Lucene search

HistoryMar 09, 2011 - 12:00 a.m.

Fedora 15 : wireshark-1.4.4-1.fc15 (2011-2648)

2011-03-0900:00:00

www.tenable.com

JSON

Several security bugs were fixed in this release :

CVE-2011-0538: memory corruption when reading a malformed pcap file
- CVE-2010-3445: stack overflow in BER dissector
- CVE-2011-1143: NULL pointer dereference causing application crash when reading malformed pcap file
- CVE-2011-1140: Multiple stack consumption vulnerabilities caused DoS via crafted SMB or CLDAP packet
- CVE-2011-1138: Off-by-one error in the dissect_6lowpan_iphc function causes application crash (Denial Of Service)
- CVE-2011-1139: Denial Of Service (application crash) via a pcap-ng file that contains a large packet-length field
- CVE-2011-0713: heap-based buffer overflow when reading malformed Nokia DCT3 phone signaling traces

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory 2011-2648.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(52590);
  script_version("1.13");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2010-3445", "CVE-2011-0538", "CVE-2011-0713", "CVE-2011-1138", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-1143");
  script_bugtraq_id(43197, 46167, 46416, 46626, 46636);
  script_xref(name:"FEDORA", value:"2011-2648");

  script_name(english:"Fedora 15 : wireshark-1.4.4-1.fc15 (2011-2648)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several security bugs were fixed in this release :

  - CVE-2011-0538: memory corruption when reading a
    malformed pcap file

    - CVE-2010-3445: stack overflow in BER dissector

    - CVE-2011-1143: NULL pointer dereference causing
      application crash when reading malformed pcap file

    - CVE-2011-1140: Multiple stack consumption
      vulnerabilities caused DoS via crafted SMB or CLDAP
      packet

    - CVE-2011-1138: Off-by-one error in the
      dissect_6lowpan_iphc function causes application crash
      (Denial Of Service)

    - CVE-2011-1139: Denial Of Service (application crash)
      via a pcap-ng file that contains a large packet-length
      field

    - CVE-2011-0713: heap-based buffer overflow when reading
      malformed Nokia DCT3 phone signaling traces

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=639486"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=676232"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=678198"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=681748"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=681753"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=681754"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=681760"
  );
  # https://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?d209584c"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected wireshark package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:wireshark");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:15");

  script_set_attribute(attribute:"patch_publication_date", value:"2011/03/04");
  script_set_attribute(attribute:"plugin_publication_date", value:"2011/03/09");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^15([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 15.x", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);

flag = 0;
if (rpm_check(release:"FC15", reference:"wireshark-1.4.4-1.fc15")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "wireshark");
}

VendorProductVersionCPE
fedoraprojectfedorawiresharkp-cpe:/a:fedoraproject:fedora:wireshark
fedoraprojectfedora15cpe:/o:fedoraproject:fedora:15

Vendor	Product	Version	CPE
fedoraproject	fedora	wireshark	p-cpe:/a:fedoraproject:fedora:wireshark
fedoraproject	fedora	15	cpe:/o:fedoraproject:fedora:15

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3445

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0538

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0713

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1138

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1139

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1140

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1143

www.nessus.org/u?d209584c

bugzilla.redhat.com/show_bug.cgi?id=639486

bugzilla.redhat.com/show_bug.cgi?id=676232

bugzilla.redhat.com/show_bug.cgi?id=678198

bugzilla.redhat.com/show_bug.cgi?id=681748

bugzilla.redhat.com/show_bug.cgi?id=681753

bugzilla.redhat.com/show_bug.cgi?id=681754

bugzilla.redhat.com/show_bug.cgi?id=681760

JSON

Related for FEDORA_2011-2648.NASL