-2.fc13 (2011-0167)", "description": "- Wed Jan 5 2011 Jan Safranek <jsafrane at redhat.com> - 1.2.13-2\n\n - fixed buffer overflow in ENTTEC dissector (#666897)\n\n - Mon Nov 22 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.13-1\n\n - upgrade to 1.2.13\n\n - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.1 3.html\n\n - Mon Sep 13 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.11-1\n\n - upgrade to 1.2.11\n\n - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.1 1.html\n\n - Resolves: #632539\n\n - Tue Aug 24 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.10-1\n\n - upgrade to 1.2.10\n\n - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.1 0.html\n\n - Resolves: #625940 CVE-2010-2287 CVE-2010-2286 CVE-2010-2284 CVE-2010-2283\n\n - Mon May 17 2010 Radek Vokal <rvokal at redhat.com> - 1.2.8-3\n\n - removing traling bracket from python_sitearch (#592391)\n\n - Fri May 7 2010 Radek Vokal <rvokal at redhat.com> - 1.2.8-2\n\n - add libtool patch\n\n - Fri May 7 2010 Radek Vokal <rvokal at redhat.com> - 1.2.8-1\n\n - use sitearch instead of sitelib to avoid pyo and pyc conflicts\n\n - upgrade to 1.2.8\n\n - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.8 .html\n\n - rebuild with GeoIP support (needs to be turned on in IP protocol preferences)\n\n - bring back -pie\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2011-01-14T00:00:00", "modified": "2021-01-11T00:00:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {}, "cvss3": {"score": null, "vector": null}, "href": "https://www.tenable.com/plugins/nessus/51519", "reporter": "This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html", "https://www.wireshark.org/docs/relnotes/wireshark-1.2.8.html", "https://www.wireshark.org/docs/relnotes/wireshark-1.2.13.html", "https://www.wireshark.org/docs/relnotes/wireshark-1.2.11.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4538", "https://bugzilla.redhat.com/show_bug.cgi?id=666894", "http://www.nessus.org/u?b7bb23f3"], "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-4538"], "immutableFields": [], "lastseen": "2022-03-27T14:32:44", "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "centos", "idList": ["CESA-2010:0625", "CESA-2011:0013"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-2359", "CPAI-2015-0163", "CPAI-2015-0388"]}, {"type": "cve", "idList": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2994", "CVE-2010-2995", "CVE-2010-4538"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2066-1:00B62", "DEBIAN:DSA-2144-1:DEDCB"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2010-2283", "DEBIANCVE:CVE-2010-2284", "DEBIANCVE:CVE-2010-2286", "DEBIANCVE:CVE-2010-2287", "DEBIANCVE:CVE-2010-2994", "DEBIANCVE:CVE-2010-2995", "DEBIANCVE:CVE-2010-4538"]}, {"type": "fedora", "idList": ["FEDORA:22127110B4B", "FEDORA:5ED55110E1C", "FEDORA:77FD910F9EE", "FEDORA:A487811127C", "FEDORA:B6CC8110BFF", "FEDORA:C0E72110A4E", "FEDORA:C7FE910F926", "FEDORA:D2EFB110701"]}, {"type": "gentoo", "idList": ["GLSA-201110-02"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2010-0625.NASL", "CENTOS_RHSA-2011-0013.NASL", "DEBIAN_DSA-2066.NASL", "DEBIAN_DSA-2144.NASL", "FEDORA_2010-13416.NASL", "FEDORA_2010-13427.NASL", "FEDORA_2011-0128.NASL", "FEDORA_2011-0460.NASL", "GENTOO_GLSA-201110-02.NASL", "MANDRIVA_MDVSA-2010-113.NASL", "MANDRIVA_MDVSA-2010-144.NASL", "MANDRIVA_MDVSA-2011-002.NASL", "ORACLELINUX_ELSA-2010-0625.NASL", "ORACLELINUX_ELSA-2011-0013.NASL", "REDHAT-RHSA-2010-0625.NASL", "REDHAT-RHSA-2011-0013.NASL", "SL_20100811_WIRESHARK_ON_SL3_X.NASL", "SL_20110110_WIRESHARK_ON_SL4_X.NASL", "SUSE_11_1_WIRESHARK-101222.NASL", "SUSE_11_2_WIRESHARK-101222.NASL", "SUSE_11_3_WIRESHARK-101222.NASL", "SUSE_11_WIRESHARK-110331.NASL", "SUSE_WIRESHARK-7438.NASL", "SUSE_WIRESHARK-7439.NASL", "WIRESHARK_1_2_9.NASL", "WIRESHARK_1_4_3.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122284", "OPENVAS:1361412562310122329", "OPENVAS:136141256231067638", "OPENVAS:136141256231068985", "OPENVAS:136141256231070765", "OPENVAS:1361412562310801828", "OPENVAS:1361412562310830968", "OPENVAS:1361412562310831071", "OPENVAS:1361412562310831120", "OPENVAS:1361412562310831301", "OPENVAS:1361412562310862360", "OPENVAS:1361412562310862371", "OPENVAS:1361412562310862791", "OPENVAS:1361412562310862792", "OPENVAS:1361412562310862831", "OPENVAS:1361412562310862907", "OPENVAS:1361412562310863056", "OPENVAS:1361412562310863282", "OPENVAS:1361412562310870307", "OPENVAS:1361412562310870376", "OPENVAS:1361412562310880413", "OPENVAS:1361412562310880466", "OPENVAS:1361412562310881253", "OPENVAS:1361412562310902195", "OPENVAS:1361412562310902196", "OPENVAS:1361412562310902198", "OPENVAS:1361412562310902199", "OPENVAS:67638", "OPENVAS:68985", "OPENVAS:70765", "OPENVAS:801828", "OPENVAS:830968", "OPENVAS:831071", "OPENVAS:831120", "OPENVAS:831301", "OPENVAS:862360", "OPENVAS:862371", "OPENVAS:862791", "OPENVAS:862792", "OPENVAS:862831", "OPENVAS:862907", "OPENVAS:863056", "OPENVAS:863282", "OPENVAS:870307", "OPENVAS:870376", "OPENVAS:880413", "OPENVAS:880466", "OPENVAS:881253", "OPENVAS:902195", "OPENVAS:902196", "OPENVAS:902198", "OPENVAS:902199"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0625", "ELSA-2011-0013"]}, {"type": "osv", "idList": ["OSV:DSA-2066-1", "OSV:DSA-2144-1"]}, {"type": "redhat", "idList": ["RHSA-2010:0625", "RHSA-2011:0013"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:25486", "SECURITYVULNS:VULN:10928", "SECURITYVULNS:VULN:11346"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2010-2283", "UB:CVE-2010-2284", "UB:CVE-2010-2286", "UB:CVE-2010-2287", "UB:CVE-2010-2994", "UB:CVE-2010-2995", "UB:CVE-2010-4538"]}, {"type": "veracode", "idList": ["VERACODE:24234", "VERACODE:24235", "VERACODE:24236", "VERACODE:24237", "VERACODE:24479"]}]}, "score": {"value": 0.5, "vector": "NONE"}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2011:0013"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-2359"]}, {"type": "cve", "idList": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-4538"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2010-4538"]}, {"type": "fedora", "idList": ["FEDORA:D2EFB110701"]}, {"type": "gentoo", "idList": ["GLSA-201110-02"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-2144.NASL", "SUSE_WIRESHARK-7439.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310881253", "OPENVAS:870376"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-0013"]}, {"type": "redhat", "idList": ["RHSA-2011:0013"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2010-4538"]}]}, "exploitation": null, "vulnersScore": 0.5}, "_state": {"dependencies": 1660004461, "score": 1659817288}, "_internal": {"score_hash": "4201f92480022376001fee7f0445c399"}, "pluginID": "51519", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-0167.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51519);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-4538\");\n script_xref(name:\"FEDORA\", value:\"2011-0167\");\n\n script_name(english:\"Fedora 13 : wireshark-1.2.13-2.fc13 (2011-0167)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Wed Jan 5 2011 Jan Safranek <jsafrane at redhat.com> -\n 1.2.13-2\n\n - fixed buffer overflow in ENTTEC dissector (#666897)\n\n - Mon Nov 22 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.13-1\n\n - upgrade to 1.2.13\n\n - see\n http://www.wireshark.org/docs/relnotes/wireshark-1.2.1\n 3.html\n\n - Mon Sep 13 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.11-1\n\n - upgrade to 1.2.11\n\n - see\n http://www.wireshark.org/docs/relnotes/wireshark-1.2.1\n 1.html\n\n - Resolves: #632539\n\n - Tue Aug 24 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.10-1\n\n - upgrade to 1.2.10\n\n - see\n http://www.wireshark.org/docs/relnotes/wireshark-1.2.1\n 0.html\n\n - Resolves: #625940 CVE-2010-2287 CVE-2010-2286\n CVE-2010-2284 CVE-2010-2283\n\n - Mon May 17 2010 Radek Vokal <rvokal at redhat.com> -\n 1.2.8-3\n\n - removing traling bracket from python_sitearch\n (#592391)\n\n - Fri May 7 2010 Radek Vokal <rvokal at redhat.com> -\n 1.2.8-2\n\n - add libtool patch\n\n - Fri May 7 2010 Radek Vokal <rvokal at redhat.com> -\n 1.2.8-1\n\n - use sitearch instead of sitelib to avoid pyo and pyc\n conflicts\n\n - upgrade to 1.2.8\n\n - see\n http://www.wireshark.org/docs/relnotes/wireshark-1.2.8\n .html\n\n - rebuild with GeoIP support (needs to be turned on in\n IP protocol preferences)\n\n - bring back -pie\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.11.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.11.html\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.13.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.13.html\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.8.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.8.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=666894\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-January/053061.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b7bb23f3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'White_Phosphorus');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"wireshark-1.2.13-2.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "naslFamily": "Fedora Local Security Checks", "cpe": ["p-cpe:/a:fedoraproject:fedora:wireshark", "cpe:/o:fedoraproject:fedora:13"], "solution": "Update the affected wireshark package.", "nessusSeverity": "High", "cvssScoreSource": "", "vpr": {"risk factor": "High", "score": "7.4"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2011-01-05T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": ["Core Impact", "CANVAS(White_Phosphorus)"]}

{"openvas": [{"lastseen": "2019-05-29T18:39:46", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-01-14T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2011-0167", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2283", "CVE-2010-2286", "CVE-2010-4538"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310862791", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862791", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2011-0167\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053061.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862791\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-14 16:07:43 +0100 (Fri, 14 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-0167\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2010-4538\");\n script_name(\"Fedora Update for wireshark FEDORA-2011-0167\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"wireshark on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.13~2.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:30", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2011-01-14T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2011-0167", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2283", "CVE-2010-2286", "CVE-2010-4538"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:862791", "href": "http://plugins.openvas.org/nasl.php?oid=862791", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2011-0167\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a network traffic analyzer for Unix-ish operating systems.\n\n This package lays base for libpcap, a packet capture and filtering\n library, contains command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface is packaged\n separately to GTK+ package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Fedora 13\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053061.html\");\n script_id(862791);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-14 16:07:43 +0100 (Fri, 14 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-0167\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2010-4538\");\n script_name(\"Fedora Update for wireshark FEDORA-2011-0167\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.13~2.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-22T13:05:55", "description": "The remote host is missing an update to wireshark\nannounced via advisory DSA 2066-1.", "cvss3": {}, "published": "2010-07-06T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2066-1 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2285", "CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2283", "CVE-2010-2286"], "modified": "2018-01-22T00:00:00", "id": "OPENVAS:136141256231067638", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231067638", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2066_1.nasl 8485 2018-01-22 07:57:57Z teissa $\n# Description: Auto-generated from advisory DSA 2066-1 (wireshark)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in the Wireshark\nnetwork traffic analyzer. It was discovered that null pointer\ndereferences, buffer overflows and infinite loops in the SMB, SMB\nPIPE, ASN1.1 and SigComp dissectors could lead to denial of service\nor the execution of arbitrary code.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.0.2-3+lenny9.\n\nFor the upcoming stable distribution (squeeze) and the unstable\ndistribution (sid), these problems have been fixed in version\n1.2.9-1.\n\nWe recommend that you upgrade your wireshark packages.\";\ntag_summary = \"The remote host is missing an update to wireshark\nannounced via advisory DSA 2066-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202066-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.67638\");\n script_version(\"$Revision: 8485 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 08:57:57 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-06 02:35:12 +0200 (Tue, 06 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\");\n script_name(\"Debian Security Advisory DSA 2066-1 (wireshark)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.0.2-3+lenny9\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.0.2-3+lenny9\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.0.2-3+lenny9\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tshark\", ver:\"1.0.2-3+lenny9\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-18T11:05:20", "description": "Check for the Version of rpmdrake", "cvss3": {}, "published": "2010-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for rpmdrake MDVA-2010:113 (rpmdrake)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2285", "CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2283", "CVE-2010-2286"], "modified": "2018-01-17T00:00:00", "id": "OPENVAS:1361412562310830968", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830968", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for rpmdrake MDVA-2010:113 (rpmdrake)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"rpmdrake on Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64\";\ntag_insight = \"This update fixes rpmdrake behavior when suggesting packages from\n disabled backports media (#40556).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-04/msg00001.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830968\");\n script_version(\"$Revision: 8440 $\");\n script_cve_id(\"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\",\n \"CVE-2010-2287\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 08:58:46 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-09 11:11:25 +0200 (Fri, 09 Apr 2010)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVA\", value: \"2010:113\");\n script_name(\"Mandriva Update for rpmdrake MDVA-2010:113 (rpmdrake)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rpmdrake\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"rpmdrake\", rpm:\"rpmdrake~5.23.1~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-08T12:54:28", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-06-11T00:00:00", "type": "openvas", "title": "Mandriva Update for wireshark MDVSA-2010:113 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2285", "CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2283", "CVE-2010-2286"], "modified": "2018-01-05T00:00:00", "id": "OPENVAS:1361412562310831071", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831071", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for wireshark MDVSA-2010:113 (wireshark)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This advisory updates wireshark to the latest version(s), fixing\n several security issues:\n\n * The SMB dissector could dereference a NULL pointer. (Bug 4734)\n * J. Oquendo discovered that the ASN.1 BER dissector could overrun\n the stack.\n * The SMB PIPE dissector could dereference a NULL pointer on some\n platforms.\n * The SigComp Universal Decompressor Virtual Machine could go into\n an infinite loop. (Bug 4826)\n * The SigComp Universal Decompressor Virtual Machine could overrun\n a buffer. (Bug 4837)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-06/msg00009.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831071\");\n script_cve_id(\"CVE-2010-2283\",\"CVE-2010-2284\",\"CVE-2010-2285\",\"CVE-2010-2286\",\"CVE-2010-2287\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 8296 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 08:28:01 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-11 13:46:51 +0200 (Fri, 11 Jun 2010)\");\n script_xref(name: \"MDVSA\", value: \"2010:113\");\n script_name(\"Mandriva Update for wireshark MDVSA-2010:113 (wireshark)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-18T10:58:25", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-06-11T00:00:00", "type": "openvas", "title": "Mandriva Update for wireshark MDVSA-2010:113 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2285", "CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2283", "CVE-2010-2286"], "modified": "2017-12-18T00:00:00", "id": "OPENVAS:831071", "href": "http://plugins.openvas.org/nasl.php?oid=831071", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for wireshark MDVSA-2010:113 (wireshark)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This advisory updates wireshark to the latest version(s), fixing\n several security issues:\n\n * The SMB dissector could dereference a NULL pointer. (Bug 4734)\n * J. Oquendo discovered that the ASN.1 BER dissector could overrun\n the stack.\n * The SMB PIPE dissector could dereference a NULL pointer on some\n platforms.\n * The SigComp Universal Decompressor Virtual Machine could go into\n an infinite loop. (Bug 4826)\n * The SigComp Universal Decompressor Virtual Machine could overrun\n a buffer. (Bug 4837)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-06/msg00009.php\");\n script_id(831071);\n script_cve_id(\"CVE-2010-2283\",\"CVE-2010-2284\",\"CVE-2010-2285\",\"CVE-2010-2286\",\"CVE-2010-2287\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 8153 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-18 07:30:39 +0100 (Mon, 18 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-11 13:46:51 +0200 (Fri, 11 Jun 2010)\");\n script_xref(name: \"MDVSA\", value: \"2010:113\");\n script_name(\"Mandriva Update for wireshark MDVSA-2010:113 (wireshark)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:17", "description": "The remote host is missing an update to wireshark\nannounced via advisory DSA 2066-1.", "cvss3": {}, "published": "2010-07-06T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2066-1 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2285", "CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2283", "CVE-2010-2286"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:67638", "href": "http://plugins.openvas.org/nasl.php?oid=67638", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2066_1.nasl 6614 2017-07-07 12:09:12Z cfischer $\n# Description: Auto-generated from advisory DSA 2066-1 (wireshark)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in the Wireshark\nnetwork traffic analyzer. It was discovered that null pointer\ndereferences, buffer overflows and infinite loops in the SMB, SMB\nPIPE, ASN1.1 and SigComp dissectors could lead to denial of service\nor the execution of arbitrary code.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.0.2-3+lenny9.\n\nFor the upcoming stable distribution (squeeze) and the unstable\ndistribution (sid), these problems have been fixed in version\n1.2.9-1.\n\nWe recommend that you upgrade your wireshark packages.\";\ntag_summary = \"The remote host is missing an update to wireshark\nannounced via advisory DSA 2066-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202066-1\";\n\n\nif(description)\n{\n script_id(67638);\n script_version(\"$Revision: 6614 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:12 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-06 02:35:12 +0200 (Tue, 06 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\");\n script_name(\"Debian Security Advisory DSA 2066-1 (wireshark)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.0.2-3+lenny9\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.0.2-3+lenny9\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.0.2-3+lenny9\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tshark\", ver:\"1.0.2-3+lenny9\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-20T13:18:49", "description": "Check for the Version of rpmdrake", "cvss3": {}, "published": "2010-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for rpmdrake MDVA-2010:113 (rpmdrake)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2285", "CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2283", "CVE-2010-2286"], "modified": "2017-12-19T00:00:00", "id": "OPENVAS:830968", "href": "http://plugins.openvas.org/nasl.php?oid=830968", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for rpmdrake MDVA-2010:113 (rpmdrake)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"rpmdrake on Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64\";\ntag_insight = \"This update fixes rpmdrake behavior when suggesting packages from\n disabled backports media (#40556).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-04/msg00001.php\");\n script_id(830968);\n script_version(\"$Revision: 8164 $\");\n script_cve_id(\"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\",\n \"CVE-2010-2287\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 07:30:41 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-09 11:11:25 +0200 (Fri, 09 Apr 2010)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVA\", value: \"2010:113\");\n script_name(\"Mandriva Update for rpmdrake MDVA-2010:113 (rpmdrake)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rpmdrake\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"rpmdrake\", rpm:\"rpmdrake~5.23.1~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:37", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-05-05T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2011-5529", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2011-1590", "CVE-2010-2283", "CVE-2010-2286", "CVE-2011-1591"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863056", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863056", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2011-5529\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863056\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-05 07:14:22 +0200 (Thu, 05 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-5529\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2011-1590\", \"CVE-2011-1591\");\n script_name(\"Fedora Update for wireshark FEDORA-2011-5529\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"wireshark on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.16~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:31", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-02-04T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2011-0460", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2011-0444", "CVE-2010-2283", "CVE-2010-2286", "CVE-2011-0445"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310862831", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862831", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2011-0460\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053669.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862831\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-04 14:19:53 +0100 (Fri, 04 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-0460\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2011-0444\", \"CVE-2011-0445\");\n script_name(\"Fedora Update for wireshark FEDORA-2011-0460\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"wireshark on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.14~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-22T13:05:36", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "CentOS Update for wireshark CESA-2010:0625 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286"], "modified": "2018-01-22T00:00:00", "id": "OPENVAS:1361412562310880413", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880413", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for wireshark CESA-2010:0625 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Multiple buffer overflow flaws were found in the Wireshark SigComp\n Universal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read\n a malformed packet off a network or opened a malicious dump file, it could\n crash or, possibly, execute arbitrary code as the user running Wireshark.\n (CVE-2010-2287, CVE-2010-2995)\n\n Several denial of service flaws were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off a network, or\n opened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284,\n CVE-2010-2286)\n\n Users of Wireshark should upgrade to these updated packages, which contain\n Wireshark version 1.0.15, and resolve these issues. All running instances\n of Wireshark must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-August/016932.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880413\");\n script_version(\"$Revision: 8485 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 08:57:57 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2010:0625\");\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2995\");\n script_name(\"CentOS Update for wireshark CESA-2010:0625 centos4 i386\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.el4_8.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.el4_8.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:34", "description": "Oracle Linux Local Security Checks ELSA-2010-0625", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2010-0625", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122329", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122329", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2010-0625.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122329\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:16:55 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2010-0625\");\n script_tag(name:\"insight\", value:\"ELSA-2010-0625 - wireshark security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2010-0625\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2010-0625.html\");\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2995\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.0.1.el5_5.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.0.1.el5_5.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-08T12:53:34", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-08-13T00:00:00", "type": "openvas", "title": "RedHat Update for wireshark RHSA-2010:0625-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286"], "modified": "2018-01-05T00:00:00", "id": "OPENVAS:1361412562310870307", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870307", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for wireshark RHSA-2010:0625-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Multiple buffer overflow flaws were found in the Wireshark SigComp\n Universal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read\n a malformed packet off a network or opened a malicious dump file, it could\n crash or, possibly, execute arbitrary code as the user running Wireshark.\n (CVE-2010-2287, CVE-2010-2995)\n\n Several denial of service flaws were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off a network, or\n opened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284,\n CVE-2010-2286)\n\n Users of Wireshark should upgrade to these updated packages, which contain\n Wireshark version 1.0.15, and resolve these issues. All running instances\n of Wireshark must be restarted for the update to take effect.\";\n\ntag_affected = \"wireshark on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 3,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-August/msg00017.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870307\");\n script_version(\"$Revision: 8296 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 08:28:01 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-13 14:24:53 +0200 (Fri, 13 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2010:0625-01\");\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2995\");\n script_name(\"RedHat Update for wireshark RHSA-2010:0625-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.15~1.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.15~1.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~EL3.1\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.15~EL3.1\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~EL3.1\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:09", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "CentOS Update for wireshark CESA-2010:0625 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286"], "modified": "2017-12-22T00:00:00", "id": "OPENVAS:880413", "href": "http://plugins.openvas.org/nasl.php?oid=880413", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for wireshark CESA-2010:0625 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Multiple buffer overflow flaws were found in the Wireshark SigComp\n Universal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read\n a malformed packet off a network or opened a malicious dump file, it could\n crash or, possibly, execute arbitrary code as the user running Wireshark.\n (CVE-2010-2287, CVE-2010-2995)\n\n Several denial of service flaws were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off a network, or\n opened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284,\n CVE-2010-2286)\n\n Users of Wireshark should upgrade to these updated packages, which contain\n Wireshark version 1.0.15, and resolve these issues. All running instances\n of Wireshark must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-August/016932.html\");\n script_id(880413);\n script_version(\"$Revision: 8226 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 07:30:26 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2010:0625\");\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2995\");\n script_name(\"CentOS Update for wireshark CESA-2010:0625 centos4 i386\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.el4_8.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.el4_8.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-18T10:57:48", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-08-13T00:00:00", "type": "openvas", "title": "RedHat Update for wireshark RHSA-2010:0625-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286"], "modified": "2017-12-18T00:00:00", "id": "OPENVAS:870307", "href": "http://plugins.openvas.org/nasl.php?oid=870307", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for wireshark RHSA-2010:0625-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Multiple buffer overflow flaws were found in the Wireshark SigComp\n Universal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read\n a malformed packet off a network or opened a malicious dump file, it could\n crash or, possibly, execute arbitrary code as the user running Wireshark.\n (CVE-2010-2287, CVE-2010-2995)\n\n Several denial of service flaws were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off a network, or\n opened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284,\n CVE-2010-2286)\n\n Users of Wireshark should upgrade to these updated packages, which contain\n Wireshark version 1.0.15, and resolve these issues. All running instances\n of Wireshark must be restarted for the update to take effect.\";\n\ntag_affected = \"wireshark on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 3,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-August/msg00017.html\");\n script_id(870307);\n script_version(\"$Revision: 8153 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-18 07:30:39 +0100 (Mon, 18 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-13 14:24:53 +0200 (Fri, 13 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2010:0625-01\");\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2995\");\n script_name(\"RedHat Update for wireshark RHSA-2010:0625-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.15~1.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.15~1.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~EL3.1\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.15~EL3.1\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~EL3.1\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:24", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2011-02-04T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2011-0460", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2011-0444", "CVE-2010-2283", "CVE-2010-2286", "CVE-2011-0445"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:862831", "href": "http://plugins.openvas.org/nasl.php?oid=862831", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2011-0460\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a network traffic analyzer for Unix-ish operating systems.\n\n This package lays base for libpcap, a packet capture and filtering\n library, contains command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface is packaged\n separately to GTK+ package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Fedora 13\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053669.html\");\n script_id(862831);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-04 14:19:53 +0100 (Fri, 04 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-0460\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2011-0444\", \"CVE-2011-0445\");\n script_name(\"Fedora Update for wireshark FEDORA-2011-0460\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.14~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:50", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2011-05-05T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2011-5529", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2011-1590", "CVE-2010-2283", "CVE-2010-2286", "CVE-2011-1591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863056", "href": "http://plugins.openvas.org/nasl.php?oid=863056", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2011-5529\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a network traffic analyzer for Unix-ish operating systems.\n\n This package lays base for libpcap, a packet capture and filtering\n library, contains command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface is packaged\n separately to GTK+ package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Fedora 13\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html\");\n script_id(863056);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-05 07:14:22 +0200 (Thu, 05 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-5529\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2011-1590\", \"CVE-2011-1591\");\n script_name(\"Fedora Update for wireshark FEDORA-2011-5529\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.16~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:53:59", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-09-07T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2010-13416", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286", "CVE-2010-2993"], "modified": "2017-12-27T00:00:00", "id": "OPENVAS:1361412562310862371", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862371", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2010-13416\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a network traffic analyzer for Unix-ish operating systems.\n\n This package lays base for libpcap, a packet capture and filtering\n library, contains command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface is packaged\n separately to GTK+ package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Fedora 13\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-September/046957.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862371\");\n script_version(\"$Revision: 8250 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 08:29:15 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-07 07:38:40 +0200 (Tue, 07 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-13416\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2010-2995\", \"CVE-2010-2992\", \"CVE-2010-2993\");\n script_name(\"Fedora Update for wireshark FEDORA-2010-13416\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.10~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-14T11:48:22", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-09-07T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2010-13416", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286", "CVE-2010-2993"], "modified": "2017-12-14T00:00:00", "id": "OPENVAS:862371", "href": "http://plugins.openvas.org/nasl.php?oid=862371", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2010-13416\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a network traffic analyzer for Unix-ish operating systems.\n\n This package lays base for libpcap, a packet capture and filtering\n library, contains command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface is packaged\n separately to GTK+ package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Fedora 13\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-September/046957.html\");\n script_id(862371);\n script_version(\"$Revision: 8109 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-14 07:31:15 +0100 (Thu, 14 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-07 07:38:40 +0200 (Tue, 07 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-13416\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2010-2995\", \"CVE-2010-2992\", \"CVE-2010-2993\");\n script_name(\"Fedora Update for wireshark FEDORA-2010-13416\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.10~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-17T11:05:48", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-08-06T00:00:00", "type": "openvas", "title": "Mandriva Update for wireshark MDVSA-2010:144 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287"], "modified": "2018-01-16T00:00:00", "id": "OPENVAS:1361412562310831120", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831120", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for wireshark MDVSA-2010:144 (wireshark)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This advisory updates wireshark to the latest version(s), fixing\n several security issues:\n\n Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through\n 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack\n vectors (CVE-2010-2284).\n \n Buffer overflow in the SigComp Universal Decompressor Virtual Machine\n dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8\n has unknown impact and remote attack vectors (CVE-2010-2287).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-08/msg00000.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831120\");\n script_version(\"$Revision: 8438 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-16 18:38:23 +0100 (Tue, 16 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-06 10:34:50 +0200 (Fri, 06 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2010:144\");\n script_cve_id(\"CVE-2010-2284\", \"CVE-2010-2287\");\n script_name(\"Mandriva Update for wireshark MDVSA-2010:144 (wireshark)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-20T13:18:30", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-08-06T00:00:00", "type": "openvas", "title": "Mandriva Update for wireshark MDVSA-2010:144 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287"], "modified": "2017-12-19T00:00:00", "id": "OPENVAS:831120", "href": "http://plugins.openvas.org/nasl.php?oid=831120", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for wireshark MDVSA-2010:144 (wireshark)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This advisory updates wireshark to the latest version(s), fixing\n several security issues:\n\n Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through\n 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack\n vectors (CVE-2010-2284).\n \n Buffer overflow in the SigComp Universal Decompressor Virtual Machine\n dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8\n has unknown impact and remote attack vectors (CVE-2010-2287).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-08/msg00000.php\");\n script_id(831120);\n script_version(\"$Revision: 8164 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 07:30:41 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-06 10:34:50 +0200 (Fri, 06 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2010:144\");\n script_cve_id(\"CVE-2010-2284\", \"CVE-2010-2287\");\n script_name(\"Mandriva Update for wireshark MDVSA-2010:144 (wireshark)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-22T13:05:53", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-09-07T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2010-13427", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-1455", "CVE-2010-2992", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286", "CVE-2010-2993"], "modified": "2018-01-22T00:00:00", "id": "OPENVAS:1361412562310862360", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862360", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2010-13427\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a network traffic analyzer for Unix-ish operating systems.\n\n This package lays base for libpcap, a packet capture and filtering\n library, contains command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface is packaged\n separately to GTK+ package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Fedora 12\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-September/046962.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862360\");\n script_version(\"$Revision: 8485 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 08:57:57 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-07 07:38:40 +0200 (Tue, 07 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-13427\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2010-2995\", \"CVE-2010-1455\", \"CVE-2010-2992\", \"CVE-2010-2993\");\n script_name(\"Fedora Update for wireshark FEDORA-2010-13427\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.10~1.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:30", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-09-07T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2010-13427", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-1455", "CVE-2010-2992", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286", "CVE-2010-2993"], "modified": "2017-12-22T00:00:00", "id": "OPENVAS:862360", "href": "http://plugins.openvas.org/nasl.php?oid=862360", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2010-13427\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a network traffic analyzer for Unix-ish operating systems.\n\n This package lays base for libpcap, a packet capture and filtering\n library, contains command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface is packaged\n separately to GTK+ package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Fedora 12\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-September/046962.html\");\n script_id(862360);\n script_version(\"$Revision: 8226 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 07:30:26 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-07 07:38:40 +0200 (Tue, 07 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-13427\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2010-2995\", \"CVE-2010-1455\", \"CVE-2010-2992\", \"CVE-2010-2993\");\n script_name(\"Fedora Update for wireshark FEDORA-2010-13427\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.10~1.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-06-20T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2011-7858", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2174", "CVE-2010-2284", "CVE-2010-2287", "CVE-2011-2175", "CVE-2011-1959", "CVE-2010-2283", "CVE-2010-2286", "CVE-2011-1957", "CVE-2011-1958"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863282", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863282", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2011-7858\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863282\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-20 08:37:08 +0200 (Mon, 20 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-7858\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2011-2175\", \"CVE-2011-2174\", \"CVE-2011-1959\", \"CVE-2011-1957\", \"CVE-2011-1958\");\n script_name(\"Fedora Update for wireshark FEDORA-2011-7858\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"wireshark on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.17~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:30", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2011-06-20T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2011-7858", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2174", "CVE-2010-2284", "CVE-2010-2287", "CVE-2011-2175", "CVE-2011-1959", "CVE-2010-2283", "CVE-2010-2286", "CVE-2011-1957", "CVE-2011-1958"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863282", "href": "http://plugins.openvas.org/nasl.php?oid=863282", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2011-7858\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a network traffic analyzer for Unix-ish operating systems.\n\n This package lays base for libpcap, a packet capture and filtering\n library, contains command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface is packaged\n separately to GTK+ package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Fedora 13\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html\");\n script_id(863282);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-20 08:37:08 +0200 (Mon, 20 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-7858\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2011-2175\", \"CVE-2011-2174\", \"CVE-2011-1959\", \"CVE-2011-1957\", \"CVE-2011-1958\");\n script_name(\"Fedora Update for wireshark FEDORA-2011-7858\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.17~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-03-15T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2011-2620", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2283", "CVE-2010-2286", "CVE-2011-0713", "CVE-2011-1141", "CVE-2010-3445", "CVE-2011-1143", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-0538", "CVE-2011-1138"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310862907", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862907", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2011-2620\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862907\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-15 14:58:18 +0100 (Tue, 15 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-2620\");\n script_cve_id(\"CVE-2011-0538\", \"CVE-2010-3445\", \"CVE-2011-1143\", \"CVE-2011-1140\", \"CVE-2011-1141\", \"CVE-2011-1138\", \"CVE-2011-1139\", \"CVE-2011-0713\", \"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\");\n script_name(\"Fedora Update for wireshark FEDORA-2011-2620\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"wireshark on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.15~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:32", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2011-03-15T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2011-2620", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2283", "CVE-2010-2286", "CVE-2011-0713", "CVE-2011-1141", "CVE-2010-3445", "CVE-2011-1143", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-0538", "CVE-2011-1138"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:862907", "href": "http://plugins.openvas.org/nasl.php?oid=862907", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2011-2620\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a network traffic analyzer for Unix-ish operating systems.\n\n This package lays base for libpcap, a packet capture and filtering\n library, contains command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface is packaged\n separately to GTK+ package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Fedora 13\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html\");\n script_id(862907);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-15 14:58:18 +0100 (Tue, 15 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-2620\");\n script_cve_id(\"CVE-2011-0538\", \"CVE-2010-3445\", \"CVE-2011-1143\", \"CVE-2011-1140\", \"CVE-2011-1141\", \"CVE-2011-1138\", \"CVE-2011-1139\", \"CVE-2011-0713\", \"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\");\n script_name(\"Fedora Update for wireshark FEDORA-2011-2620\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.15~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:40:11", "description": "This host is installed with Wireshark and is prone to Denial of\n Service vulnerability.", "cvss3": {}, "published": "2010-06-22T00:00:00", "type": "openvas", "title": "Wireshark SMB dissector Denial of Service Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2283"], "modified": "2018-12-04T00:00:00", "id": "OPENVAS:1361412562310902196", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902196", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_wireshark_smb_dissector_dos_vuln_win.nasl 12653 2018-12-04 15:31:25Z cfischer $\n#\n# Wireshark SMB dissector Denial of Service Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902196\");\n script_version(\"$Revision: 12653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-04 16:31:25 +0100 (Tue, 04 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-22 13:34:32 +0200 (Tue, 22 Jun 2010)\");\n script_cve_id(\"CVE-2010-2283\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Wireshark SMB dissector Denial of Service Vulnerability (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/40112\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2010/1418\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-05.html\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-06.html\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2010/06/11/1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 SecPod\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow the attackers to crash an affected\n application.\");\n script_tag(name:\"affected\", value:\"Wireshark version 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8\");\n script_tag(name:\"insight\", value:\"The flaw is caused by a NULL pointer dereference error in the 'SMB' dissector,\n which could be exploited to crash an affected application via unknown vectors.\");\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 1.0.14 or 1.2.9:\");\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark and is prone to Denial of\n Service vulnerability.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download.html\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\nif(version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.8\") ||\n version_in_range(version:sharkVer, test_version:\"0.99.6\", test_version2:\"1.0.13\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-02T21:10:00", "description": "This host is installed with Wireshark and is prone to Denial of\n Service vulnerability.", "cvss3": {}, "published": "2010-06-22T00:00:00", "type": "openvas", "title": "Wireshark SMB dissector Denial of Service Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2283"], "modified": "2017-02-23T00:00:00", "id": "OPENVAS:902196", "href": "http://plugins.openvas.org/nasl.php?oid=902196", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_wireshark_smb_dissector_dos_vuln_win.nasl 5401 2017-02-23 09:46:07Z teissa $\n#\n# Wireshark SMB dissector Denial of Service Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow the attackers to crash an affected\n application.\n Impact Level: Application\";\ntag_affected = \"Wireshark version 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8\";\ntag_insight = \"The flaw is caused by a NULL pointer dereference error in the 'SMB' dissector,\n which could be exploited to crash an affected application via unknown vectors.\";\ntag_solution = \"Upgrade to Wireshark version 1.0.14 or 1.2.9:\n For updates refer to http://www.wireshark.org/download.html\";\ntag_summary = \"This host is installed with Wireshark and is prone to Denial of\n Service vulnerability.\";\n\nif(description)\n{\n script_id(902196);\n script_version(\"$Revision: 5401 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-23 10:46:07 +0100 (Thu, 23 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-22 13:34:32 +0200 (Tue, 22 Jun 2010)\");\n script_cve_id(\"CVE-2010-2283\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Wireshark SMB dissector Denial of Service Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/40112\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2010/1418\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-05.html\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-06.html\");\n script_xref(name : \"URL\" , value : \"http://www.openwall.com/lists/oss-security/2010/06/11/1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 SecPod\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_require_keys(\"Wireshark/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\n# Check for Wireshark version\nif(version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.8\") ||\n version_in_range(version:sharkVer, test_version:\"0.99.6\", test_version2:\"1.0.13\")){\n security_message(0);\n}\n", "cvss": {"score": 3.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:09", "description": "This host is installed with Wireshark and is prone to Denial of\n Service vulnerability.", "cvss3": {}, "published": "2010-06-22T00:00:00", "type": "openvas", "title": "Wireshark SigComp Universal Decompressor Virtual Machine dissector DOS Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2286"], "modified": "2018-12-04T00:00:00", "id": "OPENVAS:1361412562310902198", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902198", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_wireshark_sigcomp_dissector_dos_vuln_win.nasl 12653 2018-12-04 15:31:25Z cfischer $\n#\n# Wireshark SigComp Universal Decompressor Virtual Machine dissector DOS Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902198\");\n script_version(\"$Revision: 12653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-04 16:31:25 +0100 (Tue, 04 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-22 13:34:32 +0200 (Tue, 22 Jun 2010)\");\n script_cve_id(\"CVE-2010-2286\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Wireshark SigComp Universal Decompressor Virtual Machine dissector DOS Vulnerability (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/40112\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2010/1418\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-05.html\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-06.html\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2010/06/11/1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 SecPod\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow the attackers to crash an affected application.\");\n script_tag(name:\"affected\", value:\"Wireshark version 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8\");\n script_tag(name:\"insight\", value:\"The flaw is caused by an off-by-one error within the SigComp Universal\n Decompressor Virtual Machine, which could be exploited by attackers to\n crash an affected application or execute arbitrary code via unknown vectors.\");\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 1.0.14 or 1.2.9:\");\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark and is prone to Denial of\n Service vulnerability.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download.html\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\nif(version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.8\") ||\n version_in_range(version:sharkVer, test_version:\"0.10.7\", test_version2:\"1.0.13\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-02T21:09:51", "description": "This host is installed with Wireshark and is prone to Denial of\n Service vulnerability.", "cvss3": {}, "published": "2010-06-22T00:00:00", "type": "openvas", "title": "Wireshark SigComp Universal Decompressor Virtual Machine dissector DOS Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2286"], "modified": "2017-02-23T00:00:00", "id": "OPENVAS:902198", "href": "http://plugins.openvas.org/nasl.php?oid=902198", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_wireshark_sigcomp_dissector_dos_vuln_win.nasl 5401 2017-02-23 09:46:07Z teissa $\n#\n# Wireshark SigComp Universal Decompressor Virtual Machine dissector DOS Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow the attackers to crash an affected application.\n Impact Level: Application\";\ntag_affected = \"Wireshark version 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8\";\ntag_insight = \"The flaw is caused by an off-by-one error within the SigComp Universal\n Decompressor Virtual Machine, which could be exploited by attackers to\n crash an affected application or execute arbitrary code via unknown vectors.\";\ntag_solution = \"Upgrade to Wireshark version 1.0.14 or 1.2.9:\n For updates refer to http://www.wireshark.org/download.html\";\ntag_summary = \"This host is installed with Wireshark and is prone to Denial of\n Service vulnerability.\";\n\nif(description)\n{\n script_id(902198);\n script_version(\"$Revision: 5401 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-23 10:46:07 +0100 (Thu, 23 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-22 13:34:32 +0200 (Tue, 22 Jun 2010)\");\n script_cve_id(\"CVE-2010-2286\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Wireshark SigComp Universal Decompressor Virtual Machine dissector DOS Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/40112\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2010/1418\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-05.html\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-06.html\");\n script_xref(name : \"URL\" , value : \"http://www.openwall.com/lists/oss-security/2010/06/11/1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 SecPod\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_require_keys(\"Wireshark/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\n# Check for Wireshark version\nif(version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.8\") ||\n version_in_range(version:sharkVer, test_version:\"0.10.7\", test_version2:\"1.0.13\")){\n security_message(0);\n}\n", "cvss": {"score": 3.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:13", "description": "This host is installed with Wireshark and is prone to buffer overflow\n vulnerability.", "cvss3": {}, "published": "2010-06-22T00:00:00", "type": "openvas", "title": "Wireshark ASN.1 BER Dissector Buffer Overflow Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284"], "modified": "2018-12-04T00:00:00", "id": "OPENVAS:1361412562310902195", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902195", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_wireshark_asn_ber_dissector_bof_vuln_win.nasl 12653 2018-12-04 15:31:25Z cfischer $\n#\n# Wireshark ASN.1 BER Dissector Buffer Overflow Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902195\");\n script_version(\"$Revision: 12653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-04 16:31:25 +0100 (Tue, 04 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-22 13:34:32 +0200 (Tue, 22 Jun 2010)\");\n script_cve_id(\"CVE-2010-2284\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Wireshark ASN.1 BER Dissector Buffer Overflow Vulnerability (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/40112\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2010/1418\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-05.html\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-06.html\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2010/06/11/1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 SecPod\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name:\"impact\", value:\"It has unknown impact and remote attack vectors.\");\n script_tag(name:\"affected\", value:\"Wireshark version 0.10.13 to 1.0.13 and 1.2.0 to 1.2.8 on windows.\");\n script_tag(name:\"insight\", value:\"The flaw is caused by a buffer overflow error within the 'ASN.1 BER' dissector.\");\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 1.0.14 or 1.2.9:\");\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark and is prone to buffer overflow\n vulnerability.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download.html\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\nif(version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.8\") ||\n version_in_range(version:sharkVer, test_version:\"0.10.13\", test_version2:\"1.0.13\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:09:56", "description": "This host is installed with Wireshark and is prone to buffer overflow\n vulnerability.", "cvss3": {}, "published": "2010-06-22T00:00:00", "type": "openvas", "title": "Wireshark ASN.1 BER Dissector Buffer Overflow Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284"], "modified": "2017-02-23T00:00:00", "id": "OPENVAS:902195", "href": "http://plugins.openvas.org/nasl.php?oid=902195", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_wireshark_asn_ber_dissector_bof_vuln_win.nasl 5401 2017-02-23 09:46:07Z teissa $\n#\n# Wireshark ASN.1 BER Dissector Buffer Overflow Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"It has unknown impact and remote attack vectors.\n Impact Level: Application\";\ntag_affected = \"Wireshark version 0.10.13 to 1.0.13 and 1.2.0 to 1.2.8 on windows.\";\ntag_insight = \"The flaw is caused by a buffer overflow error within the 'ASN.1 BER' dissector.\";\ntag_solution = \"Upgrade to Wireshark version 1.0.14 or 1.2.9:\n For updates refer to http://www.wireshark.org/download.html\";\ntag_summary = \"This host is installed with Wireshark and is prone to buffer overflow\n vulnerability.\";\n\nif(description)\n{\n script_id(902195);\n script_version(\"$Revision: 5401 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-23 10:46:07 +0100 (Thu, 23 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-22 13:34:32 +0200 (Tue, 22 Jun 2010)\");\n script_cve_id(\"CVE-2010-2284\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Wireshark ASN.1 BER Dissector Buffer Overflow Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/40112\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2010/1418\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-05.html\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-06.html\");\n script_xref(name : \"URL\" , value : \"http://www.openwall.com/lists/oss-security/2010/06/11/1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 SecPod\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_require_keys(\"Wireshark/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\n# Grep for Wireshark version\nif(version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.8\") ||\n version_in_range(version:sharkVer, test_version:\"0.10.13\", test_version2:\"1.0.13\")){\n security_message(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:40:06", "description": "This host is installed with Wireshark and is prone to buffer overflow\n vulnerability.", "cvss3": {}, "published": "2010-06-22T00:00:00", "type": "openvas", "title": "Wireshark SigComp Universal Decompressor Virtual Machine dissector BOF Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2287"], "modified": "2018-12-04T00:00:00", "id": "OPENVAS:1361412562310902199", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902199", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_wireshark_sigcomp_dissector_bof_vuln_win.nasl 12653 2018-12-04 15:31:25Z cfischer $\n#\n# Wireshark SigComp Universal Decompressor Virtual Machine dissector BOF Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902199\");\n script_version(\"$Revision: 12653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-04 16:31:25 +0100 (Tue, 04 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-22 13:34:32 +0200 (Tue, 22 Jun 2010)\");\n script_cve_id(\"CVE-2010-2287\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Wireshark SigComp Universal Decompressor Virtual Machine dissector BOF Vulnerability (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/40112\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2010/1418\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-05.html\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-06.html\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2010/06/11/1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 SecPod\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name:\"impact\", value:\"It has unknown impact and remote attack vectors.\");\n script_tag(name:\"affected\", value:\"Wireshark version 0.10.8 to 1.0.13 and 1.2.0 to 1.2.8\");\n script_tag(name:\"insight\", value:\"The flaw is due to a buffer overflow error in the SigComp Universal\n Decompressor Virtual Machine dissector.\");\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 1.0.14 or 1.2.9:\");\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark and is prone to buffer overflow\n vulnerability.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download.html\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\nif(version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.8\") ||\n version_in_range(version:sharkVer, test_version:\"0.10.8\", test_version2:\"1.0.13\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:10:01", "description": "This host is installed with Wireshark and is prone to buffer overflow\n vulnerability.", "cvss3": {}, "published": "2010-06-22T00:00:00", "type": "openvas", "title": "Wireshark SigComp Universal Decompressor Virtual Machine dissector BOF Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2287"], "modified": "2017-02-23T00:00:00", "id": "OPENVAS:902199", "href": "http://plugins.openvas.org/nasl.php?oid=902199", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_wireshark_sigcomp_dissector_bof_vuln_win.nasl 5401 2017-02-23 09:46:07Z teissa $\n#\n# Wireshark SigComp Universal Decompressor Virtual Machine dissector BOF Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"It has unknown impact and remote attack vectors.\n Impact Level: Application\";\ntag_affected = \"Wireshark version 0.10.8 to 1.0.13 and 1.2.0 to 1.2.8\";\ntag_insight = \"The flaw is due to a buffer overflow error in the SigComp Universal\n Decompressor Virtual Machine dissector.\";\ntag_solution = \"Upgrade to Wireshark version 1.0.14 or 1.2.9:\n For updates refer to http://www.wireshark.org/download.html\";\ntag_summary = \"This host is installed with Wireshark and is prone to buffer overflow\n vulnerability.\";\n\nif(description)\n{\n script_id(902199);\n script_version(\"$Revision: 5401 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-23 10:46:07 +0100 (Thu, 23 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-22 13:34:32 +0200 (Tue, 22 Jun 2010)\");\n script_cve_id(\"CVE-2010-2287\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Wireshark SigComp Universal Decompressor Virtual Machine dissector BOF Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/40112\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2010/1418\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-05.html\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-06.html\");\n script_xref(name : \"URL\" , value : \"http://www.openwall.com/lists/oss-security/2010/06/11/1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 SecPod\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_require_keys(\"Wireshark/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\n# Check for Wireshark version\nif(version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.8\") ||\n version_in_range(version:sharkVer, test_version:\"0.10.8\", test_version2:\"1.0.13\")){\n security_message(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-01-14T00:00:00", "type": "openvas", "title": "RedHat Update for wireshark RHSA-2011:0013-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4538"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870376", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870376", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for wireshark RHSA-2011:0013-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-January/msg00004.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870376\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-14 16:07:43 +0100 (Fri, 14 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2011:0013-01\");\n script_cve_id(\"CVE-2010-4538\");\n script_name(\"RedHat Update for wireshark RHSA-2011:0013-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(5|4)\");\n script_tag(name:\"affected\", value:\"wireshark on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n An array index error, leading to a stack-based buffer overflow, was found\n in the Wireshark ENTTEC dissector. If Wireshark read a malformed packet off\n a network or opened a malicious dump file, it could crash or, possibly,\n execute arbitrary code as the user running Wireshark. (CVE-2010-4538)\n\n Users of Wireshark should upgrade to these updated packages, which contain\n a backported patch to correct this issue. All running instances of\n Wireshark must be restarted for the update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.15~1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.el4_8.3\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.15~1.el4_8.3\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.el4_8.3\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-01-14T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2011-0128", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4538"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310862792", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862792", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2011-0128\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053042.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862792\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-14 16:07:43 +0100 (Fri, 14 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-0128\");\n script_cve_id(\"CVE-2010-4538\");\n script_name(\"Fedora Update for wireshark FEDORA-2011-0128\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"wireshark on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.4.2~2.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:55:26", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2011-01-11T00:00:00", "type": "openvas", "title": "Mandriva Update for wireshark MDVSA-2011:002 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4538"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:831301", "href": "http://plugins.openvas.org/nasl.php?oid=831301", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for wireshark MDVSA-2011:002 (wireshark)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in wireshark:\n\n Buffer overflow in epan/dissectors/packet-enttec.c in Wireshark 1.4.2\n allows remote attackers to cause a denial of service (application\n crash) or possibly execute arbitrary code via a crafted ENTTEC DMX\n packet with Run Length Encoding (RLE) compression (CVE-2010-4538).\n \n The updated packages have been patched to correct this issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-01/msg00003.php\");\n script_id(831301);\n script_version(\"$Revision: 6570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)\");\n script_xref(name: \"MDVSA\", value: \"2011:002\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-4538\");\n script_name(\"Mandriva Update for wireshark MDVSA-2011:002 (wireshark)\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.15~0.3mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.15~0.3mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.15~0.3mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.15~0.3mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.15~0.3mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~0.3mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.15~0.3mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.15~0.3mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.15~0.3mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.2.13~0.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.2.13~0.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.2.13~0.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.2.13~0.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.2.13~0.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.13~0.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.2.13~0.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.2.13~0.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.2.13~0.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.2.13~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.2.13~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.2.13~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.2.13~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.2.13~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.13~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.2.13~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.2.13~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.2.13~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:57", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2011-01-31T00:00:00", "type": "openvas", "title": "CentOS Update for wireshark CESA-2011:0013 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4538"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880466", "href": "http://plugins.openvas.org/nasl.php?oid=880466", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for wireshark CESA-2011:0013 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n An array index error, leading to a stack-based buffer overflow, was found\n in the Wireshark ENTTEC dissector. If Wireshark read a malformed packet off\n a network or opened a malicious dump file, it could crash or, possibly,\n execute arbitrary code as the user running Wireshark. (CVE-2010-4538)\n \n Users of Wireshark should upgrade to these updated packages, which contain\n a backported patch to correct this issue. All running instances of\n Wireshark must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-January/017241.html\");\n script_id(880466);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-31 15:15:14 +0100 (Mon, 31 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2011:0013\");\n script_cve_id(\"CVE-2010-4538\");\n script_name(\"CentOS Update for wireshark CESA-2011:0013 centos4 i386\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.el4_8.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.el4_8.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:41", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2011-01-14T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2011-0128", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4538"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:862792", "href": "http://plugins.openvas.org/nasl.php?oid=862792", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2011-0128\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a network traffic analyzer for Unix-ish operating systems.\n\n This package lays base for libpcap, a packet capture and filtering\n library, contains command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface is packaged\n separately to GTK+ package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Fedora 14\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053042.html\");\n script_id(862792);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-14 16:07:43 +0100 (Fri, 14 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-0128\");\n script_cve_id(\"CVE-2010-4538\");\n script_name(\"Fedora Update for wireshark FEDORA-2011-0128\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.4.2~2.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-04T14:20:14", "description": "This host is installed with Wireshark and is prone to buffer\n overflow vulnerability.", "cvss3": {}, "published": "2011-01-27T00:00:00", "type": "openvas", "title": "Wireshark ENTTEC DMX Data RLE Buffer Overflow Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4538"], "modified": "2017-08-29T00:00:00", "id": "OPENVAS:801828", "href": "http://plugins.openvas.org/nasl.php?oid=801828", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_enttec_dmx_data_rle_bof_vuln_win.nasl 7019 2017-08-29 11:51:27Z teissa $\n#\n# Wireshark ENTTEC DMX Data RLE Buffer Overflow Vulnerability (Windows)\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to create a denial of service\n or execute arbitrary code.\n Impact Level: Application\";\ntag_affected = \"Wireshark version 1.4.2\";\ntag_insight = \"The flaw is caused by a boundary error in the 'dissect_enttec_dmx_data()'\n function when processing RLE Compressed DMX data of the ENTTEC protocol\n which can be exploited to cause a buffer overflow via a specially crafted\n packet.\";\ntag_solution = \"Upgrade to the latest version of Wireshark 1.4.3,\n For updates refer to http://www.wireshark.org/download\";\ntag_summary = \"This host is installed with Wireshark and is prone to buffer\n overflow vulnerability.\";\n\nif(description)\n{\n script_id(801828);\n script_version(\"$Revision: 7019 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-29 13:51:27 +0200 (Tue, 29 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-27 07:47:27 +0100 (Thu, 27 Jan 2011)\");\n script_cve_id(\"CVE-2010-4538\");\n script_bugtraq_id(45634);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Wireshark ENTTEC DMX Data RLE Buffer Overflow Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/42767\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2011/0079\");\n script_xref(name : \"URL\" , value : \"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5539\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"SMB/WindowsVersion\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Confirm Windows\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\n## Check Wireshark version 1.4.2\nif(version_is_equal(version:sharkVer, test_version:\"1.4.2\")){\n security_message(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:38", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-01-31T00:00:00", "type": "openvas", "title": "CentOS Update for wireshark CESA-2011:0013 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4538"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880466", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880466", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for wireshark CESA-2011:0013 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-January/017241.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880466\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-31 15:15:14 +0100 (Mon, 31 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2011:0013\");\n script_cve_id(\"CVE-2010-4538\");\n script_name(\"CentOS Update for wireshark CESA-2011:0013 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"wireshark on CentOS 4\");\n script_tag(name:\"insight\", value:\"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n An array index error, leading to a stack-based buffer overflow, was found\n in the Wireshark ENTTEC dissector. If Wireshark read a malformed packet off\n a network or opened a malicious dump file, it could crash or, possibly,\n execute arbitrary code as the user running Wireshark. (CVE-2010-4538)\n\n Users of Wireshark should upgrade to these updated packages, which contain\n a backported patch to correct this issue. All running instances of\n Wireshark must be restarted for the update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.el4_8.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.el4_8.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-27T19:22:48", "description": "This host is installed with Wireshark and is prone to buffer\n overflow vulnerability.", "cvss3": {}, "published": "2011-01-27T00:00:00", "type": "openvas", "title": "Wireshark ENTTEC DMX Data RLE Buffer Overflow Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4538"], "modified": "2020-04-23T00:00:00", "id": "OPENVAS:1361412562310801828", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801828", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Wireshark ENTTEC DMX Data RLE Buffer Overflow Vulnerability (Windows)\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801828\");\n script_version(\"2020-04-23T08:43:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-23 08:43:39 +0000 (Thu, 23 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-01-27 07:47:27 +0100 (Thu, 27 Jan 2011)\");\n script_cve_id(\"CVE-2010-4538\");\n script_bugtraq_id(45634);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Wireshark ENTTEC DMX Data RLE Buffer Overflow Vulnerability (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/42767\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2011/0079\");\n script_xref(name:\"URL\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5539\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to create a denial of service\n or execute arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 1.4.2.\");\n\n script_tag(name:\"insight\", value:\"The flaw is caused by a boundary error in the 'dissect_enttec_dmx_data()'\n function when processing RLE Compressed DMX data of the ENTTEC protocol\n which can be exploited to cause a buffer overflow via a specially crafted packet.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the latest version of Wireshark 1.4.3.\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark and is prone to buffer\n overflow vulnerability.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\nif(version_is_equal(version:sharkVer, test_version:\"1.4.2\")){\n report = report_fixed_ver(installed_version:sharkVer, vulnerable_range:\"Equal to 1.4.2\");\n security_message(port: 0, data: report);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:31", "description": "The remote host is missing an update to wireshark\nannounced via advisory DSA 2144-1.", "cvss3": {}, "published": "2011-03-07T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2144-1 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4538"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231068985", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231068985", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2144_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2144-1 (wireshark)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.68985\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 16:04:02 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-4538\");\n script_name(\"Debian Security Advisory DSA 2144-1 (wireshark)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(5|6)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202144-1\");\n script_tag(name:\"insight\", value:\"It was discovered that a buffer overflow in the ENTTEC dissector may\nlead to the execution of arbitrary code.\n\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.0.2-3+lenny12.\n\nFor the testing distribution (squeeze), this problem has been fixed in\nversion 1.2.11-6.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.2.11-6.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your wireshark packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to wireshark\nannounced via advisory DSA 2144-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"tshark\", ver:\"1.0.2-3+lenny12\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.0.2-3+lenny12\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.0.2-3+lenny12\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.0.2-3+lenny12\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tshark\", ver:\"1.2.11-6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.2.11-6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.2.11-6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark-dbg\", ver:\"1.2.11-6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.2.11-6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for wireshark CESA-2011:0013 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4538"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881253", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881253", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for wireshark CESA-2011:0013 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-January/017242.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881253\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:12:05 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2010-4538\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2011:0013\");\n script_name(\"CentOS Update for wireshark CESA-2011:0013 centos4 x86_64\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"wireshark on CentOS 4\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n An array index error, leading to a stack-based buffer overflow, was found\n in the Wireshark ENTTEC dissector. If Wireshark read a malformed packet off\n a network or opened a malicious dump file, it could crash or, possibly,\n execute arbitrary code as the user running Wireshark. (CVE-2010-4538)\n\n Users of Wireshark should upgrade to these updated packages, which contain\n a backported patch to correct this issue. All running instances of\n Wireshark must be restarted for the update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.el4_8.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.el4_8.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-27T10:55:00", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2011-01-14T00:00:00", "type": "openvas", "title": "RedHat Update for wireshark RHSA-2011:0013-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4538"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870376", "href": "http://plugins.openvas.org/nasl.php?oid=870376", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for wireshark RHSA-2011:0013-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n An array index error, leading to a stack-based buffer overflow, was found\n in the Wireshark ENTTEC dissector. If Wireshark read a malformed packet off\n a network or opened a malicious dump file, it could crash or, possibly,\n execute arbitrary code as the user running Wireshark. (CVE-2010-4538)\n \n Users of Wireshark should upgrade to these updated packages, which contain\n a backported patch to correct this issue. All running instances of\n Wireshark must be restarted for the update to take effect.\";\n\ntag_affected = \"wireshark on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-January/msg00004.html\");\n script_id(870376);\n script_version(\"$Revision: 6685 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-14 16:07:43 +0100 (Fri, 14 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2011:0013-01\");\n script_cve_id(\"CVE-2010-4538\");\n script_name(\"RedHat Update for wireshark RHSA-2011:0013-01\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.15~1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.el4_8.3\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.15~1.el4_8.3\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.el4_8.3\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:45", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-01-11T00:00:00", "type": "openvas", "title": "Mandriva Update for wireshark MDVSA-2011:002 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4538"], "modified": "2019-03-14T00:00:00", "id": "OPENVAS:1361412562310831301", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831301", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for wireshark MDVSA-2011:002 (wireshark)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-01/msg00003.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831301\");\n script_version(\"$Revision: 14188 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 15:14:02 +0100 (Thu, 14 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)\");\n script_xref(name:\"MDVSA\", value:\"2011:002\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-4538\");\n script_name(\"Mandriva Update for wireshark MDVSA-2011:002 (wireshark)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(mes5|2010\\.1|2010\\.0)\");\n script_tag(name:\"affected\", value:\"wireshark on Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"insight\", value:\"A vulnerability has been found and corrected in wireshark:\n\n Buffer overflow in epan/dissectors/packet-enttec.c in Wireshark 1.4.2\n allows remote attackers to cause a denial of service (application\n crash) or possibly execute arbitrary code via a crafted ENTTEC DMX\n packet with Run Length Encoding (RLE) compression (CVE-2010-4538).\n\n The updated packages have been patched to correct this issue.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.15~0.3mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.15~0.3mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.15~0.3mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.15~0.3mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.15~0.3mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~0.3mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.15~0.3mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.15~0.3mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.15~0.3mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.2.13~0.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.2.13~0.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.2.13~0.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.2.13~0.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.2.13~0.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.13~0.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.2.13~0.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.2.13~0.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.2.13~0.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.2.13~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.2.13~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.2.13~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.2.13~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.2.13~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.13~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.2.13~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.2.13~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.2.13~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:55:33", "description": "The remote host is missing an update to wireshark\nannounced via advisory DSA 2144-1.", "cvss3": {}, "published": "2011-03-07T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2144-1 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4538"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:68985", "href": "http://plugins.openvas.org/nasl.php?oid=68985", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2144_1.nasl 6613 2017-07-07 12:08:40Z cfischer $\n# Description: Auto-generated from advisory DSA 2144-1 (wireshark)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that a buffer overflow in the ENTTEC dissector may\nlead to the execution of arbitrary code.\n\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.0.2-3+lenny12.\n\nFor the testing distribution (squeeze), this problem has been fixed in\nversion 1.2.11-6.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.2.11-6.\n\nWe recommend that you upgrade your wireshark packages.\";\ntag_summary = \"The remote host is missing an update to wireshark\nannounced via advisory DSA 2144-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202144-1\";\n\n\nif(description)\n{\n script_id(68985);\n script_version(\"$Revision: 6613 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:40 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 16:04:02 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-4538\");\n script_name(\"Debian Security Advisory DSA 2144-1 (wireshark)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"tshark\", ver:\"1.0.2-3+lenny12\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.0.2-3+lenny12\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.0.2-3+lenny12\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.0.2-3+lenny12\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tshark\", ver:\"1.2.11-6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.2.11-6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.2.11-6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-dbg\", ver:\"1.2.11-6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.2.11-6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:57:30", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for wireshark CESA-2011:0013 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4538"], "modified": "2017-12-29T00:00:00", "id": "OPENVAS:881253", "href": "http://plugins.openvas.org/nasl.php?oid=881253", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for wireshark CESA-2011:0013 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n An array index error, leading to a stack-based buffer overflow, was found\n in the Wireshark ENTTEC dissector. If Wireshark read a malformed packet off\n a network or opened a malicious dump file, it could crash or, possibly,\n execute arbitrary code as the user running Wireshark. (CVE-2010-4538)\n\n Users of Wireshark should upgrade to these updated packages, which contain\n a backported patch to correct this issue. All running instances of\n Wireshark must be restarted for the update to take effect.\";\n\ntag_affected = \"wireshark on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-January/017242.html\");\n script_id(881253);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:12:05 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2010-4538\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2011:0013\");\n script_name(\"CentOS Update for wireshark CESA-2011:0013 centos4 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.el4_8.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.el4_8.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:24", "description": "Oracle Linux Local Security Checks ELSA-2011-0013", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-0013", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4300", "CVE-2010-3445", "CVE-2010-4538"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122284", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122284", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-0013.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122284\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:15:58 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-0013\");\n script_tag(name:\"insight\", value:\"ELSA-2011-0013 - wireshark security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-0013\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-0013.html\");\n script_cve_id(\"CVE-2010-3445\", \"CVE-2010-4300\", \"CVE-2010-4538\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.0.1.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.0.1.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.13~1.0.1.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"wireshark-devel\", rpm:\"wireshark-devel~1.2.13~1.0.1.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.2.13~1.0.1.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:31", "description": "The remote host is missing updates announced in\nadvisory GLSA 201110-02.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201110-02 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0024", "CVE-2010-2285", "CVE-2011-1142", "CVE-2011-1592", "CVE-2011-2174", "CVE-2011-3482", "CVE-2010-2284", "CVE-2010-2287", "CVE-2011-2175", "CVE-2011-1590", "CVE-2011-3360", "CVE-2011-1959", "CVE-2011-2597", "CVE-2011-2698", "CVE-2011-0444", "CVE-2010-2992", "CVE-2010-4300", "CVE-2010-3133", "CVE-2011-3483", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286", "CVE-2011-0713", "CVE-2011-1957", "CVE-2010-4301", "CVE-2011-1141", "CVE-2010-3445", "CVE-2011-1143", "CVE-2010-4538", "CVE-2011-3266", "CVE-2010-2993", "CVE-2011-1139", "CVE-2011-1956", "CVE-2011-1140", "CVE-2010-2994", "CVE-2011-0538", "CVE-2011-1958", "CVE-2011-1138", "CVE-2011-1591", "CVE-2011-0445"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:136141256231070765", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070765", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201110_02.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70765\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2992\", \"CVE-2010-2993\", \"CVE-2010-2994\", \"CVE-2010-2995\", \"CVE-2010-3133\", \"CVE-2010-3445\", \"CVE-2010-4300\", \"CVE-2010-4301\", \"CVE-2010-4538\", \"CVE-2011-0024\", \"CVE-2011-0444\", \"CVE-2011-0445\", \"CVE-2011-0538\", \"CVE-2011-0713\", \"CVE-2011-1138\", \"CVE-2011-1139\", \"CVE-2011-1140\", \"CVE-2011-1141\", \"CVE-2011-1142\", \"CVE-2011-1143\", \"CVE-2011-1590\", \"CVE-2011-1591\", \"CVE-2011-1592\", \"CVE-2011-1956\", \"CVE-2011-1957\", \"CVE-2011-1958\", \"CVE-2011-1959\", \"CVE-2011-2174\", \"CVE-2011-2175\", \"CVE-2011-2597\", \"CVE-2011-2698\", \"CVE-2011-3266\", \"CVE-2011-3360\", \"CVE-2011-3482\", \"CVE-2011-3483\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 10:04:38 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201110-02 (wireshark)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities in Wireshark allow for the remote\n execution of arbitrary code, or a Denial of Service condition.\");\n script_tag(name:\"solution\", value:\"All Wireshark users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/wireshark-1.4.9'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201110-02\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=323859\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=330479\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=339401\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=346191\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=350551\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=354197\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=357237\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=363895\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=369683\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=373961\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=381551\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=383823\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=386179\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201110-02.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"net-analyzer/wireshark\", unaffected: make_list(\"ge 1.4.9\"), vulnerable: make_list(\"lt 1.4.9\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:50:48", "description": "The remote host is missing updates announced in\nadvisory GLSA 201110-02.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201110-02 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0024", "CVE-2010-2285", "CVE-2011-1142", "CVE-2011-1592", "CVE-2011-2174", "CVE-2011-3482", "CVE-2010-2284", "CVE-2010-2287", "CVE-2011-2175", "CVE-2011-1590", "CVE-2011-3360", "CVE-2011-1959", "CVE-2011-2597", "CVE-2011-2698", "CVE-2011-0444", "CVE-2010-2992", "CVE-2010-4300", "CVE-2010-3133", "CVE-2011-3483", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286", "CVE-2011-0713", "CVE-2011-1957", "CVE-2010-4301", "CVE-2011-1141", "CVE-2010-3445", "CVE-2011-1143", "CVE-2010-4538", "CVE-2011-3266", "CVE-2010-2993", "CVE-2011-1139", "CVE-2011-1956", "CVE-2011-1140", "CVE-2010-2994", "CVE-2011-0538", "CVE-2011-1958", "CVE-2011-1138", "CVE-2011-1591", "CVE-2011-0445"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:70765", "href": "http://plugins.openvas.org/nasl.php?oid=70765", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities in Wireshark allow for the remote\n execution of arbitrary code, or a Denial of Service condition.\";\ntag_solution = \"All Wireshark users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/wireshark-1.4.9'\n \n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201110-02\nhttp://bugs.gentoo.org/show_bug.cgi?id=323859\nhttp://bugs.gentoo.org/show_bug.cgi?id=330479\nhttp://bugs.gentoo.org/show_bug.cgi?id=339401\nhttp://bugs.gentoo.org/show_bug.cgi?id=346191\nhttp://bugs.gentoo.org/show_bug.cgi?id=350551\nhttp://bugs.gentoo.org/show_bug.cgi?id=354197\nhttp://bugs.gentoo.org/show_bug.cgi?id=357237\nhttp://bugs.gentoo.org/show_bug.cgi?id=363895\nhttp://bugs.gentoo.org/show_bug.cgi?id=369683\nhttp://bugs.gentoo.org/show_bug.cgi?id=373961\nhttp://bugs.gentoo.org/show_bug.cgi?id=381551\nhttp://bugs.gentoo.org/show_bug.cgi?id=383823\nhttp://bugs.gentoo.org/show_bug.cgi?id=386179\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201110-02.\";\n\n \n \nif(description)\n{\n script_id(70765);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2992\", \"CVE-2010-2993\", \"CVE-2010-2994\", \"CVE-2010-2995\", \"CVE-2010-3133\", \"CVE-2010-3445\", \"CVE-2010-4300\", \"CVE-2010-4301\", \"CVE-2010-4538\", \"CVE-2011-0024\", \"CVE-2011-0444\", \"CVE-2011-0445\", \"CVE-2011-0538\", \"CVE-2011-0713\", \"CVE-2011-1138\", \"CVE-2011-1139\", \"CVE-2011-1140\", \"CVE-2011-1141\", \"CVE-2011-1142\", \"CVE-2011-1143\", \"CVE-2011-1590\", \"CVE-2011-1591\", \"CVE-2011-1592\", \"CVE-2011-1956\", \"CVE-2011-1957\", \"CVE-2011-1958\", \"CVE-2011-1959\", \"CVE-2011-2174\", \"CVE-2011-2175\", \"CVE-2011-2597\", \"CVE-2011-2698\", \"CVE-2011-3266\", \"CVE-2011-3360\", \"CVE-2011-3482\", \"CVE-2011-3483\");\n script_version(\"$Revision: 6593 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:18:14 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 10:04:38 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201110-02 (wireshark)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"net-analyzer/wireshark\", unaffected: make_list(\"ge 1.4.9\"), vulnerable: make_list(\"lt 1.4.9\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "cvss3": {}, "published": "2011-01-13T23:31:35", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: wireshark-1.2.13-2.fc13", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-4538"], "modified": "2011-01-13T23:31:35", "id": "FEDORA:77FD910F9EE", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/BNGPBH4YOVMLE2CV3PFSRSQ5NDF6C4RU/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "cvss3": {}, "published": "2011-02-02T19:29:59", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: wireshark-1.2.14-1.fc13", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2011-0444", "CVE-2011-0445"], "modified": "2011-02-02T19:29:59", "id": "FEDORA:B6CC8110BFF", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QW3PKY6YV2DU7UXON325A7SY2LJNNGBA/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "cvss3": {}, "published": "2011-04-26T21:52:59", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: wireshark-1.2.16-1.fc13", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2011-1590", "CVE-2011-1591"], "modified": "2011-04-26T21:52:59", "id": "FEDORA:5ED55110E1C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/2GN5O5AMS35QRYGUGD2HN2GMV45ZQQ33/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "cvss3": {}, "published": "2010-09-02T20:45:30", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: wireshark-1.2.10-1.fc13", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2995"], "modified": "2010-09-02T20:45:30", "id": "FEDORA:C0E72110A4E", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/6ISTV7Z6IY7QFNYIIIQETVRSIB4LXMVO/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "cvss3": {}, "published": "2010-09-02T20:47:13", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: wireshark-1.2.10-1.fc12", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2995"], "modified": "2010-09-02T20:47:13", "id": "FEDORA:22127110B4B", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/S7HT3OF5LY4L6YTBUNYNRCQVKUA5ZFHV/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "cvss3": {}, "published": "2011-06-15T05:45:17", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: wireshark-1.2.17-1.fc13", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2011-1957", "CVE-2011-1958", "CVE-2011-1959", "CVE-2011-2174", "CVE-2011-2175"], "modified": "2011-06-15T05:45:17", "id": "FEDORA:A487811127C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/DH7SM423CBN7HHI7QFNVCHYJPE2B45YD/", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "cvss3": {}, "published": "2011-03-11T20:56:24", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: wireshark-1.2.15-1.fc13", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-3445", "CVE-2011-0538", "CVE-2011-0713", "CVE-2011-1138", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-1141", "CVE-2011-1143"], "modified": "2011-03-11T20:56:24", "id": "FEDORA:C7FE910F926", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4CUFPCJPSKBZP2KVOQZ5CMO5WZW6EGHW/", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "cvss3": {}, "published": "2011-01-13T23:28:44", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: wireshark-1.4.2-2.fc14", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4538"], "modified": "2011-01-13T23:28:44", "id": "FEDORA:D2EFB110701", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/7YORW2UFIMSP7TRB4PQTTYLUTM226M4W/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2021-10-22T00:33:46", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2066-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nJuly 01, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : wireshark\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2010-2283 CVE-2010-2284 CVE-2010-2285 CVE-2010-2286 CVE-2010-2287\n\nSeveral remote vulnerabilities have been discovered in the Wireshark\nnetwork traffic analyzer. It was discovered that null pointer\ndereferences, buffer overflows and infinite loops in the SMB, SMB\nPIPE, ASN1.1 and SigComp dissectors could lead to denial of service\nor the execution of arbitrary code.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.0.2-3+lenny9.\n\nFor the upcoming stable distribution (squeeze) and the unstable \ndistribution (sid), these problems have been fixed in version \n1.2.9-1.\n\nWe recommend that you upgrade your wireshark packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9.diff.gz\n Size/MD5 checksum: 117318 c57282dba42788631eb9b2aafcb795b9\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2.orig.tar.gz\n Size/MD5 checksum: 16935492 1834437f7c6dbed02082e7757133047d\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9.dsc\n Size/MD5 checksum: 1502 0e98ce69fc13ab36557c65c07b4b75ba\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_alpha.deb\n Size/MD5 checksum: 569930 cfa45c83e5c9c44920e7aefc02953806\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_alpha.deb\n Size/MD5 checksum: 731110 e311e7e59bc6e610e8168036a5690de0\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_alpha.deb\n Size/MD5 checksum: 12097910 56e87a8f98c6226ad760fed96a49da02\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_alpha.deb\n Size/MD5 checksum: 126986 eac9483ae6b2788128ed22939aaa2065\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_amd64.deb\n Size/MD5 checksum: 659816 6fac5122d24f4941f15a9ad73498b639\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_amd64.deb\n Size/MD5 checksum: 582426 0a20dce55ed1f2d1ebd7ce85c56c9cec\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_amd64.deb\n Size/MD5 checksum: 11866064 9056a2c4b1de908c83a2eee224bb4c5a\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_amd64.deb\n Size/MD5 checksum: 118542 b91639fd75d0f01f0b635d2906466fa7\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_arm.deb\n Size/MD5 checksum: 10214918 247e1109f87d9eef35014125b5c0d684\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_arm.deb\n Size/MD5 checksum: 111240 509b7ad83c455e51502e421671190f08\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_arm.deb\n Size/MD5 checksum: 614378 e61a1effec42a968416f55eb39184d34\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_arm.deb\n Size/MD5 checksum: 584478 a8f8d82419846731c5a9143a0e42df74\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_armel.deb\n Size/MD5 checksum: 620384 e61474b8f78057891851e809470416c1\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_armel.deb\n Size/MD5 checksum: 583854 0bb327530c4e5ec401a5074d03c19108\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_armel.deb\n Size/MD5 checksum: 10219204 474007b931f7f7c8a516bde4ad166b39\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_armel.deb\n Size/MD5 checksum: 113084 2bbf09b9deaa7be1e04390cdad71e8dc\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_hppa.deb\n Size/MD5 checksum: 584110 b2a9a17505cf8e53d3a94ff3a483995c\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_hppa.deb\n Size/MD5 checksum: 694798 e9d0705311d2a1797c10f1035a05f116\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_hppa.deb\n Size/MD5 checksum: 121114 c30b842eb86c1af2440714dc86a383a5\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_hppa.deb\n Size/MD5 checksum: 13272482 2dfafdb7cf34a776fd6ec90adcd8a3a8\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_i386.deb\n Size/MD5 checksum: 10113068 09efb0fca5f46ba65beee175b934ba13\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_i386.deb\n Size/MD5 checksum: 111900 c46f23005c23bdcb7ca95bd8f4d57efd\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_i386.deb\n Size/MD5 checksum: 569932 e2201aaa7f040869e4ac6878781ad4dc\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_i386.deb\n Size/MD5 checksum: 619470 dbba8e61a068df42a854b765189fee43\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_ia64.deb\n Size/MD5 checksum: 13687486 606d272c4f0abbb1e9f983595d8b9c81\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_ia64.deb\n Size/MD5 checksum: 569910 4e3071a28cfbcd5cbe1a3be145cb66ec\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_ia64.deb\n Size/MD5 checksum: 930118 859a8f3701e985ebfbeb2dfbfb15c348\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_ia64.deb\n Size/MD5 checksum: 154074 284194d7a3ffeaa3b64c55eecddad25d\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_mips.deb\n Size/MD5 checksum: 637126 c9fd33097e71f8538744cfe81796dc37\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_mips.deb\n Size/MD5 checksum: 584124 235c303d91ced163d2bdb4783ed1c1b0\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_mips.deb\n Size/MD5 checksum: 113080 5d83644584a5dd00cf7c9f1d6f2c5bd7\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_mips.deb\n Size/MD5 checksum: 10423592 e5bedaac3c39ba6ab485f6cdafe2430f\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_mipsel.deb\n Size/MD5 checksum: 627100 a53c5133cec97a7020884c6fe5c1f30e\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_mipsel.deb\n Size/MD5 checksum: 9729878 e0c65c8bc125f0613e6d68125813d5bb\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_mipsel.deb\n Size/MD5 checksum: 569970 d4d5c23b486bd3699d01ea8fa2f95e99\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_mipsel.deb\n Size/MD5 checksum: 113396 23b6778041b23721b0819bf9042b70bb\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_powerpc.deb\n Size/MD5 checksum: 584576 b31cb071b70d16de97ad4e9211cc9442\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_powerpc.deb\n Size/MD5 checksum: 677432 6ecabe572aa78465c7bf298be6d534d4\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_powerpc.deb\n Size/MD5 checksum: 123124 523f75e5f1cb8685bbc0475a939a9b0c\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_powerpc.deb\n Size/MD5 checksum: 11228652 99688c83a5951441f09c4f8b0a6f3c20\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_s390.deb\n Size/MD5 checksum: 122294 2a42d6fedac978f4ddaebf5a1ec35b92\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_s390.deb\n Size/MD5 checksum: 671216 f04ef7a93b80c097edf2c55b11843521\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_s390.deb\n Size/MD5 checksum: 584780 73c011dc1581e92c2a4a12a8d8b4b70c\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_s390.deb\n Size/MD5 checksum: 12487580 0ba627e0d6df4bdc3422618a6450c2d1\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny9_sparc.deb\n Size/MD5 checksum: 113460 d1b06ded2ea44e26d44ab7424bb1f174\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny9_sparc.deb\n Size/MD5 checksum: 583604 3a4187d54fb747638bdfbeeffb9d2418\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny9_sparc.deb\n Size/MD5 checksum: 11286898 4fcc47f9836da934431dce9840a50278\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny9_sparc.deb\n Size/MD5 checksum: 629518 6f3df69e45a48f5845a360f2b709d150\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2010-07-01T19:42:45", "type": "debian", "title": "[SECURITY] [DSA 2066-1] New wireshark packages fix several vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287"], "modified": "2010-07-01T19:42:45", "id": "DEBIAN:DSA-2066-1:00B62", "href": "https://lists.debian.org/debian-security-announce/2010/msg00110.html", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-22T00:29:06", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2144-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nJanuary 15, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : wireshark\nVulnerability : buffer overflow\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2010-4538\n\nIt was discovered that a buffer overflow in the ENTTEC dissector may \nlead to the execution of arbitrary code.\n\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.0.2-3+lenny12.\n\nFor the testing distribution (squeeze), this problem has been fixed in\nversion 1.2.11-6.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.2.11-6.\n\nWe recommend that you upgrade your wireshark packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2011-01-15T00:42:02", "type": "debian", "title": "[SECURITY] [DSA 2144-1] Security update for wireshark", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4538"], "modified": "2011-01-15T00:42:02", "id": "DEBIAN:DSA-2144-1:DEDCB", "href": "https://lists.debian.org/debian-security-announce/2011/msg00008.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-08-19T13:04:03", "description": "The installed version of Wireshark or Ethereal is potentially affected by multiple vulnerabilities. \n\n - The SMB dissector can be affected by a NULL pointer dereference. (Bug 4734)\n\n - The ANS.1 BER dissector can be affected by a buffer overflow.\n\n - The SMB PIPE dissector can be affected by a NULL pointer dereference on some platforms.\n\n - The SigComp Universal Decompressor Virtual Machine can be affected by an infinite loop or a buffer overflow.\n (Bug 4826, 4837)", "cvss3": {"score": null, "vector": null}, "published": "2010-06-11T00:00:00", "type": "nessus", "title": "Wireshark / Ethereal < 1.0.14 / 1.2.9 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287"], "modified": "2018-08-07T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_1_2_9.NASL", "href": "https://www.tenable.com/plugins/nessus/46864", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(46864);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2018/08/07 11:56:12\");\n\n script_cve_id(\n \"CVE-2010-2283\",\n \"CVE-2010-2284\",\n \"CVE-2010-2285\",\n \"CVE-2010-2286\",\n \"CVE-2010-2287\"\n );\n script_bugtraq_id(40728, 42618);\n script_xref(name:\"Secunia\", value:\"40112\");\n\n script_name(english:\"Wireshark / Ethereal < 1.0.14 / 1.2.9 Multiple Vulnerabilities\");\n script_summary(english:\"Does a version check\");\n\n script_set_attribute(attribute:\"synopsis\",value:\n\"The remote host has an application that is affected by multiple\nvulnerabilities.\"\n );\n script_set_attribute(attribute:\"description\",value:\n\"The installed version of Wireshark or Ethereal is potentially\naffected by multiple vulnerabilities. \n\n - The SMB dissector can be affected by a NULL pointer\n dereference. (Bug 4734)\n\n - The ANS.1 BER dissector can be affected by a buffer\n overflow.\n\n - The SMB PIPE dissector can be affected by a NULL pointer\n dereference on some platforms.\n\n - The SigComp Universal Decompressor Virtual Machine can\n be affected by an infinite loop or a buffer overflow.\n (Bug 4826, 4837)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.wireshark.org/security/wnpa-sec-2010-05.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.wireshark.org/security/wnpa-sec-2010-06.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Upgrade to Wireshark version 1.0.14 / 1.2.9 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/11\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"SMB/Wireshark/Installed\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\n\n# Check each install.\ninstalls = get_kb_list(\"SMB/Wireshark/*\");\nif (isnull(installs)) exit(0, \"The 'SMB/Wireshark/*' KB items are missing.\");\n\ninfo = \"\";\ninfo2 = \"\";\nforeach install(keys(installs))\n{\n if (\"/Installed\" >< install) continue;\n\n version = install - \"SMB/Wireshark/\";\n ver = split(version, sep:\".\", keep:FALSE);\n for (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n # Affects 0.8.20 to 1.0.13 AND 1.2.0 to 1.2.8\n if (\n (\n (ver[0] == 0 && ((ver[1] == 8 && ver[2] >= 20) || ver[1] >= 9 ))\n ||\n (ver[0] == 1 && ver[1] ==0 && ver[2] < 14)\n )\n ||\n (\n ver[0] == 1 && ver[1] == 2 && ver[2] <= 8\n ) \n )\n info +=\n '\\n Path : ' + installs[install] +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 1.2.9 / 1.0.14\\n';\n else\n info2 += ' - Version ' + version + ', under ' + installs[install] +'\\n';\n}\n\n# Report if any were found to be vulnerable\nif (info)\n{\n if (report_verbosity > 0)\n {\n if (max_index(split(info)) > 4) s = \"s of Wireshark / Ethereal are\";\n else s = \" of Wireshark / Ethereal is\";\n\n report = \n '\\n' +\n 'The following vulnerable instance' + s + ' installed :\\n' +\n '\\n' + info;\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n}\nif (info2)\n exit(0, \"The following instance(s) of Wireshark / Ethereal are installed and are not vulnerable : \"+info2);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:03:53", "description": "Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer. It was discovered that NULL pointer dereferences, buffer overflows and infinite loops in the SMB, SMB PIPE, ASN1.1 and SigComp dissectors could lead to denial of service or the execution of arbitrary code.", "cvss3": {"score": null, "vector": null}, "published": "2010-07-02T00:00:00", "type": "nessus", "title": "Debian DSA-2066-1 : wireshark - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:wireshark", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2066.NASL", "href": "https://www.tenable.com/plugins/nessus/47584", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2066. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47584);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\");\n script_bugtraq_id(40728);\n script_xref(name:\"DSA\", value:\"2066\");\n\n script_name(english:\"Debian DSA-2066-1 : wireshark - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in the Wireshark\nnetwork traffic analyzer. It was discovered that NULL pointer\ndereferences, buffer overflows and infinite loops in the SMB, SMB\nPIPE, ASN1.1 and SigComp dissectors could lead to denial of service or\nthe execution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2066\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the wireshark packages.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.0.2-3+lenny9.\n\nFor the upcoming stable distribution (squeeze) and the unstable\ndistribution (sid), these problems have been fixed in version 1.2.9-1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"tshark\", reference:\"1.0.2-3+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"wireshark\", reference:\"1.0.2-3+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"wireshark-common\", reference:\"1.0.2-3+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"wireshark-dev\", reference:\"1.0.2-3+lenny9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T14:34:56", "description": "- Mon Jan 17 2011 Jan Safranek <jsafrane at redhat.com> - 1.2.14-1\n\n - upgrade to 1.2.14\n\n - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.1 4.html\n\n - Wed Jan 5 2011 Jan Safranek <jsafrane at redhat.com> - 1.2.13-2\n\n - fixed buffer overflow in ENTTEC dissector (#666897)\n\n - Mon Nov 22 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.13-1\n\n - upgrade to 1.2.13\n\n - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.1 3.html\n\n - Mon Sep 13 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.11-1\n\n - upgrade to 1.2.11\n\n - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.1 1.html\n\n - Resolves: #632539\n\n - Tue Aug 24 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.10-1\n\n - upgrade to 1.2.10\n\n - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.1 0.html\n\n - Resolves: #625940 CVE-2010-2287 CVE-2010-2286 CVE-2010-2284 CVE-2010-2283\n\n - Mon May 17 2010 Radek Vokal <rvokal at redhat.com> - 1.2.8-3\n\n - removing traling bracket from python_sitearch (#592391)\n\n - Fri May 7 2010 Radek Vokal <rvokal at redhat.com> - 1.2.8-2\n\n - add libtool patch\n\n - Fri May 7 2010 Radek Vokal <rvokal at redhat.com> - 1.2.8-1\n\n - use sitearch instead of sitelib to avoid pyo and pyc conflicts\n\n - upgrade to 1.2.8\n\n - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.8 .html\n\n - rebuild with GeoIP support (needs to be turned on in IP protocol preferences)\n\n - bring back -pie\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-02-03T00:00:00", "type": "nessus", "title": "Fedora 13 : wireshark-1.2.14-1.fc13 (2011-0460)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2011-0444", "CVE-2011-0445"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:wireshark", "cpe:/o:fedoraproject:fedora:13"], "id": "FEDORA_2011-0460.NASL", "href": "https://www.tenable.com/plugins/nessus/51854", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-0460.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51854);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-0444\", \"CVE-2011-0445\");\n script_xref(name:\"FEDORA\", value:\"2011-0460\");\n\n script_name(english:\"Fedora 13 : wireshark-1.2.14-1.fc13 (2011-0460)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Mon Jan 17 2011 Jan Safranek <jsafrane at redhat.com> -\n 1.2.14-1\n\n - upgrade to 1.2.14\n\n - see\n http://www.wireshark.org/docs/relnotes/wireshark-1.2.1\n 4.html\n\n - Wed Jan 5 2011 Jan Safranek <jsafrane at redhat.com> -\n 1.2.13-2\n\n - fixed buffer overflow in ENTTEC dissector (#666897)\n\n - Mon Nov 22 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.13-1\n\n - upgrade to 1.2.13\n\n - see\n http://www.wireshark.org/docs/relnotes/wireshark-1.2.1\n 3.html\n\n - Mon Sep 13 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.11-1\n\n - upgrade to 1.2.11\n\n - see\n http://www.wireshark.org/docs/relnotes/wireshark-1.2.1\n 1.html\n\n - Resolves: #632539\n\n - Tue Aug 24 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.10-1\n\n - upgrade to 1.2.10\n\n - see\n http://www.wireshark.org/docs/relnotes/wireshark-1.2.1\n 0.html\n\n - Resolves: #625940 CVE-2010-2287 CVE-2010-2286\n CVE-2010-2284 CVE-2010-2283\n\n - Mon May 17 2010 Radek Vokal <rvokal at redhat.com> -\n 1.2.8-3\n\n - removing traling bracket from python_sitearch\n (#592391)\n\n - Fri May 7 2010 Radek Vokal <rvokal at redhat.com> -\n 1.2.8-2\n\n - add libtool patch\n\n - Fri May 7 2010 Radek Vokal <rvokal at redhat.com> -\n 1.2.8-1\n\n - use sitearch instead of sitelib to avoid pyo and pyc\n conflicts\n\n - upgrade to 1.2.8\n\n - see\n http://www.wireshark.org/docs/relnotes/wireshark-1.2.8\n .html\n\n - rebuild with GeoIP support (needs to be turned on in\n IP protocol preferences)\n\n - bring back -pie\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.11.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.11.html\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.13.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.13.html\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.14.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.14.html\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.8.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.8.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=669441\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=669443\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-February/053669.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?72817804\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/02/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"wireshark-1.2.14-1.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:57:54", "description": "Multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2010-2287, CVE-2010-2995)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2286)\n\nNOTE: This errata updates Wireshark to version 1.0.15 to resolve these issues.\n\nAll running instances of Wireshark must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : wireshark on SL3.x, SL4.x, SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2995"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20100811_WIRESHARK_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60836", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60836);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2995\");\n\n script_name(english:\"Scientific Linux Security Update : wireshark on SL3.x, SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple buffer overflow flaws were found in the Wireshark SigComp\nUniversal Decompressor Virtual Machine (UDVM) dissector. If Wireshark\nread a malformed packet off a network or opened a malicious dump file,\nit could crash or, possibly, execute arbitrary code as the user\nrunning Wireshark. (CVE-2010-2287, CVE-2010-2995)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off a\nnetwork, or opened a malicious dump file. (CVE-2010-1455,\nCVE-2010-2283, CVE-2010-2284, CVE-2010-2286)\n\nNOTE: This errata updates Wireshark to version 1.0.15 to resolve these\nissues.\n\nAll running instances of Wireshark must be restarted for the update to\ntake effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1008&L=scientific-linux-errata&T=0&P=1172\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6cee74b9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark and / or wireshark-gnome packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/05/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"wireshark-1.0.15-EL3.1\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"wireshark-gnome-1.0.15-EL3.1\")) flag++;\n\nif (rpm_check(release:\"SL4\", reference:\"wireshark-1.0.15-1.el4_8.1\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"wireshark-gnome-1.0.15-1.el4_8.1\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"wireshark-1.0.15-1.el5_5.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"wireshark-gnome-1.0.15-1.el5_5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:03:34", "description": "This advisory updates wireshark to the latest version(s), fixing several security issues :\n\nThe SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors (CVE-2010-2283).\n\nBuffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors (CVE-2010-2284).\n\nThe SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors (CVE-2010-2285).\n\nThe SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors (CVE-2010-2286).\n\nBuffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors (CVE-2010-2287).", "cvss3": {"score": null, "vector": null}, "published": "2010-07-30T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : wireshark (MDVSA-2010:113)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2994"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:dumpcap", "p-cpe:/a:mandriva:linux:lib64wireshark-devel", "p-cpe:/a:mandriva:linux:lib64wireshark0", "p-cpe:/a:mandriva:linux:libwireshark-devel", "p-cpe:/a:mandriva:linux:libwireshark0", "p-cpe:/a:mandriva:linux:rawshark", "p-cpe:/a:mandriva:linux:tshark", "p-cpe:/a:mandriva:linux:wireshark", "p-cpe:/a:mandriva:linux:wireshark-tools", "cpe:/o:mandriva:linux:2009.1", "cpe:/o:mandriva:linux:2010.0"], "id": "MANDRIVA_MDVSA-2010-113.NASL", "href": "https://www.tenable.com/plugins/nessus/48186", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:113. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48186);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2994\");\n script_bugtraq_id(40728);\n script_xref(name:\"MDVSA\", value:\"2010:113\");\n\n script_name(english:\"Mandriva Linux Security Advisory : wireshark (MDVSA-2010:113)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This advisory updates wireshark to the latest version(s), fixing\nseveral security issues :\n\nThe SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0\nthrough 1.2.8 allows remote attackers to cause a denial of service\n(NULL pointer dereference) via unknown vectors (CVE-2010-2283).\n\nBuffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13\nthrough 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote\nattack vectors (CVE-2010-2284).\n\nThe SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0\nthrough 1.2.8 allows remote attackers to cause a denial of service\n(NULL pointer dereference) via unknown vectors (CVE-2010-2285).\n\nThe SigComp Universal Decompressor Virtual Machine dissector in\nWireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote\nattackers to cause a denial of service (infinite loop) via unknown\nvectors (CVE-2010-2286).\n\nBuffer overflow in the SigComp Universal Decompressor Virtual Machine\ndissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8\nhas unknown impact and remote attack vectors (CVE-2010-2287).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.wireshark.org/security/wnpa-sec-2010-05.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.wireshark.org/security/wnpa-sec-2010-06.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dumpcap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rawshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.1\", reference:\"dumpcap-1.0.14-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-1.0.14-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64wireshark0-1.0.14-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libwireshark-devel-1.0.14-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libwireshark0-1.0.14-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"rawshark-1.0.14-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tshark-1.0.14-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"wireshark-1.0.14-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"wireshark-tools-1.0.14-0.1mdv2009.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.0\", reference:\"dumpcap-1.2.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-1.2.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64wireshark0-1.2.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libwireshark-devel-1.2.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libwireshark0-1.2.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"rawshark-1.2.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"tshark-1.2.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"wireshark-1.2.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"wireshark-tools-1.2.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:03:10", "description": "Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nWireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal.\n\nMultiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2010-2287, CVE-2010-2995)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2286)\n\nUsers of Wireshark should upgrade to these updated packages, which contain Wireshark version 1.0.15, and resolve these issues. All running instances of Wireshark must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2010-08-12T00:00:00", "type": "nessus", "title": "RHEL 3 / 4 / 5 : wireshark (RHSA-2010:0625)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2994", "CVE-2010-2995"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:wireshark", "p-cpe:/a:redhat:enterprise_linux:wireshark-gnome", "cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.8", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2010-0625.NASL", "href": "https://www.tenable.com/plugins/nessus/48314", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0625. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48314);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2994\", \"CVE-2010-2995\");\n script_bugtraq_id(39950, 40728);\n script_xref(name:\"RHSA\", value:\"2010:0625\");\n\n script_name(english:\"RHEL 3 / 4 / 5 : wireshark (RHSA-2010:0625)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated wireshark packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3, 4, and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in the Wireshark SigComp\nUniversal Decompressor Virtual Machine (UDVM) dissector. If Wireshark\nread a malformed packet off a network or opened a malicious dump file,\nit could crash or, possibly, execute arbitrary code as the user\nrunning Wireshark. (CVE-2010-2287, CVE-2010-2995)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off a\nnetwork, or opened a malicious dump file. (CVE-2010-1455,\nCVE-2010-2283, CVE-2010-2284, CVE-2010-2286)\n\nUsers of Wireshark should upgrade to these updated packages, which\ncontain Wireshark version 1.0.15, and resolve these issues. All\nrunning instances of Wireshark must be restarted for the update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1455\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-2283\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-2284\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-2286\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-2287\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-2995\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2010-03.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2010-03.html\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2010-05.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2010-05.html\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2010-07.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2010-07.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2010:0625\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark and / or wireshark-gnome packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/05/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2010:0625\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"wireshark-1.0.15-EL3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"wireshark-gnome-1.0.15-EL3.1\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", reference:\"wireshark-1.0.15-1.el4_8.1\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"wireshark-gnome-1.0.15-1.el4_8.1\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"wireshark-1.0.15-1.el5_5.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"wireshark-1.0.15-1.el5_5.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"wireshark-1.0.15-1.el5_5.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"wireshark-gnome-1.0.15-1.el5_5.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"wireshark-gnome-1.0.15-1.el5_5.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"wireshark-gnome-1.0.15-1.el5_5.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-gnome\");\n }\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:54:31", "description": "From Red Hat Security Advisory 2010:0625 :\n\nUpdated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nWireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal.\n\nMultiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2010-2287, CVE-2010-2995)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2286)\n\nUsers of Wireshark should upgrade to these updated packages, which contain Wireshark version 1.0.15, and resolve these issues. All running instances of Wireshark must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 3 / 4 / 5 : wireshark (ELSA-2010-0625)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2994", "CVE-2010-2995"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:wireshark", "p-cpe:/a:oracle:linux:wireshark-gnome", "cpe:/o:oracle:linux:3", "cpe:/o:oracle:linux:4", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2010-0625.NASL", "href": "https://www.tenable.com/plugins/nessus/68084", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2010:0625 and \n# Oracle Linux Security Advisory ELSA-2010-0625 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68084);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2994\", \"CVE-2010-2995\");\n script_bugtraq_id(39950, 40728);\n script_xref(name:\"RHSA\", value:\"2010:0625\");\n\n script_name(english:\"Oracle Linux 3 / 4 / 5 : wireshark (ELSA-2010-0625)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2010:0625 :\n\nUpdated wireshark packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3, 4, and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in the Wireshark SigComp\nUniversal Decompressor Virtual Machine (UDVM) dissector. If Wireshark\nread a malformed packet off a network or opened a malicious dump file,\nit could crash or, possibly, execute arbitrary code as the user\nrunning Wireshark. (CVE-2010-2287, CVE-2010-2995)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off a\nnetwork, or opened a malicious dump file. (CVE-2010-1455,\nCVE-2010-2283, CVE-2010-2284, CVE-2010-2286)\n\nUsers of Wireshark should upgrade to these updated packages, which\ncontain Wireshark version 1.0.15, and resolve these issues. All\nrunning instances of Wireshark must be restarted for the update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-August/001600.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-August/001601.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-August/001602.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/05/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3 / 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"wireshark-1.0.15-0.1.EL3.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"wireshark-1.0.15-0.1.EL3.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"wireshark-gnome-1.0.15-0.1.EL3.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"wireshark-gnome-1.0.15-0.1.EL3.1\")) flag++;\n\nif (rpm_check(release:\"EL4\", reference:\"wireshark-1.0.15-1.0.1.el4_8.1\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"wireshark-gnome-1.0.15-1.0.1.el4_8.1\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"wireshark-1.0.15-1.0.1.el5_5.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"wireshark-gnome-1.0.15-1.0.1.el5_5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-gnome\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:03:31", "description": "Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nWireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal.\n\nMultiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2010-2287, CVE-2010-2995)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2286)\n\nUsers of Wireshark should upgrade to these updated packages, which contain Wireshark version 1.0.15, and resolve these issues. All running instances of Wireshark must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2010-08-24T00:00:00", "type": "nessus", "title": "CentOS 4 / 5 : wireshark (CESA-2010:0625)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2994", "CVE-2010-2995"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:wireshark", "p-cpe:/a:centos:centos:wireshark-gnome", "cpe:/o:centos:centos:4", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2010-0625.NASL", "href": "https://www.tenable.com/plugins/nessus/48409", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0625 and \n# CentOS Errata and Security Advisory 2010:0625 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48409);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2994\", \"CVE-2010-2995\");\n script_bugtraq_id(39950, 40728);\n script_xref(name:\"RHSA\", value:\"2010:0625\");\n\n script_name(english:\"CentOS 4 / 5 : wireshark (CESA-2010:0625)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated wireshark packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3, 4, and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in the Wireshark SigComp\nUniversal Decompressor Virtual Machine (UDVM) dissector. If Wireshark\nread a malformed packet off a network or opened a malicious dump file,\nit could crash or, possibly, execute arbitrary code as the user\nrunning Wireshark. (CVE-2010-2287, CVE-2010-2995)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off a\nnetwork, or opened a malicious dump file. (CVE-2010-1455,\nCVE-2010-2283, CVE-2010-2284, CVE-2010-2286)\n\nUsers of Wireshark should upgrade to these updated packages, which\ncontain Wireshark version 1.0.15, and resolve these issues. All\nrunning instances of Wireshark must be restarted for the update to\ntake effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-August/016932.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4ea3370a\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-August/016933.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?17af990f\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-August/016956.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?18b151ef\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-August/016957.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0687cae5\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/05/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"wireshark-1.0.15-1.el4_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"wireshark-1.0.15-1.el4_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"wireshark-gnome-1.0.15-1.el4_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"wireshark-gnome-1.0.15-1.el4_8.1\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"wireshark-1.0.15-1.el5_5.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"wireshark-gnome-1.0.15-1.el5_5.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-gnome\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:03:21", "description": "Update to upstream version 1.2.10: * http://www.wireshark.org/docs/relnotes/wireshark-1.2.9.html * http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html fixing multiple security issues: * http://www.wireshark.org/security/wnpa-sec-2010-06.html * http://www.wireshark.org/security/wnpa-sec-2010-08.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-09-03T00:00:00", "type": "nessus", "title": "Fedora 13 : wireshark-1.2.10-1.fc13 (2010-13416)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2995"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:wireshark", "cpe:/o:fedoraproject:fedora:13"], "id": "FEDORA_2010-13416.NASL", "href": "https://www.tenable.com/plugins/nessus/49092", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-13416.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49092);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2992\", \"CVE-2010-2993\", \"CVE-2010-2995\");\n script_bugtraq_id(40728, 42618);\n script_xref(name:\"FEDORA\", value:\"2010-13416\");\n\n script_name(english:\"Fedora 13 : wireshark-1.2.10-1.fc13 (2010-13416)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to upstream version 1.2.10: *\nhttp://www.wireshark.org/docs/relnotes/wireshark-1.2.9.html *\nhttp://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html fixing\nmultiple security issues: *\nhttp://www.wireshark.org/security/wnpa-sec-2010-06.html *\nhttp://www.wireshark.org/security/wnpa-sec-2010-08.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.9.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.9.html\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2010-06.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2010-06.html\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2010-08.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2010-08.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=604290\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=604292\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=604302\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=604308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=623843\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-September/046957.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3fa9b949\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/09/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"wireshark-1.2.10-1.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:03:35", "description": "This advisory updates wireshark to the latest version(s), fixing several security issues :\n\nBuffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors (CVE-2010-2284).\n\nBuffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors (CVE-2010-2287).", "cvss3": {"score": null, "vector": null}, "published": "2010-08-05T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : wireshark (MDVSA-2010:144)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:dumpcap", "p-cpe:/a:mandriva:linux:lib64wireshark-devel", "p-cpe:/a:mandriva:linux:lib64wireshark0", "p-cpe:/a:mandriva:linux:libwireshark-devel", "p-cpe:/a:mandriva:linux:libwireshark0", "p-cpe:/a:mandriva:linux:rawshark", "p-cpe:/a:mandriva:linux:tshark", "p-cpe:/a:mandriva:linux:wireshark", "p-cpe:/a:mandriva:linux:wireshark-tools", "cpe:/o:mandriva:linux:2009.1", "cpe:/o:mandriva:linux:2010.0", "cpe:/o:mandriva:linux:2010.1"], "id": "MANDRIVA_MDVSA-2010-144.NASL", "href": "https://www.tenable.com/plugins/nessus/48251", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:144. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48251);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-2284\", \"CVE-2010-2287\");\n script_bugtraq_id(40728);\n script_xref(name:\"MDVSA\", value:\"2010:144\");\n\n script_name(english:\"Mandriva Linux Security Advisory : wireshark (MDVSA-2010:144)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This advisory updates wireshark to the latest version(s), fixing\nseveral security issues :\n\nBuffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13\nthrough 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote\nattack vectors (CVE-2010-2284).\n\nBuffer overflow in the SigComp Universal Decompressor Virtual Machine\ndissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8\nhas unknown impact and remote attack vectors (CVE-2010-2287).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.0.15.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dumpcap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rawshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.1\", reference:\"dumpcap-1.0.15-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-1.0.15-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64wireshark0-1.0.15-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libwireshark-devel-1.0.15-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libwireshark0-1.0.15-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"rawshark-1.0.15-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tshark-1.0.15-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"wireshark-1.0.15-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"wireshark-tools-1.0.15-0.1mdv2009.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.0\", reference:\"dumpcap-1.2.10-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-1.2.10-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64wireshark0-1.2.10-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libwireshark-devel-1.2.10-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libwireshark0-1.2.10-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"rawshark-1.2.10-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"tshark-1.2.10-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"wireshark-1.2.10-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"wireshark-tools-1.2.10-0.1mdv2010.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.1\", reference:\"dumpcap-1.2.10-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-1.2.10-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64wireshark0-1.2.10-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libwireshark-devel-1.2.10-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libwireshark0-1.2.10-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"rawshark-1.2.10-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"tshark-1.2.10-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"wireshark-1.2.10-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"wireshark-tools-1.2.10-0.1mdv2010.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:03:10", "description": "Update to upstream version 1.2.10: * http://www.wireshark.org/docs/relnotes/wireshark-1.2.7.html * http://www.wireshark.org/docs/relnotes/wireshark-1.2.8.html * http://www.wireshark.org/docs/relnotes/wireshark-1.2.9.html * http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html fixing multiple security issues: * http://www.wireshark.org/security/wnpa-sec-2010-04.html * http://www.wireshark.org/security/wnpa-sec-2010-06.html * http://www.wireshark.org/security/wnpa-sec-2010-08.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-09-03T00:00:00", "type": "nessus", "title": "Fedora 12 : wireshark-1.2.10-1.fc12 (2010-13427)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2995"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:wireshark", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2010-13427.NASL", "href": "https://www.tenable.com/plugins/nessus/49093", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-13427.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49093);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2992\", \"CVE-2010-2993\", \"CVE-2010-2995\");\n script_xref(name:\"FEDORA\", value:\"2010-13427\");\n\n script_name(english:\"Fedora 12 : wireshark-1.2.10-1.fc12 (2010-13427)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to upstream version 1.2.10: *\nhttp://www.wireshark.org/docs/relnotes/wireshark-1.2.7.html *\nhttp://www.wireshark.org/docs/relnotes/wireshark-1.2.8.html *\nhttp://www.wireshark.org/docs/relnotes/wireshark-1.2.9.html *\nhttp://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html fixing\nmultiple security issues: *\nhttp://www.wireshark.org/security/wnpa-sec-2010-04.html *\nhttp://www.wireshark.org/security/wnpa-sec-2010-06.html *\nhttp://www.wireshark.org/security/wnpa-sec-2010-08.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.7.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.7.html\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.8.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.8.html\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.9.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.9.html\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2010-04.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2010-04.html\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2010-06.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2010-06.html\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2010-08.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2010-08.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=590613\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=604290\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=604292\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=604302\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=604308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=623843\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-September/046962.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?94fdf596\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/09/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"wireshark-1.2.10-1.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:01:00", "description": "Wireshark version 1.4.2 fixes several security issues that allowed attackers to crash wireshark or potentially even execute arbitrary code\n\n(CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2285, CVE-2010-2286, CVE-2010-2287, CVE-2010-2992, CVE-2010-2993, CVE-2010-2994, CVE-2010-2995, CVE-2010-3445, CVE-2010-4300, CVE-2010-4301)", "cvss3": {"score": null, "vector": null}, "published": "2011-05-05T00:00:00", "type": "nessus", "title": "openSUSE Security Update : wireshark (openSUSE-SU-2011:0010-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2994", "CVE-2010-2995", "CVE-2010-3445", "CVE-2010-4300", "CVE-2010-4301"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:wireshark", "p-cpe:/a:novell:opensuse:wireshark-devel", "cpe:/o:novell:opensuse:11.2"], "id": "SUSE_11_2_WIRESHARK-101222.NASL", "href": "https://www.tenable.com/plugins/nessus/53808", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update wireshark-3738.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53808);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2992\", \"CVE-2010-2993\", \"CVE-2010-2994\", \"CVE-2010-2995\", \"CVE-2010-3445\", \"CVE-2010-4300\", \"CVE-2010-4301\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-SU-2011:0010-2)\");\n script_summary(english:\"Check for the wireshark-3738 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Wireshark version 1.4.2 fixes several security issues that allowed\nattackers to crash wireshark or potentially even execute arbitrary\ncode\n\n(CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2285,\nCVE-2010-2286, CVE-2010-2287, CVE-2010-2992, CVE-2010-2993,\nCVE-2010-2994, CVE-2010-2995, CVE-2010-3445, CVE-2010-4300,\nCVE-2010-4301)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=603251\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=613487\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=630599\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=643078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=655448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-01/msg00012.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/05/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"wireshark-1.4.2-1.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"wireshark-devel-1.4.2-1.1.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-devel\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:50:09", "description": "Wireshark version 1.4.2 fixes several security issues that allowed attackers to crash wireshark or potentially even execute arbitrary code\n\n(CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2285, CVE-2010-2286, CVE-2010-2287, CVE-2010-2992, CVE-2010-2993, CVE-2010-2994, CVE-2010-2995, CVE-2010-3445, CVE-2010-4300, CVE-2010-4301)", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : wireshark (openSUSE-SU-2011:0010-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2994", "CVE-2010-2995", "CVE-2010-3445", "CVE-2010-4300", "CVE-2010-4301"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:wireshark", "p-cpe:/a:novell:opensuse:wireshark-devel", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_WIRESHARK-101222.NASL", "href": "https://www.tenable.com/plugins/nessus/75771", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update wireshark-3738.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75771);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2992\", \"CVE-2010-2993\", \"CVE-2010-2994\", \"CVE-2010-2995\", \"CVE-2010-3445\", \"CVE-2010-4300\", \"CVE-2010-4301\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-SU-2011:0010-2)\");\n script_summary(english:\"Check for the wireshark-3738 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Wireshark version 1.4.2 fixes several security issues that allowed\nattackers to crash wireshark or potentially even execute arbitrary\ncode\n\n(CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2285,\nCVE-2010-2286, CVE-2010-2287, CVE-2010-2992, CVE-2010-2993,\nCVE-2010-2994, CVE-2010-2995, CVE-2010-3445, CVE-2010-4300,\nCVE-2010-4301)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=603251\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=613487\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=630599\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=643078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=655448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-01/msg00012.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/05/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"wireshark-1.4.2-1.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"wireshark-devel-1.4.2-1.1.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-devel\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:00:57", "description": "Wireshark version 1.4.2 fixes several security issues that allowed attackers to crash wireshark or potentially even execute arbitrary code\n\n(CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2285, CVE-2010-2286, CVE-2010-2287, CVE-2010-2992, CVE-2010-2993, CVE-2010-2994, CVE-2010-2995, CVE-2010-3445, CVE-2010-4300, CVE-2010-4301)", "cvss3": {"score": null, "vector": null}, "published": "2011-05-05T00:00:00", "type": "nessus", "title": "openSUSE Security Update : wireshark (openSUSE-SU-2011:0010-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2994", "CVE-2010-2995", "CVE-2010-3445", "CVE-2010-4300", "CVE-2010-4301"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:wireshark", "p-cpe:/a:novell:opensuse:wireshark-devel", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_WIRESHARK-101222.NASL", "href": "https://www.tenable.com/plugins/nessus/53689", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update wireshark-3731.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53689);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2992\", \"CVE-2010-2993\", \"CVE-2010-2994\", \"CVE-2010-2995\", \"CVE-2010-3445\", \"CVE-2010-4300\", \"CVE-2010-4301\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-SU-2011:0010-1)\");\n script_summary(english:\"Check for the wireshark-3731 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Wireshark version 1.4.2 fixes several security issues that allowed\nattackers to crash wireshark or potentially even execute arbitrary\ncode\n\n(CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2285,\nCVE-2010-2286, CVE-2010-2287, CVE-2010-2992, CVE-2010-2993,\nCVE-2010-2994, CVE-2010-2995, CVE-2010-3445, CVE-2010-4300,\nCVE-2010-4301)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=603251\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=613487\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=630599\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=643078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=655448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-01/msg00004.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/05/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"wireshark-1.4.2-1.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"wireshark-devel-1.4.2-1.1.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-devel\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:59:24", "description": "Wireshark was updated to version 1.4.4 to fix several security issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : wireshark (ZYPP Patch Number 7438)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2994", "CVE-2010-2995", "CVE-2010-3445", "CVE-2010-4300", "CVE-2010-4301", "CVE-2010-4538", "CVE-2011-0444", "CVE-2011-0445", "CVE-2011-0538", "CVE-2011-0713", "CVE-2011-1138", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-1143"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_WIRESHARK-7438.NASL", "href": "https://www.tenable.com/plugins/nessus/57261", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57261);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2992\", \"CVE-2010-2993\", \"CVE-2010-2994\", \"CVE-2010-2995\", \"CVE-2010-3445\", \"CVE-2010-4300\", \"CVE-2010-4301\", \"CVE-2010-4538\", \"CVE-2011-0444\", \"CVE-2011-0445\", \"CVE-2011-0538\", \"CVE-2011-0713\", \"CVE-2011-1138\", \"CVE-2011-1139\", \"CVE-2011-1140\", \"CVE-2011-1143\");\n\n script_name(english:\"SuSE 10 Security Update : wireshark (ZYPP Patch Number 7438)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\"Wireshark was updated to version 1.4.4 to fix several security issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1455.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2283.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2284.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2285.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2286.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2287.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2992.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2993.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2994.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2995.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3445.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-4300.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-4301.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-4538.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0444.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0445.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0538.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0713.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1138.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1139.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1140.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1143.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7438.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'White_Phosphorus');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/05/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"wireshark-1.4.4-0.37.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"wireshark-1.4.4-0.37.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"wireshark-devel-1.4.4-0.37.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:01:22", "description": "Wireshark was updated to version 1.4.4 to fix several security issues", "cvss3": {"score": null, "vector": null}, "published": "2011-04-07T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : wireshark (SAT Patch Number 4267)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2994", "CVE-2010-2995", "CVE-2010-3445", "CVE-2010-4300", "CVE-2010-4301", "CVE-2010-4538", "CVE-2011-0444", "CVE-2011-0445", "CVE-2011-0538", "CVE-2011-0713", "CVE-2011-1138", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-1143"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:wireshark", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_WIRESHARK-110331.NASL", "href": "https://www.tenable.com/plugins/nessus/53315", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53315);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2992\", \"CVE-2010-2993\", \"CVE-2010-2994\", \"CVE-2010-2995\", \"CVE-2010-3445\", \"CVE-2010-4300\", \"CVE-2010-4301\", \"CVE-2010-4538\", \"CVE-2011-0444\", \"CVE-2011-0445\", \"CVE-2011-0538\", \"CVE-2011-0713\", \"CVE-2011-1138\", \"CVE-2011-1139\", \"CVE-2011-1140\", \"CVE-2011-1143\");\n\n script_name(english:\"SuSE 11.1 Security Update : wireshark (SAT Patch Number 4267)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\"Wireshark was updated to version 1.4.4 to fix several security issues\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=603251\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=613487\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=630599\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=643078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=655448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=662029\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=669908\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=672916\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=678567\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=678568\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=678569\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=678571\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1455.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2283.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2284.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2285.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2286.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2287.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2992.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2993.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2994.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2995.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3445.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-4300.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-4301.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-4538.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0444.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0445.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0538.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0713.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1138.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1139.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1140.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1143.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 4267.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'White_Phosphorus');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/04/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"wireshark-1.4.4-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"wireshark-1.4.4-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"wireshark-1.4.4-0.2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:01:14", "description": "Wireshark was updated to version 1.4.4 to fix several security issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-04-07T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : wireshark (ZYPP Patch Number 7439)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2994", "CVE-2010-2995", "CVE-2010-3445", "CVE-2010-4300", "CVE-2010-4301", "CVE-2010-4538", "CVE-2011-0444", "CVE-2011-0445", "CVE-2011-0538", "CVE-2011-0713", "CVE-2011-1138", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-1143"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_WIRESHARK-7439.NASL", "href": "https://www.tenable.com/plugins/nessus/53319", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53319);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2992\", \"CVE-2010-2993\", \"CVE-2010-2994\", \"CVE-2010-2995\", \"CVE-2010-3445\", \"CVE-2010-4300\", \"CVE-2010-4301\", \"CVE-2010-4538\", \"CVE-2011-0444\", \"CVE-2011-0445\", \"CVE-2011-0538\", \"CVE-2011-0713\", \"CVE-2011-1138\", \"CVE-2011-1139\", \"CVE-2011-1140\", \"CVE-2011-1143\");\n\n script_name(english:\"SuSE 10 Security Update : wireshark (ZYPP Patch Number 7439)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\"Wireshark was updated to version 1.4.4 to fix several security issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1455.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2283.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2284.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2285.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2286.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2287.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2992.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2993.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2994.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2995.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3445.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-4300.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-4301.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-4538.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0444.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0445.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0538.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0713.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1138.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1139.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1140.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1143.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7439.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'White_Phosphorus');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/05/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/04/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"wireshark-1.4.4-0.37.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"wireshark-1.4.4-0.37.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"wireshark-devel-1.4.4-0.37.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:01:51", "description": "A vulnerability has been found and corrected in wireshark :\n\nBuffer overflow in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding (RLE) compression (CVE-2010-4538).\n\nThe updated packages have been patched to correct this issue.", "cvss3": {"score": null, "vector": null}, "published": "2011-01-28T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : wireshark (MDVSA-2011:002)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4538"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:dumpcap", "p-cpe:/a:mandriva:linux:lib64wireshark-devel", "p-cpe:/a:mandriva:linux:lib64wireshark0", "p-cpe:/a:mandriva:linux:libwireshark-devel", "p-cpe:/a:mandriva:linux:libwireshark0", "p-cpe:/a:mandriva:linux:rawshark", "p-cpe:/a:mandriva:linux:tshark", "p-cpe:/a:mandriva:linux:wireshark", "p-cpe:/a:mandriva:linux:wireshark-tools", "cpe:/o:mandriva:linux:2010.0", "cpe:/o:mandriva:linux:2010.1"], "id": "MANDRIVA_MDVSA-2011-002.NASL", "href": "https://www.tenable.com/plugins/nessus/51795", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2011:002. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51795);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-4538\");\n script_bugtraq_id(45634);\n script_xref(name:\"MDVSA\", value:\"2011:002\");\n\n script_name(english:\"Mandriva Linux Security Advisory : wireshark (MDVSA-2011:002)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been found and corrected in wireshark :\n\nBuffer overflow in epan/dissectors/packet-enttec.c in Wireshark 1.4.2\nallows remote attackers to cause a denial of service (application\ncrash) or possibly execute arbitrary code via a crafted ENTTEC DMX\npacket with Run Length Encoding (RLE) compression (CVE-2010-4538).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'White_Phosphorus');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dumpcap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rawshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.0\", reference:\"dumpcap-1.2.13-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-1.2.13-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64wireshark0-1.2.13-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libwireshark-devel-1.2.13-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libwireshark0-1.2.13-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"rawshark-1.2.13-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"tshark-1.2.13-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"wireshark-1.2.13-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"wireshark-tools-1.2.13-0.2mdv2010.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.1\", reference:\"dumpcap-1.2.13-0.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-1.2.13-0.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64wireshark0-1.2.13-0.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libwireshark-devel-1.2.13-0.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libwireshark0-1.2.13-0.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"rawshark-1.2.13-0.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"tshark-1.2.13-0.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"wireshark-1.2.13-0.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"wireshark-tools-1.2.13-0.2mdv2010.2\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:02:01", "description": "Updated wireshark packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nWireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal.\n\nAn array index error, leading to a stack-based buffer overflow, was found in the Wireshark ENTTEC dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark.\n(CVE-2010-4538)\n\nUsers of Wireshark should upgrade to these updated packages, which contain a backported patch to correct this issue. All running instances of Wireshark must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2011-01-28T00:00:00", "type": "nessus", "title": "CentOS 4 : wireshark (CESA-2011:0013)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4538"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:wireshark", "p-cpe:/a:centos:centos:wireshark-gnome", "cpe:/o:centos:centos:4"], "id": "CENTOS_RHSA-2011-0013.NASL", "href": "https://www.tenable.com/plugins/nessus/51784", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0013 and \n# CentOS Errata and Security Advisory 2011:0013 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51784);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-4538\");\n script_bugtraq_id(45634);\n script_xref(name:\"RHSA\", value:\"2011:0013\");\n\n script_name(english:\"CentOS 4 : wireshark (CESA-2011:0013)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated wireshark packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nAn array index error, leading to a stack-based buffer overflow, was\nfound in the Wireshark ENTTEC dissector. If Wireshark read a malformed\npacket off a network or opened a malicious dump file, it could crash\nor, possibly, execute arbitrary code as the user running Wireshark.\n(CVE-2010-4538)\n\nUsers of Wireshark should upgrade to these updated packages, which\ncontain a backported patch to correct this issue. All running\ninstances of Wireshark must be restarted for the update to take\neffect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-January/017241.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?223581f9\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-January/017242.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b121192d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'White_Phosphorus');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/01/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"wireshark-1.0.15-1.el4_8.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"wireshark-1.0.15-1.el4_8.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"wireshark-gnome-1.0.15-1.el4_8.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"wireshark-gnome-1.0.15-1.el4_8.3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-gnome\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:01:56", "description": "It was discovered that a buffer overflow in the ENTTEC dissector may lead to the execution of arbitrary code.", "cvss3": {"score": null, "vector": null}, "published": "2011-01-17T00:00:00", "type": "nessus", "title": "Debian DSA-2144-1 : wireshark - buffer overflow", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4538"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:wireshark", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2144.NASL", "href": "https://www.tenable.com/plugins/nessus/51531", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2144. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51531);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-4538\");\n script_bugtraq_id(45634);\n script_xref(name:\"DSA\", value:\"2144\");\n\n script_name(english:\"Debian DSA-2144-1 : wireshark - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a buffer overflow in the ENTTEC dissector may\nlead to the execution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2144\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the wireshark packages.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.0.2-3+lenny12.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'White_Phosphorus');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"wireshark\", reference:\"1.0.2-3+lenny12\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:02:02", "description": "- Wed Jan 5 2011 Jan Safranek <jsafrane at redhat.com> - 1.4.2-2\n\n - fixed buffer overflow in ENTTEC dissector (#666897)\n\n - Mon Nov 22 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.4.2-1\n\n - upgrade to 1.4.2\n\n - see http://www.wireshark.org/docs/relnotes/wireshark-1.4.2 .html\n\n - Mon Nov 1 2010 Jan Safranek <jsafrane at redhat.com> - 1.4.1-2\n\n - temporarily disable zlib until https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=49 55 is resolved (#643461)\n\n - Fri Oct 22 2010 Jan Safranek <jsafrane at redhat.com> - 1.4.1-1\n\n - upgrade to 1.4.1\n\n - see http://www.wireshark.org/docs/relnotes/wireshark-1.4.1 .html\n\n - Own the %{_libdir}/wireshark dir (#644508)\n\n - associate *.pcap files with wireshark (#641163)\n\n - Tue Oct 5 2010 jkeating - 1.4.0-2.1\n\n - Rebuilt for gcc bug 634757\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-01-14T00:00:00", "type": "nessus", "title": "Fedora 14 : wireshark-1.4.2-2.fc14 (2011-0128)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4538"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:wireshark", "cpe:/o:fedoraproject:fedora:14"], "id": "FEDORA_2011-0128.NASL", "href": "https://www.tenable.com/plugins/nessus/51515", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-0128.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51515);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-4538\");\n script_xref(name:\"FEDORA\", value:\"2011-0128\");\n\n script_name(english:\"Fedora 14 : wireshark-1.4.2-2.fc14 (2011-0128)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Wed Jan 5 2011 Jan Safranek <jsafrane at redhat.com> -\n 1.4.2-2\n\n - fixed buffer overflow in ENTTEC dissector (#666897)\n\n - Mon Nov 22 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.4.2-1\n\n - upgrade to 1.4.2\n\n - see\n http://www.wireshark.org/docs/relnotes/wireshark-1.4.2\n .html\n\n - Mon Nov 1 2010 Jan Safranek <jsafrane at redhat.com> -\n 1.4.1-2\n\n - temporarily disable zlib until\n https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=49\n 55 is resolved (#643461)\n\n - Fri Oct 22 2010 Jan Safranek <jsafrane at redhat.com> -\n 1.4.1-1\n\n - upgrade to 1.4.1\n\n - see\n http://www.wireshark.org/docs/relnotes/wireshark-1.4.1\n .html\n\n - Own the %{_libdir}/wireshark dir (#644508)\n\n - associate *.pcap files with wireshark (#641163)\n\n - Tue Oct 5 2010 jkeating - 1.4.0-2.1\n\n - Rebuilt for gcc bug 634757\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.4.1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.4.1.html\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.4.2.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.4.2.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4955\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=666894\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-January/053042.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?aafe3214\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'White_Phosphorus');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"wireshark-1.4.2-2.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:53:31", "description": "From Red Hat Security Advisory 2011:0013 :\n\nUpdated wireshark packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nWireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal.\n\nAn array index error, leading to a stack-based buffer overflow, was found in the Wireshark ENTTEC dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark.\n(CVE-2010-4538)\n\nUsers of Wireshark should upgrade to these updated packages, which contain a backported patch to correct this issue. All running instances of Wireshark must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 / 5 / 6 : wireshark (ELSA-2011-0013)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4538"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:wireshark", "p-cpe:/a:oracle:linux:wireshark-devel", "p-cpe:/a:oracle:linux:wireshark-gnome", "cpe:/o:oracle:linux:4", "cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2011-0013.NASL", "href": "https://www.tenable.com/plugins/nessus/68179", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:0013 and \n# Oracle Linux Security Advisory ELSA-2011-0013 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68179);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-4538\");\n script_bugtraq_id(45634);\n script_xref(name:\"RHSA\", value:\"2011:0013\");\n\n script_name(english:\"Oracle Linux 4 / 5 / 6 : wireshark (ELSA-2011-0013)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:0013 :\n\nUpdated wireshark packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nAn array index error, leading to a stack-based buffer overflow, was\nfound in the Wireshark ENTTEC dissector. If Wireshark read a malformed\npacket off a network or opened a malicious dump file, it could crash\nor, possibly, execute arbitrary code as the user running Wireshark.\n(CVE-2010-4538)\n\nUsers of Wireshark should upgrade to these updated packages, which\ncontain a backported patch to correct this issue. All running\ninstances of Wireshark must be restarted for the update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-February/001872.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-January/001784.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-January/001785.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'White_Phosphorus');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/01/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"wireshark-1.0.15-1.0.1.el4_8.3\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"wireshark-gnome-1.0.15-1.0.1.el4_8.3\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"wireshark-1.0.15-1.0.1.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"wireshark-gnome-1.0.15-1.0.1.el5_5.3\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"wireshark-1.2.13-1.0.1.el6_0.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"wireshark-devel-1.2.13-1.0.1.el6_0.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"wireshark-gnome-1.2.13-1.0.1.el6_0.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-devel / wireshark-gnome\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:57:32", "description": "An array index error, leading to a stack-based buffer overflow, was found in the Wireshark ENTTEC dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark.\n(CVE-2010-4538)\n\nAll running instances of Wireshark must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : wireshark on SL4.x, SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4538"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20110110_WIRESHARK_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60931", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60931);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-4538\");\n\n script_name(english:\"Scientific Linux Security Update : wireshark on SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An array index error, leading to a stack-based buffer overflow, was\nfound in the Wireshark ENTTEC dissector. If Wireshark read a malformed\npacket off a network or opened a malicious dump file, it could crash\nor, possibly, execute arbitrary code as the user running Wireshark.\n(CVE-2010-4538)\n\nAll running instances of Wireshark must be restarted for the update to\ntake effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1101&L=scientific-linux-errata&T=0&P=399\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?577fa777\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark and / or wireshark-gnome packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'White_Phosphorus');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"wireshark-1.0.15-1.el4_8.3\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"wireshark-gnome-1.0.15-1.el4_8.3\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"wireshark-1.0.15-1.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"wireshark-gnome-1.0.15-1.el5_5.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:01:57", "description": "Updated wireshark packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nWireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal.\n\nAn array index error, leading to a stack-based buffer overflow, was found in the Wireshark ENTTEC dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark.\n(CVE-2010-4538)\n\nUsers of Wireshark should upgrade to these updated packages, which contain a backported patch to correct this issue. All running instances of Wireshark must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2011-01-11T00:00:00", "type": "nessus", "title": "RHEL 4 / 5 / 6 : wireshark (RHSA-2011:0013)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4538"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:wireshark", "p-cpe:/a:redhat:enterprise_linux:wireshark-debuginfo", "p-cpe:/a:redhat:enterprise_linux:wireshark-devel", "p-cpe:/a:redhat:enterprise_linux:wireshark-gnome", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.8", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.0"], "id": "REDHAT-RHSA-2011-0013.NASL", "href": "https://www.tenable.com/plugins/nessus/51452", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0013. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51452);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-4538\");\n script_bugtraq_id(45634);\n script_xref(name:\"RHSA\", value:\"2011:0013\");\n\n script_name(english:\"RHEL 4 / 5 / 6 : wireshark (RHSA-2011:0013)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated wireshark packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nAn array index error, leading to a stack-based buffer overflow, was\nfound in the Wireshark ENTTEC dissector. If Wireshark read a malformed\npacket off a network or opened a malicious dump file, it could crash\nor, possibly, execute arbitrary code as the user running Wireshark.\n(CVE-2010-4538)\n\nUsers of Wireshark should upgrade to these updated packages, which\ncontain a backported patch to correct this issue. All running\ninstances of Wireshark must be restarted for the update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-4538\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:0013\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'White_Phosphorus');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/01/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:0013\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"wireshark-1.0.15-1.el4_8.3\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"wireshark-gnome-1.0.15-1.el4_8.3\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"wireshark-1.0.15-1.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"wireshark-1.0.15-1.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"wireshark-1.0.15-1.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"wireshark-gnome-1.0.15-1.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"wireshark-gnome-1.0.15-1.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"wireshark-gnome-1.0.15-1.el5_5.3\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", reference:\"wireshark-1.2.13-1.el6_0.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"wireshark-debuginfo-1.2.13-1.el6_0.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"wireshark-devel-1.2.13-1.el6_0.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"wireshark-gnome-1.2.13-1.el6_0.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"wireshark-gnome-1.2.13-1.el6_0.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"wireshark-gnome-1.2.13-1.el6_0.2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-debuginfo / wireshark-devel / wireshark-gnome\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:02:01", "description": "The installed version of Wireshark is 1.2.x less than 1.2.14 or 1.4.x less than 1.4.3. Such versions are affected by the following vulnerabilities :\n - An error exists in the MAC-LTE dissector that allows a series of malformed packets to cause a buffer overflow.\n (5530)\n\n - An error exists in the ENTTEC dissector that allows a series of malformed packets to cause a buffer overflow.\n (5539)\n\n - An error exists in the ASN.1 BER dissector that allows a series of malformed packets to make Wireshark exit prematurely. (5537)", "cvss3": {"score": null, "vector": null}, "published": "2011-01-12T00:00:00", "type": "nessus", "title": "Wireshark < 1.2.14 / 1.4.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4538", "CVE-2011-0444", "CVE-2011-0445"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_1_4_3.NASL", "href": "https://www.tenable.com/plugins/nessus/51458", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(51458);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/11/15 20:50:29\");\n\n script_cve_id(\"CVE-2010-4538\", \"CVE-2011-0444\", \"CVE-2011-0445\");\n script_bugtraq_id(45634, 45775);\n script_xref(name:\"Secunia\", value:\"42767\");\n\n script_name(english:\"Wireshark < 1.2.14 / 1.4.3 Multiple Vulnerabilities\");\n script_summary(english:\"Does a version check\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains an application that is affected by\nmultiple vulnerabilities.\"\n );\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Wireshark is 1.2.x less than 1.2.14 or 1.4.x\nless than 1.4.3. Such versions are affected by the following\nvulnerabilities :\n \n - An error exists in the MAC-LTE dissector that allows a\n series of malformed packets to cause a buffer overflow.\n (5530)\n\n - An error exists in the ENTTEC dissector that allows a\n series of malformed packets to cause a buffer overflow.\n (5539)\n\n - An error exists in the ASN.1 BER dissector that allows\n a series of malformed packets to make Wireshark exit\n prematurely. (5537)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.wireshark.org/security/wnpa-sec-2011-01.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2011-02.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.wireshark.org/docs/relnotes/wireshark-1.2.14.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.wireshark.org/docs/relnotes/wireshark-1.4.3.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Wireshark version 1.2.14 / 1.4.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'White_Phosphorus');\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/12/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/12\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"SMB/Wireshark/Installed\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Check each install.\ninstalls = get_kb_list(\"SMB/Wireshark/*\");\nif (isnull(installs)) exit(0, \"The 'SMB/Wireshark/*' KB items are missing.\");\n\ninfo = '';\ninfo2 = '';\n\nforeach install(keys(installs))\n{\n if (\"/Installed\" >< install) continue;\n\n version = install - \"SMB/Wireshark/\";\n\n if (\n version =~ \"^1\\.2($|\\.[0-9]|\\.1[0-3])($|[^0-9])\" || \n version =~ \"^1\\.4($|\\.[0-2])($|[^0-9])\"\n ) \n info +=\n '\\n Path : ' + installs[install] +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 1.2.14 / 1.4.3\\n';\n else\n info2 += 'Version '+ version + ', under '+ installs[install] + '. ';\n}\n\n# Report if any were found to be vulnerable\nif (info)\n{\n if (report_verbosity > 0)\n {\n if (max_index(split(info)) > 4) s = \"s of Wireshark are\";\n else s = \" of Wireshark is\";\n\n report = \n '\\n' +\n 'The following vulnerable instance' + s + ' installed :\\n' +\n '\\n' + info;\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n exit(0);\n}\nif (info2)\n exit(0, \"The following instance(s) of Wireshark are installed and are not vulnerable : \"+info2);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-10T16:12:03", "description": "The remote host is affected by the vulnerability described in GLSA-201110-02 (Wireshark: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could send specially crafted packets on a network being monitored by Wireshark, entice a user to open a malformed packet trace file using Wireshark, or deploy a specially crafted Lua script for use by Wireshark, possibly resulting in the execution of arbitrary code, or a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2011-10-10T00:00:00", "type": "nessus", "title": "GLSA-201110-02 : Wireshark: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2994", "CVE-2010-2995", "CVE-2010-3133", "CVE-2010-3445", "CVE-2010-4300", "CVE-2010-4301", "CVE-2010-4538", "CVE-2011-0024", "CVE-2011-0444", "CVE-2011-0445", "CVE-2011-0538", "CVE-2011-0713", "CVE-2011-1138", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-1141", "CVE-2011-1142", "CVE-2011-1143", "CVE-2011-1590", "CVE-2011-1591", "CVE-2011-1592", "CVE-2011-1956", "CVE-2011-1957", "CVE-2011-1958", "CVE-2011-1959", "CVE-2011-2174", "CVE-2011-2175", "CVE-2011-2597", "CVE-2011-2698", "CVE-2011-3266", "CVE-2011-3360", "CVE-2011-3482", "CVE-2011-3483"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:wireshark", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201110-02.NASL", "href": "https://www.tenable.com/plugins/nessus/56426", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201110-02.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56426);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2992\", \"CVE-2010-2993\", \"CVE-2010-2994\", \"CVE-2010-2995\", \"CVE-2010-3133\", \"CVE-2010-3445\", \"CVE-2010-4300\", \"CVE-2010-4301\", \"CVE-2010-4538\", \"CVE-2011-0024\", \"CVE-2011-0444\", \"CVE-2011-0445\", \"CVE-2011-0538\", \"CVE-2011-0713\", \"CVE-2011-1138\", \"CVE-2011-1139\", \"CVE-2011-1140\", \"CVE-2011-1141\", \"CVE-2011-1142\", \"CVE-2011-1143\", \"CVE-2011-1590\", \"CVE-2011-1591\", \"CVE-2011-1592\", \"CVE-2011-1956\", \"CVE-2011-1957\", \"CVE-2011-1958\", \"CVE-2011-1959\", \"CVE-2011-2174\", \"CVE-2011-2175\", \"CVE-2011-2597\", \"CVE-2011-2698\", \"CVE-2011-3266\", \"CVE-2011-3360\", \"CVE-2011-3482\", \"CVE-2011-3483\");\n script_xref(name:\"GLSA\", value:\"201110-02\");\n\n script_name(english:\"GLSA-201110-02 : Wireshark: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201110-02\n(Wireshark: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Wireshark. Please\n review the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could send specially crafted packets on a network\n being monitored by Wireshark, entice a user to open a malformed packet\n trace file using Wireshark, or deploy a specially crafted Lua script for\n use by Wireshark, possibly resulting in the execution of arbitrary code,\n or a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201110-02\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Wireshark users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/wireshark-1.4.9'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Wireshark console.lua Pre-Loading Script Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'White_Phosphorus');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-analyzer/wireshark\", unaffected:make_list(\"ge 1.4.9\"), vulnerable:make_list(\"lt 1.4.9\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Wireshark\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "osv": [{"lastseen": "2022-08-10T07:08:51", "description": "\nSeveral remote vulnerabilities have been discovered in the Wireshark\nnetwork traffic analyzer. It was discovered that null pointer\ndereferences, buffer overflows and infinite loops in the SMB, SMB\nPIPE, ASN1.1 and SigComp dissectors could lead to denial of service\nor the execution of arbitrary code.\n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.0.2-3+lenny9.\n\n\nFor the upcoming stable distribution (squeeze) and the unstable \ndistribution (sid), these problems have been fixed in version \n1.2.9-1.\n\n\nWe recommend that you upgrade your wireshark packages.\n\n\n", "cvss3": {}, "published": "2010-07-01T00:00:00", "type": "osv", "title": "wireshark - several vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287"], "modified": "2022-08-10T07:08:37", "id": "OSV:DSA-2066-1", "href": "https://osv.dev/vulnerability/DSA-2066-1", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T07:06:27", "description": "\nIt was discovered that a buffer overflow in the ENTTEC dissector may \nlead to the execution of arbitrary code.\n\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.0.2-3+lenny12.\n\n\nFor the testing distribution (squeeze), this problem has been fixed in\nversion 1.2.11-6.\n\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.2.11-6.\n\n\nWe recommend that you upgrade your wireshark packages.\n\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: [https://www.debian.org/security/]($(HOME)/security/)\n\n\n", "cvss3": {}, "published": "2011-01-15T00:00:00", "type": "osv", "title": "wireshark - buffer overflow", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4538"], "modified": "2022-08-10T07:06:21", "id": "OSV:DSA-2144-1", "href": "https://osv.dev/vulnerability/DSA-2144-1", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2022-02-27T11:58:08", "description": "**CentOS Errata and Security Advisory** CESA-2010:0625\n\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in the Wireshark SigComp\nUniversal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read\na malformed packet off a network or opened a malicious dump file, it could\ncrash or, possibly, execute arbitrary code as the user running Wireshark.\n(CVE-2010-2287, CVE-2010-2995)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284,\nCVE-2010-2286)\n\nUsers of Wireshark should upgrade to these updated packages, which contain\nWireshark version 1.0.15, and resolve these issues. All running instances\nof Wireshark must be restarted for the update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2010-August/053851.html\nhttps://lists.centos.org/pipermail/centos-announce/2010-August/053852.html\nhttps://lists.centos.org/pipermail/centos-announce/2010-August/053875.html\nhttps://lists.centos.org/pipermail/centos-announce/2010-August/053876.html\n\n**Affected packages:**\nwireshark\nwireshark-gnome\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2010:0625", "cvss3": {}, "published": "2010-08-23T15:13:08", "type": "centos", "title": "wireshark security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2995"], "modified": "2010-08-27T15:14:48", "id": "CESA-2010:0625", "href": "https://lists.centos.org/pipermail/centos-announce/2010-August/053851.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-27T11:57:27", "description": "**CentOS Errata and Security Advisory** CESA-2011:0013\n\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nAn array index error, leading to a stack-based buffer overflow, was found\nin the Wireshark ENTTEC dissector. If Wireshark read a malformed packet off\na network or opened a malicious dump file, it could crash or, possibly,\nexecute arbitrary code as the user running Wireshark. (CVE-2010-4538)\n\nUsers of Wireshark should upgrade to these updated packages, which contain\na backported patch to correct this issue. All running instances of\nWireshark must be restarted for the update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2011-January/054160.html\nhttps://lists.centos.org/pipermail/centos-announce/2011-January/054161.html\n\n**Affected packages:**\nwireshark\nwireshark-gnome\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2011:0013", "cvss3": {}, "published": "2011-01-27T09:21:19", "type": "centos", "title": "wireshark security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4538"], "modified": "2011-01-27T09:21:50", "id": "CESA-2011:0013", "href": "https://lists.centos.org/pipermail/centos-announce/2011-January/054160.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:37:33", "description": "[1.0.15-1.0.1.el5_5.1]\n- Add oracle-ocfs2-network.patch\n[1.0.15-1]\n- upgrade to 1.0.15\n- http://www.wireshark.org/docs/relnotes/wireshark-1.0.15.html\n- fixes CVE-2010-2287 CVE-2010-2284\n- Related: #612239\n[1.0.14-1.2]\n- fix corner case in CVE-2010-2284\n- Related: #612239\n[1.0.14-1]\n- upgrade to 1.0.14\n- http://www.wireshark.org/docs/relnotes/wireshark-1.0.14.html\n- fixes CVE-2010-1455 CVE-2010-2283 CVE-2010-2284 CVE-2010-2286 CVE-2010-2287\n- Resolves: #612239 ", "cvss3": {}, "published": "2010-08-11T00:00:00", "type": "oraclelinux", "title": "wireshark security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286"], "modified": "2010-08-11T00:00:00", "id": "ELSA-2010-0625", "href": "http://linux.oracle.com/errata/ELSA-2010-0625.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:02", "description": "[1.2.13-1.0.1.el6_0.2]\r\n- Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect\r\n packets bug#11486\r\n \n[1.2.13-1.1]\r\n- fix buffer overflow in ENTTEC dissector\r\n- Resolves: #667337\r\n \n[1.2.13-1]\r\n- upgrade to 1.2.13\r\n- see http://www.wireshark.org/docs/relnotes/wireshark-1.2.11.html\r\n- see http://www.wireshark.org/docs/relnotes/wireshark-1.2.12.html\r\n- see http://www.wireshark.org/docs/relnotes/wireshark-1.2.13.html\r\n- Resolves: #657534 (CVE-2010-4300 CVE-2010-3445)", "cvss3": {}, "published": "2011-01-10T00:00:00", "type": "oraclelinux", "title": "wireshark security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2010-4300", "CVE-2010-3445", "CVE-2010-4538"], "modified": "2011-01-10T00:00:00", "id": "ELSA-2011-0013", "href": "http://linux.oracle.com/errata/ELSA-2011-0013.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2021-10-21T04:43:48", "description": "Wireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in the Wireshark SigComp\nUniversal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read\na malformed packet off a network or opened a malicious dump file, it could\ncrash or, possibly, execute arbitrary code as the user running Wireshark.\n(CVE-2010-2287, CVE-2010-2995)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284,\nCVE-2010-2286)\n\nUsers of Wireshark should upgrade to these updated packages, which contain\nWireshark version 1.0.15, and resolve these issues. All running instances\nof Wireshark must be restarted for the update to take effect.\n", "cvss3": {}, "published": "2010-08-11T00:00:00", "type": "redhat", "title": "(RHSA-2010:0625) Moderate: wireshark security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2995"], "modified": "2018-05-26T00:26:17", "id": "RHSA-2010:0625", "href": "https://access.redhat.com/errata/RHSA-2010:0625", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-19T18:37:16", "description": "Wireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nAn array index error, leading to a stack-based buffer overflow, was found\nin the Wireshark ENTTEC dissector. If Wireshark read a malformed packet off\na network or opened a malicious dump file, it could crash or, possibly,\nexecute arbitrary code as the user running Wireshark. (CVE-2010-4538)\n\nUsers of Wireshark should upgrade to these updated packages, which contain\na backported patch to correct this issue. All running instances of\nWireshark must be restarted for the update to take effect.\n", "cvss3": {}, "published": "2011-01-10T00:00:00", "type": "redhat", "title": "(RHSA-2011:0013) Moderate: wireshark security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4538"], "modified": "2018-06-06T16:24:32", "id": "RHSA-2011:0013", "href": "https://access.redhat.com/errata/RHSA-2011:0013", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2021-06-08T19:16:54", "description": "Multiple DoS conditions, buffer overflow.", "edition": 2, "cvss3": {}, "published": "2010-09-14T00:00:00", "title": "Wireshark sniffer multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2010-2285", "CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286", "CVE-2010-2994"], "modified": "2010-09-14T00:00:00", "id": "SECURITYVULNS:VULN:10928", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10928", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:38", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2011:002\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : wireshark\r\n Date : January 9, 2011\r\n Affected: 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A vulnerability has been found and corrected in wireshark:\r\n \r\n Buffer overflow in epan/dissectors/packet-enttec.c in Wireshark 1.4.2\r\n allows remote attackers to cause a denial of service (application\r\n crash) or possibly execute arbitrary code via a crafted ENTTEC DMX\r\n packet with Run Length Encoding (RLE) compression (CVE-2010-4538).\r\n \r\n The updated packages have been patched to correct this issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4538\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2010.0:\r\n bc733c08820aaeb869510853a936e81d 2010.0/i586/dumpcap-1.2.13-0.2mdv2010.0.i586.rpm\r\n 543b842a25a76844958dc6b5822ab9b3 2010.0/i586/libwireshark0-1.2.13-0.2mdv2010.0.i586.rpm\r\n 25e6ff6cb7d93ca52944ab784fe51adb 2010.0/i586/libwireshark-devel-1.2.13-0.2mdv2010.0.i586.rpm\r\n e8c5adc49461e7b476dcd15aa44279d2 2010.0/i586/rawshark-1.2.13-0.2mdv2010.0.i586.rpm\r\n 7902aa25976038ed531c9bcf1086d80e 2010.0/i586/tshark-1.2.13-0.2mdv2010.0.i586.rpm\r\n 6bddcddb514176b40bba076e3a87ecc5 2010.0/i586/wireshark-1.2.13-0.2mdv2010.0.i586.rpm\r\n f1da516d547368c4eb67267fcad9f13c 2010.0/i586/wireshark-tools-1.2.13-0.2mdv2010.0.i586.rpm \r\n d48996cd65bf829feac3b1be9437b9b2 2010.0/SRPMS/wireshark-1.2.13-0.2mdv2010.0.src.rpm\r\n\r\n Mandriva Linux 2010.0/X86_64:\r\n fd74949f67e63a6541aab106f1da36a2 2010.0/x86_64/dumpcap-1.2.13-0.2mdv2010.0.x86_64.rpm\r\n d2c293bfb7a7e684421d223a93fd0a2a 2010.0/x86_64/lib64wireshark0-1.2.13-0.2mdv2010.0.x86_64.rpm\r\n fed557a7f9e380a34aa27e2c3866107e 2010.0/x86_64/lib64wireshark-devel-1.2.13-0.2mdv2010.0.x86_64.rpm\r\n f4e013762264086f2977d80a029e622c 2010.0/x86_64/rawshark-1.2.13-0.2mdv2010.0.x86_64.rpm\r\n 574d2ae0ea7cc03acb1ef6fdf128a9c8 2010.0/x86_64/tshark-1.2.13-0.2mdv2010.0.x86_64.rpm\r\n 0094e85af23bca41f9197883a3749c11 2010.0/x86_64/wireshark-1.2.13-0.2mdv2010.0.x86_64.rpm\r\n fdb2ce454bca05a9c011a4a346c7990e 2010.0/x86_64/wireshark-tools-1.2.13-0.2mdv2010.0.x86_64.rpm \r\n d48996cd65bf829feac3b1be9437b9b2 2010.0/SRPMS/wireshark-1.2.13-0.2mdv2010.0.src.rpm\r\n\r\n Mandriva Linux 2010.1:\r\n 4f783c8013eb197511fa44656892c360 2010.1/i586/dumpcap-1.2.13-0.2mdv2010.2.i586.rpm\r\n b595251355981467e57eaac04705e10f 2010.1/i586/libwireshark0-1.2.13-0.2mdv2010.2.i586.rpm\r\n 0c126e731081d74be5da085039335b41 2010.1/i586/libwireshark-devel-1.2.13-0.2mdv2010.2.i586.rpm\r\n 45d3877083d9ba4a8a31a46502b19a11 2010.1/i586/rawshark-1.2.13-0.2mdv2010.2.i586.rpm\r\n 9af903c5c52f6ee2e5a7b49f46d38d36 2010.1/i586/tshark-1.2.13-0.2mdv2010.2.i586.rpm\r\n 0af932c596158318e76356a8a64a60f5 2010.1/i586/wireshark-1.2.13-0.2mdv2010.2.i586.rpm\r\n 20e3fa7c0053d16d4dded7175072aff7 2010.1/i586/wireshark-tools-1.2.13-0.2mdv2010.2.i586.rpm \r\n fa7daaebdc834c6533b629869089360e 2010.1/SRPMS/wireshark-1.2.13-0.2mdv2010.2.src.rpm\r\n\r\n Mandriva Linux 2010.1/X86_64:\r\n 9a4befad02a67bbc57600ec789449b93 2010.1/x86_64/dumpcap-1.2.13-0.2mdv2010.2.x86_64.rpm\r\n 66b07a62a38dceba28c5f88be7d76a4f 2010.1/x86_64/lib64wireshark0-1.2.13-0.2mdv2010.2.x86_64.rpm\r\n 33b1458860858b102f92ae7a9645b71b 2010.1/x86_64/lib64wireshark-devel-1.2.13-0.2mdv2010.2.x86_64.rpm\r\n 7dc782b29b48eb4954454faa51b304b8 2010.1/x86_64/rawshark-1.2.13-0.2mdv2010.2.x86_64.rpm\r\n 80b0ba9340e85b7c6cd3ffb44235fc2a 2010.1/x86_64/tshark-1.2.13-0.2mdv2010.2.x86_64.rpm\r\n b79ac38efc78fff5b4b216b0082cb024 2010.1/x86_64/wireshark-1.2.13-0.2mdv2010.2.x86_64.rpm\r\n fa577a69f960dc1adee521b5b0d2edc6 2010.1/x86_64/wireshark-tools-1.2.13-0.2mdv2010.2.x86_64.rpm \r\n fa7daaebdc834c6533b629869089360e 2010.1/SRPMS/wireshark-1.2.13-0.2mdv2010.2.src.rpm\r\n\r\n Corporate 4.0:\r\n cf1b0c56540fc63be852b7b9e81b8248 corporate/4.0/i586/dumpcap-1.0.15-0.3.20060mlcs4.i586.rpm\r\n b37f8b1d82a325de0eee152f575d91e5 corporate/4.0/i586/libwireshark0-1.0.15-0.3.20060mlcs4.i586.rpm\r\n 04c10931d30614fd79b8b729d6eddf8a corporate/4.0/i586/libwireshark-devel-1.0.15-0.3.20060mlcs4.i586.rpm\r\n eb947b7787649e06fece4ddd2ce46f46 corporate/4.0/i586/rawshark-1.0.15-0.3.20060mlcs4.i586.rpm\r\n 2ae0cda63c643b39a94bb39d24c4eae9 corporate/4.0/i586/tshark-1.0.15-0.3.20060mlcs4.i586.rpm\r\n e5f6df03fd7b73a10c247fd7d4a2469d corporate/4.0/i586/wireshark-1.0.15-0.3.20060mlcs4.i586.rpm\r\n 9bbeab7bf3131c4a92773967dfe2f79d corporate/4.0/i586/wireshark-tools-1.0.15-0.3.20060mlcs4.i586.rpm \r\n ab6808d1bd5805c5827203eeb1f59cb7 corporate/4.0/SRPMS/wireshark-1.0.15-0.3.20060mlcs4.src.rpm\r\n\r\n Corporate 4.0/X86_64:\r\n 7026144a75428a773a1a5ba5ee8c9c77 corporate/4.0/x86_64/dumpcap-1.0.15-0.3.20060mlcs4.x86_64.rpm\r\n b9bff7450139f13d4edfd7abec34a5d5 corporate/4.0/x86_64/lib64wireshark0-1.0.15-0.3.20060mlcs4.x86_64.rpm\r\n 81637e330c64e3278cc3b3b08e98c51f corporate/4.0/x86_64/lib64wireshark-devel-1.0.15-0.3.20060mlcs4.x86_64.rpm\r\n c49228f3107c7b1754ce67e3183bce6e corporate/4.0/x86_64/rawshark-1.0.15-0.3.20060mlcs4.x86_64.rpm\r\n 417fdae547f7dc97f219c29e47668690 corporate/4.0/x86_64/tshark-1.0.15-0.3.20060mlcs4.x86_64.rpm\r\n e6894c9c8eb0efd2716ce1b3bf819cd5 corporate/4.0/x86_64/wireshark-1.0.15-0.3.20060mlcs4.x86_64.rpm\r\n 2211a4bafe98474c3e9b4cc5aa3723fa corporate/4.0/x86_64/wireshark-tools-1.0.15-0.3.20060mlcs4.x86_64.rpm \r\n ab6808d1bd5805c5827203eeb1f59cb7 corporate/4.0/SRPMS/wireshark-1.0.15-0.3.20060mlcs4.src.rpm\r\n\r\n Mandriva Enterprise Server 5:\r\n 04a3d0056a82dbf60e2747fe92647362 mes5/i586/dumpcap-1.0.15-0.3mdvmes5.1.i586.rpm\r\n 73cfae8f517c3b1052b7c29805fbfca2 mes5/i586/libwireshark0-1.0.15-0.3mdvmes5.1.i586.rpm\r\n 7eb488244e7fb087381a19c23cbc805a mes5/i586/libwireshark-devel-1.0.15-0.3mdvmes5.1.i586.rpm\r\n 4e0dd1386498c875554478cd28055d67 mes5/i586/rawshark-1.0.15-0.3mdvmes5.1.i586.rpm\r\n 3aa9c6a7cafaebc2fc82a9bfdacb1d77 mes5/i586/tshark-1.0.15-0.3mdvmes5.1.i586.rpm\r\n 4af09e5e080a803568c8ebecce9625e4 mes5/i586/wireshark-1.0.15-0.3mdvmes5.1.i586.rpm\r\n 8a48d8b50db85c6f1d7ac70b0c9735b0 mes5/i586/wireshark-tools-1.0.15-0.3mdvmes5.1.i586.rpm \r\n 27c89a4787c3d44cdf33411baf316a2d mes5/SRPMS/wireshark-1.0.15-0.3mdvmes5.1.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n e49bb9b67a68687f09b632950a9b5622 mes5/x86_64/dumpcap-1.0.15-0.3mdvmes5.1.x86_64.rpm\r\n f1050a9a9bd95b3f751aedaf78e613f4 mes5/x86_64/lib64wireshark0-1.0.15-0.3mdvmes5.1.x86_64.rpm\r\n f98e3ba015b1268296d86442939b0539 mes5/x86_64/lib64wireshark-devel-1.0.15-0.3mdvmes5.1.x86_64.rpm\r\n 3a48f9623b86a873be763fe2fe17bf4c mes5/x86_64/rawshark-1.0.15-0.3mdvmes5.1.x86_64.rpm\r\n 62173e976799c3d64673e1225f966fae mes5/x86_64/tshark-1.0.15-0.3mdvmes5.1.x86_64.rpm\r\n 4a4d588321dc793d02e28f04b2585bc6 mes5/x86_64/wireshark-1.0.15-0.3mdvmes5.1.x86_64.rpm\r\n 030dbec9dbecc8223e046c588c29b65c mes5/x86_64/wireshark-tools-1.0.15-0.3mdvmes5.1.x86_64.rpm \r\n 27c89a4787c3d44cdf33411baf316a2d mes5/SRPMS/wireshark-1.0.15-0.3mdvmes5.1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niD8DBQFNKa8/mqjQ0CJFipgRAriMAJ94nGyssh4RG2rrRU8L+gjEeBwKtQCg6F/L\r\n8pq9ULLdvxbSY9FvCRdaJos=\r\n=fLsc\r\n-----END PGP SIGNATURE-----", "edition": 1, "cvss3": {}, "published": "2011-01-11T00:00:00", "title": "[ MDVSA-2011:002 ] wireshark", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2010-4538"], "modified": "2011-01-11T00:00:00", "id": "SECURITYVULNS:DOC:25486", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25486", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:16:55", "description": "Buffer overflow on ENTTEC DMX RLE decompression and MAC-LTE parsing.", "edition": 2, "cvss3": {}, "published": "2011-01-20T00:00:00", "title": "Wireshark buffer overflow", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2011-0444", "CVE-2010-4538"], "modified": "2011-01-20T00:00:00", "id": "SECURITYVULNS:VULN:11346", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11346", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2022-03-23T12:09:48", "description": "The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors.", "cvss3": {}, "published": "2010-06-15T14:04:00", "type": "cve", "title": "CVE-2010-2283", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2283"], "modified": "2017-09-19T01:31:00", "cpe": ["cpe:/a:wireshark:wireshark:0.99.8", "cpe:/a:wireshark:wireshark:1.0.9", "cpe:/a:wireshark:wireshark:1.2.6", "cpe:/a:wireshark:wireshark:1.0.6", "cpe:/a:wireshark:wireshark:1.0.2", "cpe:/a:wireshark:wireshark:1.0.0", "cpe:/a:wireshark:wireshark:0.99.7", "cpe:/a:wireshark:wireshark:1.0.13", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:wireshark:wireshark:1.2.4", "cpe:/a:wireshark:wireshark:1.2.0", "cpe:/a:wireshark:wireshark:1.0.11", "cpe:/a:wireshark:wireshark:1.2.5", "cpe:/a:wireshark:wireshark:1.0.7", "cpe:/a:wireshark:wireshark:1.2.1", "cpe:/a:wireshark:wireshark:1.0.3", "cpe:/a:wireshark:wireshark:1.2.2", "cpe:/a:wireshark:wireshark:1.2.8", "cpe:/a:wireshark:wireshark:1.0.1", "cpe:/a:wireshark:wireshark:1.0.12", "cpe:/a:wireshark:wireshark:1.0.10", "cpe:/a:wireshark:wireshark:1.0.8", "cpe:/a:wireshark:wireshark:1.0.4", "cpe:/a:wireshark:wireshark:1.2.3", "cpe:/a:wireshark:wireshark:1.0.5", "cpe:/a:wireshark:wireshark:1.2.7"], "id": "CVE-2010-2283", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2283", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:09:52", "description": "The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.", "cvss3": {}, "published": "2010-06-15T14:04:00", "type": "cve", "title": "CVE-2010-2286", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2286"], "modified": "2017-09-19T01:31:00", "cpe": ["cpe:/a:wireshark:wireshark:0.99.2", "cpe:/a:wireshark:wireshark:0.99.4", "cpe:/a:wireshark:wireshark:0.10.13", "cpe:/a:wireshark:wireshark:0.99.8", "cpe:/a:wireshark:wireshark:1.0.9", "cpe:/a:wireshark:wireshark:1.2.6", "cpe:/a:wireshark:wireshark:1.0.6", "cpe:/a:wireshark:wireshark:0.10.9", "cpe:/a:wireshark:wireshark:0.99.5", "cpe:/a:wireshark:wireshark:1.0.2", "cpe:/a:wireshark:wireshark:0.8.20", "cpe:/a:wireshark:wireshark:1.0.0", "cpe:/a:wireshark:wireshark:0.99.7", "cpe:/a:wireshark:wireshark:1.0.13", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:wireshark:wireshark:0.99.3", "cpe:/a:wireshark:wireshark:1.2.4", "cpe:/a:wireshark:wireshark:1.2.0", "cpe:/a:wireshark:wireshark:1.0.11", "cpe:/a:wireshark:wireshark:0.99.1", "cpe:/a:wireshark:wireshark:1.2.5", "cpe:/a:wireshark:wireshark:1.0.7", "cpe:/a:wireshark:wireshark:1.2.1", "cpe:/a:wireshark:wireshark:1.0.3", "cpe:/a:wireshark:wireshark:1.2.2", "cpe:/a:wireshark:wireshark:0.10.8", "cpe:/a:wireshark:wireshark:1.2.8", "cpe:/a:wireshark:wireshark:0.10.14", "cpe:/a:wireshark:wireshark:1.0.12", "cpe:/a:wireshark:wireshark:1.0.1", "cpe:/a:wireshark:wireshark:0.10.12", "cpe:/a:wireshark:wireshark:0.10.11", "cpe:/a:wireshark:wireshark:0.10.10", "cpe:/a:wireshark:wireshark:1.0.10", "cpe:/a:wireshark:wireshark:1.0.8", "cpe:/a:wireshark:wireshark:0.10.7", "cpe:/a:wireshark:wireshark:1.0.4", "cpe:/a:wireshark:wireshark:1.2.3", "cpe:/a:wireshark:wireshark:1.0.5", "cpe:/a:wireshark:wireshark:0.99.0", "cpe:/a:wireshark:wireshark:1.2.7"], "id": "CVE-2010-2286", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2286", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.8.20:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.14:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.11:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.13:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.10:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.12:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:09:49", "description": "Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors.", "cvss3": {}, "published": "2010-06-15T14:04:00", "type": "cve", "title": "CVE-2010-2284", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2284"], "modified": "2017-09-19T01:31:00", "cpe": ["cpe:/a:wireshark:wireshark:0.99.2", "cpe:/a:wireshark:wireshark:0.99.4", "cpe:/a:wireshark:wireshark:0.10.13", "cpe:/a:wireshark:wireshark:0.99.8", "cpe:/a:wireshark:wireshark:1.0.9", "cpe:/a:wireshark:wireshark:1.2.6", "cpe:/a:wireshark:wireshark:1.0.6", "cpe:/a:wireshark:wireshark:0.99.5", "cpe:/a:wireshark:wireshark:1.0.2", "cpe:/a:wireshark:wireshark:1.0.0", "cpe:/a:wireshark:wireshark:0.99.7", "cpe:/a:wireshark:wireshark:1.0.13", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:wireshark:wireshark:0.99.3", "cpe:/a:wireshark:wireshark:1.2.4", "cpe:/a:wireshark:wireshark:1.2.0", "cpe:/a:wireshark:wireshark:1.0.11", "cpe:/a:wireshark:wireshark:0.99.1", "cpe:/a:wireshark:wireshark:1.2.5", "cpe:/a:wireshark:wireshark:1.0.7", "cpe:/a:wireshark:wireshark:1.2.1", "cpe:/a:wireshark:wireshark:1.0.3", "cpe:/a:wireshark:wireshark:1.2.2", "cpe:/a:wireshark:wireshark:1.2.8", "cpe:/a:wireshark:wireshark:0.10.14", "cpe:/a:wireshark:wireshark:1.0.1", "cpe:/a:wireshark:wireshark:1.0.12", "cpe:/a:wireshark:wireshark:1.0.10", "cpe:/a:wireshark:wireshark:1.0.8", "cpe:/a:wireshark:wireshark:1.0.4", "cpe:/a:wireshark:wireshark:1.2.3", "cpe:/a:wireshark:wireshark:1.0.5", "cpe:/a:wireshark:wireshark:0.99.0", "cpe:/a:wireshark:wireshark:1.2.7"], "id": "CVE-2010-2284", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2284", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.14:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.13:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:09:51", "description": "Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors.", "cvss3": {}, "published": "2010-06-15T14:04:00", "type": "cve", "title": "CVE-2010-2287", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2287"], "modified": "2017-09-19T01:31:00", "cpe": ["cpe:/a:wireshark:wireshark:0.99.2", "cpe:/a:wireshark:wireshark:0.99.4", "cpe:/a:wireshark:wireshark:0.10.13", "cpe:/a:wireshark:wireshark:0.99.8", "cpe:/a:wireshark:wireshark:1.0.9", "cpe:/a:wireshark:wireshark:1.2.6", "cpe:/a:wireshark:wireshark:1.0.6", "cpe:/a:wireshark:wireshark:0.10.9", "cpe:/a:wireshark:wireshark:0.99.5", "cpe:/a:wireshark:wireshark:1.0.2", "cpe:/a:wireshark:wireshark:1.0.0", "cpe:/a:wireshark:wireshark:1.0.13", "cpe:/a:wireshark:wireshark:0.99.7", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:wireshark:wireshark:0.99.3", "cpe:/a:wireshark:wireshark:1.2.4", "cpe:/a:wireshark:wireshark:1.2.0", "cpe:/a:wireshark:wireshark:1.0.11", "cpe:/a:wireshark:wireshark:0.99.1", "cpe:/a:wireshark:wireshark:1.2.5", "cpe:/a:wireshark:wireshark:1.0.7", "cpe:/a:wireshark:wireshark:1.2.1", "cpe:/a:wireshark:wireshark:1.0.3", "cpe:/a:wireshark:wireshark:1.2.2", "cpe:/a:wireshark:wireshark:0.10.8", "cpe:/a:wireshark:wireshark:1.2.8", "cpe:/a:wireshark:wireshark:0.10.14", "cpe:/a:wireshark:wireshark:1.0.1", "cpe:/a:wireshark:wireshark:1.0.12", "cpe:/a:wireshark:wireshark:0.10.12", "cpe:/a:wireshark:wireshark:0.10.11", "cpe:/a:wireshark:wireshark:0.10.10", "cpe:/a:wireshark:wireshark:1.0.10", "cpe:/a:wireshark:wireshark:1.0.8", "cpe:/a:wireshark:wireshark:1.0.4", "cpe:/a:wireshark:wireshark:1.2.3", "cpe:/a:wireshark:wireshark:1.0.5", "cpe:/a:wireshark:wireshark:0.99.0", "cpe:/a:wireshark:wireshark:1.2.7"], "id": "CVE-2010-2287", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2287", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.14:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.11:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.13:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.10:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.12:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:50:44", "description": "Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding (RLE) compression.", "cvss3": {}, "published": "2011-01-07T19:00:00", "type": "cve", "title": "CVE-2010-4538", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4538"], "modified": "2017-09-19T01:31:00", "cpe": ["cpe:/a:wireshark:wireshark:1.4.2"], "id": "CVE-2010-4538", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4538", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.4.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:22:42", "description": "Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression.", "cvss3": {}, "published": "2010-08-13T18:43:00", "type": "cve", "title": "CVE-2010-2994", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2284", "CVE-2010-2994"], "modified": "2017-09-19T01:31:00", "cpe": ["cpe:/a:wireshark:wireshark:0.10.13", "cpe:/a:wireshark:wireshark:1.2.6", "cpe:/a:wireshark:wireshark:1.0.9", "cpe:/a:wireshark:wireshark:1.0.6", "cpe:/a:wireshark:wireshark:1.0.2", "cpe:/a:wireshark:wireshark:1.0.0", "cpe:/a:wireshark:wireshark:1.2.9", "cpe:/a:wireshark:wireshark:1.0.13", "cpe:/a:wireshark:wireshark:1.2.4", "cpe:/a:wireshark:wireshark:1.2.0", "cpe:/a:wireshark:wireshark:1.0.11", "cpe:/a:wireshark:wireshark:1.2", "cpe:/a:wireshark:wireshark:1.2.5", "cpe:/a:wireshark:wireshark:1.0.7", "cpe:/a:wireshark:wireshark:1.2.1", "cpe:/a:wireshark:wireshark:1.0.3", "cpe:/a:wireshark:wireshark:1.2.2", "cpe:/a:wireshark:wireshark:1.2.8", "cpe:/a:wireshark:wireshark:0.10.14", "cpe:/a:wireshark:wireshark:1.0.1", "cpe:/a:wireshark:wireshark:1.0.12", "cpe:/a:wireshark:wireshark:1.0", "cpe:/a:wireshark:wireshark:1.0.10", "cpe:/a:wireshark:wireshark:1.0.8", "cpe:/a:wireshark:wireshark:1.0.4", "cpe:/a:wireshark:wireshark:1.2.3", "cpe:/a:wireshark:wireshark:1.0.5", "cpe:/a:wireshark:wireshark:1.2.7"], "id": "CVE-2010-2994", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2994", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.14:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.13:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:22:43", "description": "The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer overflow, different vulnerabilities than CVE-2010-2287.", "cvss3": {}, "published": "2010-08-13T18:43:00", "type": "cve", "title": "CVE-2010-2995", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2287", "CVE-2010-2995"], "modified": "2017-09-19T01:31:00", "cpe": ["cpe:/a:wireshark:wireshark:0.10.13", "cpe:/a:wireshark:wireshark:1.2.6", "cpe:/a:wireshark:wireshark:1.0.9", "cpe:/a:wireshark:wireshark:1.0.14", "cpe:/a:wireshark:wireshark:1.0.6", "cpe:/a:wireshark:wireshark:0.10.9", "cpe:/a:wireshark:wireshark:1.0.2", "cpe:/a:wireshark:wireshark:1.0.0", "cpe:/a:wireshark:wireshark:1.2.9", "cpe:/a:wireshark:wireshark:1.0.13", "cpe:/a:wireshark:wireshark:1.2.4", "cpe:/a:wireshark:wireshark:1.2.0", "cpe:/a:wireshark:wireshark:1.0.11", "cpe:/a:wireshark:wireshark:1.2", "cpe:/a:wireshark:wireshark:1.2.5", "cpe:/a:wireshark:wireshark:1.0.7", "cpe:/a:wireshark:wireshark:1.2.1", "cpe:/a:wireshark:wireshark:1.0.3", "cpe:/a:wireshark:wireshark:1.2.2", "cpe:/a:wireshark:wireshark:0.10.8", "cpe:/a:wireshark:wireshark:1.2.8", "cpe:/a:wireshark:wireshark:0.10.14", "cpe:/a:wireshark:wireshark:1.0.12", "cpe:/a:wireshark:wireshark:1.0.1", "cpe:/a:wireshark:wireshark:0.10.12", "cpe:/a:wireshark:wireshark:0.10.11", "cpe:/a:wireshark:wireshark:0.10.10", "cpe:/a:wireshark:wireshark:1.0.10", "cpe:/a:wireshark:wireshark:1.0.8", "cpe:/a:wireshark:wireshark:1.0.4", "cpe:/a:wireshark:wireshark:1.2.3", "cpe:/a:wireshark:wireshark:1.0.5", "cpe:/a:wireshark:wireshark:1.2.7"], "id": "CVE-2010-2995", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2995", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.14:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.11:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.13:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.10:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.12:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.2.2:*:*:*:*:*:*:*"]}], "veracode": [{"lastseen": "2022-07-27T10:57:08", "description": "wireshark is vulnerable to denial of service (DoS). The vulnerability exists as several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file.\n", "cvss3": {}, "published": "2020-04-10T00:49:54", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2283"], "modified": "2022-04-19T18:25:00", "id": "VERACODE:24234", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-24234/summary", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-27T10:57:09", "description": "wireshark is vulnerable to denial of service. The vulnerability exists as wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file.\n", "cvss3": {}, "published": "2020-04-10T00:49:54", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2286"], "modified": "2022-04-19T18:17:58", "id": "VERACODE:24236", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-24236/summary", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-27T10:06:32", "description": "wireshark is vulnerable to denial of service (DoS). The vulnerability exists as wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file.\n", "cvss3": {}, "published": "2020-04-10T00:49:54", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2284"], "modified": "2022-04-19T18:24:58", "id": "VERACODE:24235", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-24235/summary", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-27T10:06:32", "description": "wireshark is vulnerable to arbitrary code execution. The vulnerability exists as multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark.\n", "cvss3": {}, "published": "2020-04-10T00:49:55", "type": "veracode", "title": "Arbitrary Code Execution", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2287"], "modified": "2022-04-19T18:25:02", "id": "VERACODE:24237", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-24237/summary", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-27T10:05:49", "description": "wireshark is vulnerable to arbitrary code execution. An array index error, leading to a stack-based buffer overflow, was found in the Wireshark ENTTEC dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark.\n", "cvss3": {}, "published": "2020-04-10T00:55:21", "type": "veracode", "title": "Arbitrary Code Execution", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4538"], "modified": "2022-04-19T18:25:48", "id": "VERACODE:24479", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-24479/summary", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "ubuntucve": [{"lastseen": "2022-08-04T14:36:52", "description": "The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through\n1.2.8 allows remote attackers to cause a denial of service (NULL pointer\ndereference) via unknown vectors.", "cvss3": {}, "published": "2010-06-15T00:00:00", "type": "ubuntucve", "title": "CVE-2010-2283", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2283"], "modified": "2010-06-15T00:00:00", "id": "UB:CVE-2010-2283", "href": "https://ubuntu.com/security/CVE-2010-2283", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:36:52", "description": "The SigComp Universal Decompressor Virtual Machine dissector in Wireshark\n0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to\ncause a denial of service (infinite loop) via unknown vectors.", "cvss3": {}, "published": "2010-06-15T00:00:00", "type": "ubuntucve", "title": "CVE-2010-2286", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2286"], "modified": "2010-06-15T00:00:00", "id": "UB:CVE-2010-2286", "href": "https://ubuntu.com/security/CVE-2010-2286", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:36:52", "description": "Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through\n1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack\nvectors.", "cvss3": {}, "published": "2010-06-15T00:00:00", "type": "ubuntucve", "title": "CVE-2010-2284", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2284"], "modified": "2010-06-15T00:00:00", "id": "UB:CVE-2010-2284", "href": "https://ubuntu.com/security/CVE-2010-2284", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-04T14:36:52", "description": "Buffer overflow in the SigComp Universal Decompressor Virtual Machine\ndissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has\nunknown impact and remote attack vectors.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+source/wireshark/+bug/730419>\n * <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4826>\n", "cvss3": {}, "published": "2010-06-15T00:00:00", "type": "ubuntucve", "title": "CVE-2010-2287", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2287"], "modified": "2010-06-15T00:00:00", "id": "UB:CVE-2010-2287", "href": "https://ubuntu.com/security/CVE-2010-2287", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-04T14:34:58", "description": "Buffer overflow in the sect_enttec_dmx_da function in\nepan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers\nto cause a denial of service (application crash) or possibly execute\narbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding\n(RLE) compression.\n\n#### Bugs\n\n * <https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5539>\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608990>\n * <https://bugs.launchpad.net/ubuntu/+source/wireshark/+bug/730417>\n", "cvss3": {}, "published": "2011-01-07T00:00:00", "type": "ubuntucve", "title": "CVE-2010-4538", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4538"], "modified": "2011-01-07T00:00:00", "id": "UB:CVE-2010-4538", "href": "https://ubuntu.com/security/CVE-2010-4538", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-04T14:36:22", "description": "Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13\nthrough 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack\nvectors. NOTE: this issue exists because of a CVE-2010-2284 regression.", "cvss3": {}, "published": "2010-08-13T00:00:00", "type": "ubuntucve", "title": "CVE-2010-2994", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2284", "CVE-2010-2994"], "modified": "2010-08-13T00:00:00", "id": "UB:CVE-2010-2994", "href": "https://ubuntu.com/security/CVE-2010-2994", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-04T14:36:20", "description": "The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark\n0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to\ncause a denial of service (crash) and possibly execute arbitrary code via\nvectors related to sigcomp-udvm.c and an off-by-one error, which triggers a\nbuffer overflow, different vulnerabilities than CVE-2010-2287.", "cvss3": {}, "published": "2010-08-13T00:00:00", "type": "ubuntucve", "title": "CVE-2010-2995", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2287", "CVE-2010-2995"], "modified": "2010-08-13T00:00:00", "id": "UB:CVE-2010-2995", "href": "https://ubuntu.com/security/CVE-2010-2995", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debiancve": [{"lastseen": "2022-07-31T06:02:26", "description": "The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors.", "cvss3": {}, "published": "2010-06-15T14:04:00", "type": "debiancve", "title": "CVE-2010-2283", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2283"], "modified": "2010-06-15T14:04:00", "id": "DEBIANCVE:CVE-2010-2283", "href": "https://security-tracker.debian.org/tracker/CVE-2010-2283", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-31T06:02:26", "description": "The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.", "cvss3": {}, "published": "2010-06-15T14:04:00", "type": "debiancve", "title": "CVE-2010-2286", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2286"], "modified": "2010-06-15T14:04:00", "id": "DEBIANCVE:CVE-2010-2286", "href": "https://security-tracker.debian.org/tracker/CVE-2010-2286", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-31T06:02:26", "description": "Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors.", "cvss3": {}, "published": "2010-06-15T14:04:00", "type": "debiancve", "title": "CVE-2010-2284", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2284"], "modified": "2010-06-15T14:04:00", "id": "DEBIANCVE:CVE-2010-2284", "href": "https://security-tracker.debian.org/tracker/CVE-2010-2284", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-31T06:02:26", "description": "Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors.", "cvss3": {}, "published": "2010-06-15T14:04:00", "type": "debiancve", "title": "CVE-2010-2287", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2287"], "modified": "2010-06-15T14:04:00", "id": "DEBIANCVE:CVE-2010-2287", "href": "https://security-tracker.debian.org/tracker/CVE-2010-2287", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-31T06:02:26", "description": "Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding (RLE) compression.", "cvss3": {}, "published": "2011-01-07T19:00:00", "type": "debiancve", "title": "CVE-2010-4538", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4538"], "modified": "2011-01-07T19:00:00", "id": "DEBIANCVE:CVE-2010-4538", "href": "https://security-tracker.debian.org/tracker/CVE-2010-4538", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-31T06:02:26", "description": "Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression.", "cvss3": {}, "published": "2010-08-13T18:43:00", "type": "debiancve", "title": "CVE-2010-2994", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2284", "CVE-2010-2994"], "modified": "2010-08-13T18:43:00", "id": "DEBIANCVE:CVE-2010-2994", "href": "https://security-tracker.debian.org/tracker/CVE-2010-2994", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-31T06:02:26", "description": "The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer overflow, different vulnerabilities than CVE-2010-2287.", "cvss3": {}, "published": "2010-08-13T18:43:00", "type": "debiancve", "title": "CVE-2010-2995", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2287", "CVE-2010-2995"], "modified": "2010-08-13T18:43:00", "id": "DEBIANCVE:CVE-2010-2995", "href": "https://security-tracker.debian.org/tracker/CVE-2010-2995", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "checkpoint_advisories": [{"lastseen": "2021-11-02T08:00:22", "description": "A buffer overflow vulnerability has been reported in Wireshark. The vulnerability is due to incorrect implementation of the SigComp UDVM Dissector. An attacker can exploit this issue by sending a malicious sigComp traffic in the internet.", "cvss3": {}, "published": "2015-03-26T00:00:00", "type": "checkpoint_advisories", "title": "Wireshark SigComp UDVM Dissector Remote Code Execution - Ver2 (CVE-2010-2287)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2287"], "modified": "2015-03-26T00:00:00", "id": "CPAI-2015-0388", "href": "", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-12-18T04:02:55", "description": "A buffer overflow vulnerability has been reported in Wireshark. The vulnerability is due to incorrect implementation of the SigComp UDVM Dissector. An attacker can exploit this issue by sending a malicious sigComp traffic in the internet.", "cvss3": {}, "published": "2015-03-26T00:00:00", "type": "checkpoint_advisories", "title": "Wireshark SigComp UDVM Dissector Remote Code Execution - Ver2 (CVE-2010-2287)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2287"], "modified": "2015-03-26T00:00:00", "id": "CPAI-2015-0163", "href": "", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-12-17T11:56:35", "description": "A buffer overflow vulnerability has been reported in Wireshark. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes.", "cvss3": {}, "published": "2014-12-28T00:00:00", "type": "checkpoint_advisories", "title": "Wireshark ENTTEC DMX Data Buffer Overflow - Ver2 (CVE-2010-4538)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4538"], "modified": "2014-12-28T00:00:00", "id": "CPAI-2014-2359", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2022-01-17T19:13:32", "description": "### Background\n\nWireshark is a versatile network protocol analyzer.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could send specially crafted packets on a network being monitored by Wireshark, entice a user to open a malformed packet trace file using Wireshark, or deploy a specially crafted Lua script for use by Wireshark, possibly resulting in the execution of arbitrary code, or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Wireshark users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-analyzer/wireshark-1.4.9\"", "cvss3": {}, "published": "2011-10-09T00:00:00", "type": "gentoo", "title": "Wireshark: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2994", "CVE-2010-2995", "CVE-2010-3133", "CVE-2010-3445", "CVE-2010-4300", "CVE-2010-4301", "CVE-2010-4538", "CVE-2011-0024", "CVE-2011-0444", "CVE-2011-0445", "CVE-2011-0538", "CVE-2011-0713", "CVE-2011-1138", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-1141", "CVE-2011-1142", "CVE-2011-1143", "CVE-2011-1590", "CVE-2011-1591", "CVE-2011-1592", "CVE-2011-1956", "CVE-2011-1957", "CVE-2011-1958", "CVE-2011-1959", "CVE-2011-2174", "CVE-2011-2175", "CVE-2011-2597", "CVE-2011-2698", "CVE-2011-3266", "CVE-2011-3360", "CVE-2011-3482", "CVE-2011-3483"], "modified": "2011-10-09T00:00:00", "id": "GLSA-201110-02", "href": "https://security.gentoo.org/glsa/201110-02", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}