FreeBSD : wireshark -- multiple vulnerabilities (8a835235-ae84-11dc-a5f9-001a4d49522b)

2007-12-24T00:00:00

Description

The Wireshark team reports of multiple vulnerabilities : - Wireshark could crash when reading an MP3 file. - Beyond Security discovered that Wireshark could loop excessively while reading a malformed DNP packet. - Stefan Esser discovered a buffer overflow in the SSL dissector. - The ANSI MAP dissector could be susceptible to a buffer overflow on some platforms. - The Firebird/Interbase dissector could go into an infinite loop or crash. - The NCP dissector could cause a crash. - The HTTP dissector could crash on some systems while decoding chunked messages. - The MEGACO dissector could enter a large loop and consume system resources. - The DCP ETSI dissector could enter a large loop and consume system resources. - Fabiodds discovered a buffer overflow in the iSeries (OS/400) Communication trace file parser. - The PPP dissector could overflow a buffer. - The Bluetooth SDP dissector could go into an infinite loop. - A malformed RPC Portmap packet could cause a crash. - The IPv6 dissector could loop excessively. - The USB dissector could loop excessively or crash. - The SMB dissector could crash. - The RPL dissector could go into an infinite loop. - The WiMAX dissector could crash due to unaligned access on some platforms. - The CIP dissector could attempt to allocate a huge amount of memory and crash. Impact It may be possible to make Wireshark or Ethereal crash or use up available memory by injecting a purposefully malformed packet onto the wire or by convincing someone to read a malformed packet trace file.

{"id": "FREEBSD_PKG_8A835235AE8411DCA5F9001A4D49522B.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "FreeBSD : wireshark -- multiple vulnerabilities (8a835235-ae84-11dc-a5f9-001a4d49522b)", "description": "The Wireshark team reports of multiple vulnerabilities :\n\n- Wireshark could crash when reading an MP3 file.\n\n- Beyond Security discovered that Wireshark could loop excessively while reading a malformed DNP packet.\n\n- Stefan Esser discovered a buffer overflow in the SSL dissector.\n\n- The ANSI MAP dissector could be susceptible to a buffer overflow on some platforms.\n\n- The Firebird/Interbase dissector could go into an infinite loop or crash.\n\n- The NCP dissector could cause a crash.\n\n- The HTTP dissector could crash on some systems while decoding chunked messages.\n\n- The MEGACO dissector could enter a large loop and consume system resources.\n\n- The DCP ETSI dissector could enter a large loop and consume system resources.\n\n- Fabiodds discovered a buffer overflow in the iSeries (OS/400) Communication trace file parser.\n\n- The PPP dissector could overflow a buffer.\n\n- The Bluetooth SDP dissector could go into an infinite loop.\n\n- A malformed RPC Portmap packet could cause a crash.\n\n- The IPv6 dissector could loop excessively.\n\n- The USB dissector could loop excessively or crash.\n\n- The SMB dissector could crash.\n\n- The RPL dissector could go into an infinite loop.\n\n- The WiMAX dissector could crash due to unaligned access on some platforms.\n\n- The CIP dissector could attempt to allocate a huge amount of memory and crash. Impact It may be possible to make Wireshark or Ethereal crash or use up available memory by injecting a purposefully malformed packet onto the wire or by convincing someone to read a malformed packet trace file.", "published": "2007-12-24T00:00:00", "modified": "2021-01-06T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 10.0}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/29772", "reporter": "This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6450", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6112", "https://www.wireshark.org/security/wnpa-sec-2007-03.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6114", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6118", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6438", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6113", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6120", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6441", "http://www.nessus.org/u?2f7fcebf", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6115", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6117", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6439", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6451", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6121"], "cvelist": ["CVE-2007-6112", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6120", "CVE-2007-6121", "CVE-2007-6438", "CVE-2007-6439", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6451"], "immutableFields": [], "lastseen": "2023-01-11T14:38:51", "viewCount": 10, "enchantments": {"dependencies": {"references": [{"type": "centos", "idList": ["CESA-2008:0058", "CESA-2008:0059"]}, {"type": "cve", "idList": ["CVE-2007-4721", "CVE-2007-6112", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6120", "CVE-2007-6121", "CVE-2007-6438", "CVE-2007-6439", "CVE-2007-6440", "CVE-2007-6441", "CVE-2007-6442", "CVE-2007-6443", "CVE-2007-6444", "CVE-2007-6445", "CVE-2007-6446", "CVE-2007-6447", "CVE-2007-6448", "CVE-2007-6449", "CVE-2007-6450", "CVE-2007-6451"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1414-1:6CA34", "DEBIAN:DSA-1446-1:5AD3D"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2007-6112", "DEBIANCVE:CVE-2007-6113", "DEBIANCVE:CVE-2007-6114", "DEBIANCVE:CVE-2007-6115", "DEBIANCVE:CVE-2007-6117", "DEBIANCVE:CVE-2007-6118", "DEBIANCVE:CVE-2007-6120", "DEBIANCVE:CVE-2007-6121", "DEBIANCVE:CVE-2007-6438", "DEBIANCVE:CVE-2007-6439", "DEBIANCVE:CVE-2007-6441", "DEBIANCVE:CVE-2007-6450", "DEBIANCVE:CVE-2007-6451"]}, {"type": "fedora", "idList": ["FEDORA:LBKJPVWE025732", "FEDORA:LBLL8LEN001925"]}, {"type": "freebsd", "idList": ["8A835235-AE84-11DC-A5F9-001A4D49522B"]}, {"type": "gentoo", "idList": ["GLSA-200712-23"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2008-0058.NASL", "CENTOS_RHSA-2008-0059.NASL", "DEBIAN_DSA-1414.NASL", "DEBIAN_DSA-1446.NASL", "FEDORA_2007-4590.NASL", "FEDORA_2007-4690.NASL", "GENTOO_GLSA-200712-23.NASL", "MANDRAKE_MDKSA-2007-145.NASL", "MANDRIVA_MDVSA-2008-001.NASL", "ORACLELINUX_ELSA-2008-0058.NASL", "ORACLELINUX_ELSA-2008-0059.NASL", "REDHAT-RHSA-2008-0058.NASL", "REDHAT-RHSA-2008-0059.NASL", "SL_20080121_WIRESHARK_ON_SL3_X.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122614", "OPENVAS:1361412562310830471", "OPENVAS:1361412562310830541", "OPENVAS:1361412562310870085", "OPENVAS:1361412562310870170", "OPENVAS:1361412562310880091", "OPENVAS:1361412562310880129", "OPENVAS:1361412562310880183", "OPENVAS:1361412562310880208", "OPENVAS:59639", "OPENVAS:60052", "OPENVAS:60085", "OPENVAS:60100", "OPENVAS:830471", "OPENVAS:830541", "OPENVAS:861173", "OPENVAS:861563", "OPENVAS:870085", "OPENVAS:870170", "OPENVAS:880091", "OPENVAS:880129", "OPENVAS:880183", "OPENVAS:880208"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0058"]}, {"type": "osv", "idList": ["OSV:DSA-1414-1", "OSV:DSA-1446-1"]}, {"type": "redhat", "idList": ["RHSA-2008:0058", "RHSA-2008:0059"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:18530", "SECURITYVULNS:VULN:8386", "SECURITYVULNS:VULN:8520"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2007-6112", "UB:CVE-2007-6113", "UB:CVE-2007-6114", "UB:CVE-2007-6115", "UB:CVE-2007-6117", "UB:CVE-2007-6118", "UB:CVE-2007-6120", "UB:CVE-2007-6121", "UB:CVE-2007-6438", "UB:CVE-2007-6439", "UB:CVE-2007-6441", "UB:CVE-2007-6450", "UB:CVE-2007-6451"]}, {"type": "veracode", "idList": ["VERACODE:23331", "VERACODE:23332", "VERACODE:23333", "VERACODE:23334", "VERACODE:23336", "VERACODE:23337", "VERACODE:23339", "VERACODE:23340", "VERACODE:23341", "VERACODE:23342", "VERACODE:23343", "VERACODE:23344", "VERACODE:23345"]}]}, "score": {"value": 0.1, "vector": "NONE"}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2008:0058", "CESA-2008:0059"]}, {"type": "cve", "idList": ["CVE-2007-6112", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6120", "CVE-2007-6121", "CVE-2007-6438", "CVE-2007-6439", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6451"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2007-6118", "DEBIANCVE:CVE-2007-6451"]}, {"type": "fedora", "idList": ["FEDORA:LBKJPVWE025732"]}, {"type": "freebsd", "idList": ["8A835235-AE84-11DC-A5F9-001A4D49522B"]}, {"type": "nessus", "idList": ["FEDORA_2007-4690.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:880208"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0058"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:18530"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2007-6121"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2007-6112", "epss": "0.027500000", "percentile": "0.889280000", "modified": "2023-03-13"}, {"cve": "CVE-2007-6113", "epss": "0.015590000", "percentile": "0.851610000", "modified": "2023-03-13"}, {"cve": "CVE-2007-6114", "epss": "0.030300000", "percentile": "0.894110000", "modified": "2023-03-13"}, {"cve": "CVE-2007-6115", "epss": "0.030300000", "percentile": "0.894110000", "modified": "2023-03-13"}, {"cve": "CVE-2007-6117", "epss": "0.028960000", "percentile": "0.892070000", "modified": "2023-03-13"}, {"cve": "CVE-2007-6118", "epss": "0.002890000", "percentile": "0.639920000", "modified": "2023-03-13"}, {"cve": "CVE-2007-6120", "epss": "0.002890000", "percentile": "0.639920000", "modified": "2023-03-13"}, {"cve": "CVE-2007-6121", "epss": "0.002880000", "percentile": "0.639610000", "modified": "2023-03-13"}, {"cve": "CVE-2007-6438", "epss": "0.003380000", "percentile": "0.667380000", "modified": "2023-03-13"}, {"cve": "CVE-2007-6439", "epss": "0.001990000", "percentile": "0.559670000", "modified": "2023-03-13"}, {"cve": "CVE-2007-6441", "epss": "0.002000000", "percentile": "0.560870000", "modified": "2023-03-13"}, {"cve": "CVE-2007-6450", "epss": "0.003380000", "percentile": "0.667380000", "modified": "2023-03-13"}, {"cve": "CVE-2007-6451", "epss": "0.003380000", "percentile": "0.667380000", "modified": "2023-03-13"}], "vulnersScore": 0.1}, "_state": {"dependencies": 1673449426, "score": 1673449353, "epss": 1678786801}, "_internal": {"score_hash": "20d4672456420e1ec8ece9f3b46bf306"}, "pluginID": "29772", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29772);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6438\", \"CVE-2007-6439\", \"CVE-2007-6441\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n\n script_name(english:\"FreeBSD : wireshark -- multiple vulnerabilities (8a835235-ae84-11dc-a5f9-001a4d49522b)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Wireshark team reports of multiple vulnerabilities :\n\n- Wireshark could crash when reading an MP3 file.\n\n- Beyond Security discovered that Wireshark could loop excessively\nwhile reading a malformed DNP packet.\n\n- Stefan Esser discovered a buffer overflow in the SSL dissector.\n\n- The ANSI MAP dissector could be susceptible to a buffer overflow on\nsome platforms.\n\n- The Firebird/Interbase dissector could go into an infinite loop or\ncrash.\n\n- The NCP dissector could cause a crash.\n\n- The HTTP dissector could crash on some systems while decoding\nchunked messages.\n\n- The MEGACO dissector could enter a large loop and consume system\nresources.\n\n- The DCP ETSI dissector could enter a large loop and consume system\nresources.\n\n- Fabiodds discovered a buffer overflow in the iSeries (OS/400)\nCommunication trace file parser.\n\n- The PPP dissector could overflow a buffer.\n\n- The Bluetooth SDP dissector could go into an infinite loop.\n\n- A malformed RPC Portmap packet could cause a crash.\n\n- The IPv6 dissector could loop excessively.\n\n- The USB dissector could loop excessively or crash.\n\n- The SMB dissector could crash.\n\n- The RPL dissector could go into an infinite loop.\n\n- The WiMAX dissector could crash due to unaligned access on some\nplatforms.\n\n- The CIP dissector could attempt to allocate a huge amount of memory\nand crash. Impact It may be possible to make Wireshark or Ethereal\ncrash or use up available memory by injecting a purposefully malformed\npacket onto the wire or by convincing someone to read a malformed\npacket trace file.\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2007-03.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2007-03.html\"\n );\n # https://vuxml.freebsd.org/freebsd/8a835235-ae84-11dc-a5f9-001a4d49522b.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2f7fcebf\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ethereal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ethereal-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:tethereal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:tethereal-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:wireshark-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/12/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"wireshark>=0.8.16<0.99.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"wireshark-lite>=0.8.16<0.99.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ethereal>=0.8.16<0.99.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ethereal-lite>=0.8.16<0.99.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"tethereal>=0.8.16<0.99.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"tethereal-lite>=0.8.16<0.99.7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "FreeBSD Local Security Checks", "cpe": ["p-cpe:/a:freebsd:freebsd:ethereal", "p-cpe:/a:freebsd:freebsd:ethereal-lite", "p-cpe:/a:freebsd:freebsd:tethereal", "p-cpe:/a:freebsd:freebsd:tethereal-lite", "p-cpe:/a:freebsd:freebsd:wireshark", "p-cpe:/a:freebsd:freebsd:wireshark-lite", "cpe:/o:freebsd:freebsd"], "solution": "Update the affected packages.", "nessusSeverity": "Critical", "cvssScoreSource": "", "vendor_cvss2": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "vendor_cvss3": {"score": null, "vector": null}, "vpr": {"risk factor": "Medium", "score": "5.9"}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": "2007-12-19T00:00:00", "vulnerabilityPublicationDate": "2007-12-19T00:00:00", "exploitableWith": []}

{"freebsd": [{"lastseen": "2022-01-19T16:03:50", "description": "\n\nThe Wireshark team reports of multiple vulnerabilities:\n\n\nWireshark could crash when reading an MP3 file.\nBeyond Security discovered that Wireshark could loop\n\t excessively while reading a malformed DNP packet.\nStefan Esser discovered a buffer overflow in the SSL\n\t dissector.\nThe ANSI MAP dissector could be susceptible to a\n\t buffer overflow on some platforms.\nThe Firebird/Interbase dissector could go into an\n\t infinite loop or crash.\nThe NCP dissector could cause a crash.\nThe HTTP dissector could crash on some systems while\n\t decoding chunked messages.\nThe MEGACO dissector could enter a large loop and\n\t consume system resources.\nThe DCP ETSI dissector could enter a large loop and\n\t consume system resources.\nFabiodds discovered a buffer overflow in the iSeries\n\t (OS/400) Communication trace file parser.\nThe PPP dissector could overflow a buffer.\nThe Bluetooth SDP dissector could go into an infinite\n\t loop.\nA malformed RPC Portmap packet could cause a\n\t crash.\nThe IPv6 dissector could loop excessively.\nThe USB dissector could loop excessively or crash.\nThe SMB dissector could crash.\nThe RPL dissector could go into an infinite loop.\nThe WiMAX dissector could crash due to unaligned\n\t access on some platforms.\nThe CIP dissector could attempt to allocate a huge\n\t amount of memory and crash.\n\nImpact\nIt may be possible to make Wireshark or Ethereal crash or\n\t use up available memory by injecting a purposefully\n\t malformed packet onto the wire or by convincing someone to\n\t read a malformed packet trace file.\n\n\n", "cvss3": {}, "published": "2007-12-19T00:00:00", "type": "freebsd", "title": "wireshark -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6112", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6120", "CVE-2007-6121", "CVE-2007-6438", "CVE-2007-6439", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6451"], "modified": "2007-12-22T00:00:00", "id": "8A835235-AE84-11DC-A5F9-001A4D49522B", "href": "https://vuxml.freebsd.org/freebsd/8a835235-ae84-11dc-a5f9-001a4d49522b.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2022-01-17T19:15:51", "description": "### Background\n\nWireshark is a network protocol analyzer with a graphical front-end. \n\n### Description\n\nMultiple buffer overflows and infinite loops were discovered in multiple dissector and parser components, including those for MP3 and NCP (CVE-2007-6111), PPP (CVE-2007-6112), DNP (CVE-2007-6113), SSL and iSeries (OS/400) Communication traces (CVE-2007-6114), ANSI MAP (CVE-2007-6115), Firebird/Interbase (CVE-2007-6116), HTTP (CVE-2007-6117), MEGACO (CVE-2007-6118), DCP ETSI (CVE-2007-6119), Bluetooth SDP (CVE-2007-6120), RPC Portmap (CVE-2007-6121), SMB (CVE-2007-6438), IPv6 amd USB (CVE-2007-6439), WiMAX (CVE-2007-6441), RPL (CVE-2007-6450), CIP (CVE-2007-6451). The vulnerabilities were discovered by Stefan Esser, Beyond Security, Fabiodds, Peter Leeming, Steve and ainsley. \n\n### Impact\n\nA remote attacker could send specially crafted packets on a network being monitored with Wireshark or entice a user to open a specially crafted file, possibly resulting in the execution of arbitrary code with the privileges of the user running Wireshark (which might be the root user), or a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Wireshark users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-analyzer/wireshark-0.99.7\"", "cvss3": {}, "published": "2007-12-30T00:00:00", "type": "gentoo", "title": "Wireshark: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6111", "CVE-2007-6112", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6116", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6119", "CVE-2007-6120", "CVE-2007-6121", "CVE-2007-6438", "CVE-2007-6439", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6451"], "modified": "2007-12-30T00:00:00", "id": "GLSA-200712-23", "href": "https://security.gentoo.org/glsa/200712-23", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-01-11T14:56:27", "description": "Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nWireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal.\n\nSeveral flaws were found in Wireshark. Wireshark could crash or possibly execute arbitrary code as the user running Wireshark if it read a malformed packet off the network. (CVE-2007-6112, CVE-2007-6114, CVE-2007-6115, CVE-2007-6117)\n\nSeveral denial of service bugs were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off the network. (CVE-2007-6111, CVE-2007-6113, CVE-2007-6116, CVE-2007-6118, CVE-2007-6119, CVE-2007-6120, CVE-2007-6121, CVE-2007-6438, CVE-2007-6439, CVE-2007-6441, CVE-2007-6450, CVE-2007-6451)\n\nAs well, Wireshark switched from using net-snmp to libsmi, which is included in this errata.\n\nUsers of wireshark should upgrade to these updated packages, which contain Wireshark version 0.99.7, and resolve these issues.", "cvss3": {}, "published": "2010-01-06T00:00:00", "type": "nessus", "title": "CentOS 4 / 5 : wireshark (CESA-2008:0058)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6111", "CVE-2007-6112", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6116", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6119", "CVE-2007-6120", "CVE-2007-6121", "CVE-2007-6438", "CVE-2007-6439", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6451"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:libsmi", "p-cpe:/a:centos:centos:libsmi-devel", "p-cpe:/a:centos:centos:wireshark", "p-cpe:/a:centos:centos:wireshark-gnome", "cpe:/o:centos:centos:4", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2008-0058.NASL", "href": "https://www.tenable.com/plugins/nessus/43670", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0058 and \n# CentOS Errata and Security Advisory 2008:0058 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43670);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-6111\", \"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6116\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6119\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6438\", \"CVE-2007-6439\", \"CVE-2007-6441\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_bugtraq_id(26532, 27071);\n script_xref(name:\"RHSA\", value:\"2008:0058\");\n\n script_name(english:\"CentOS 4 / 5 : wireshark (CESA-2008:0058)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated wireshark packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nSeveral flaws were found in Wireshark. Wireshark could crash or\npossibly execute arbitrary code as the user running Wireshark if it\nread a malformed packet off the network. (CVE-2007-6112,\nCVE-2007-6114, CVE-2007-6115, CVE-2007-6117)\n\nSeveral denial of service bugs were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off the\nnetwork. (CVE-2007-6111, CVE-2007-6113, CVE-2007-6116, CVE-2007-6118,\nCVE-2007-6119, CVE-2007-6120, CVE-2007-6121, CVE-2007-6438,\nCVE-2007-6439, CVE-2007-6441, CVE-2007-6450, CVE-2007-6451)\n\nAs well, Wireshark switched from using net-snmp to libsmi, which is\nincluded in this errata.\n\nUsers of wireshark should upgrade to these updated packages, which\ncontain Wireshark version 0.99.7, and resolve these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-January/014635.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?43bd41a2\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-January/014636.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5e629cd8\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-January/014638.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1fa4cba5\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-January/014652.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?43d90ffe\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-January/014653.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?093b1146\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libsmi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libsmi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"libsmi-0.4.5-2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"libsmi-0.4.5-2.c4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"libsmi-0.4.5-2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"libsmi-devel-0.4.5-2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"libsmi-devel-0.4.5-2.c4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"libsmi-devel-0.4.5-2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"wireshark-0.99.7-1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"wireshark-0.99.7-1.c4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"wireshark-0.99.7-1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"wireshark-gnome-0.99.7-1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"wireshark-gnome-0.99.7-1.c4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"wireshark-gnome-0.99.7-1\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"libsmi-0.4.5-2.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"libsmi-devel-0.4.5-2.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"wireshark-0.99.7-1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"wireshark-gnome-0.99.7-1.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsmi / libsmi-devel / wireshark / wireshark-gnome\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:27:55", "description": "Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to denial of service. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2007-6450 The RPL dissector could be tricked into an infinite loop.\n\n - CVE-2007-6451 The CIP dissector could be tricked into excessive memory allocation.", "cvss3": {}, "published": "2008-01-04T00:00:00", "type": "nessus", "title": "Debian DSA-1446-1 : wireshark - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6111", "CVE-2007-6112", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6116", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6119", "CVE-2007-6120", "CVE-2007-6121", "CVE-2007-6438", "CVE-2007-6439", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6451"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:wireshark", "cpe:/o:debian:debian_linux:3.1", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1446.NASL", "href": "https://www.tenable.com/plugins/nessus/29840", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1446. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29840);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-6111\", \"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6116\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6119\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6438\", \"CVE-2007-6439\", \"CVE-2007-6441\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_xref(name:\"DSA\", value:\"1446\");\n\n script_name(english:\"Debian DSA-1446-1 : wireshark - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in the Wireshark\nnetwork traffic analyzer, which may lead to denial of service. The\nCommon Vulnerabilities and Exposures project identifies the following\nproblems :\n\n - CVE-2007-6450\n The RPL dissector could be tricked into an infinite\n loop.\n\n - CVE-2007-6451\n The CIP dissector could be tricked into excessive memory\n allocation.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-6450\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-6451\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2008/dsa-1446\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the wireshark packages.\n\nFor the old stable distribution (sarge), these problems have been\nfixed in version 0.10.10-2sarge11. (In Sarge Wireshark used to be\ncalled Ethereal).\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 0.99.4-5.etch.2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/01/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"ethereal\", reference:\"0.10.10-2sarge11\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ethereal-common\", reference:\"0.10.10-2sarge11\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ethereal-dev\", reference:\"0.10.10-2sarge11\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"tethereal\", reference:\"0.10.10-2sarge11\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"ethereal\", reference:\"0.99.4-5.etch.2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"ethereal-common\", reference:\"0.99.4-5.etch.2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"ethereal-dev\", reference:\"0.99.4-5.etch.2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"tethereal\", reference:\"0.99.4-5.etch.2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"tshark\", reference:\"0.99.4-5.etch.2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"wireshark\", reference:\"0.99.4-5.etch.2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"wireshark-common\", reference:\"0.99.4-5.etch.2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"wireshark-dev\", reference:\"0.99.4-5.etch.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:37:35", "description": "The remote host is affected by the vulnerability described in GLSA-200712-23 (Wireshark: Multiple vulnerabilities)\n\n Multiple buffer overflows and infinite loops were discovered in multiple dissector and parser components, including those for MP3 and NCP (CVE-2007-6111), PPP (CVE-2007-6112), DNP (CVE-2007-6113), SSL and iSeries (OS/400) Communication traces (CVE-2007-6114), ANSI MAP (CVE-2007-6115), Firebird/Interbase (CVE-2007-6116), HTTP (CVE-2007-6117), MEGACO (CVE-2007-6118), DCP ETSI (CVE-2007-6119), Bluetooth SDP (CVE-2007-6120), RPC Portmap (CVE-2007-6121), SMB (CVE-2007-6438), IPv6 amd USB (CVE-2007-6439), WiMAX (CVE-2007-6441), RPL (CVE-2007-6450), CIP (CVE-2007-6451). The vulnerabilities were discovered by Stefan Esser, Beyond Security, Fabiodds, Peter Leeming, Steve and ainsley.\n Impact :\n\n A remote attacker could send specially crafted packets on a network being monitored with Wireshark or entice a user to open a specially crafted file, possibly resulting in the execution of arbitrary code with the privileges of the user running Wireshark (which might be the root user), or a Denial of Service.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2007-12-31T00:00:00", "type": "nessus", "title": "GLSA-200712-23 : Wireshark: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6111", "CVE-2007-6112", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6116", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6119", "CVE-2007-6120", "CVE-2007-6121", "CVE-2007-6438", "CVE-2007-6439", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6451"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:wireshark", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200712-23.NASL", "href": "https://www.tenable.com/plugins/nessus/29820", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200712-23.\n#\n# The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29820);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-6111\", \"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6116\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6119\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6438\", \"CVE-2007-6439\", \"CVE-2007-6441\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_xref(name:\"GLSA\", value:\"200712-23\");\n\n script_name(english:\"GLSA-200712-23 : Wireshark: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200712-23\n(Wireshark: Multiple vulnerabilities)\n\n Multiple buffer overflows and infinite loops were discovered in\n multiple dissector and parser components, including those for MP3 and\n NCP (CVE-2007-6111), PPP (CVE-2007-6112), DNP (CVE-2007-6113), SSL and\n iSeries (OS/400) Communication traces (CVE-2007-6114), ANSI MAP\n (CVE-2007-6115), Firebird/Interbase (CVE-2007-6116), HTTP\n (CVE-2007-6117), MEGACO (CVE-2007-6118), DCP ETSI (CVE-2007-6119),\n Bluetooth SDP (CVE-2007-6120), RPC Portmap (CVE-2007-6121), SMB\n (CVE-2007-6438), IPv6 amd USB (CVE-2007-6439), WiMAX (CVE-2007-6441),\n RPL (CVE-2007-6450), CIP (CVE-2007-6451). The vulnerabilities were\n discovered by Stefan Esser, Beyond Security, Fabiodds, Peter Leeming,\n Steve and ainsley.\n \nImpact :\n\n A remote attacker could send specially crafted packets on a network\n being monitored with Wireshark or entice a user to open a specially\n crafted file, possibly resulting in the execution of arbitrary code\n with the privileges of the user running Wireshark (which might be the\n root user), or a Denial of Service.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200712-23\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Wireshark users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/wireshark-0.99.7'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-analyzer/wireshark\", unaffected:make_list(\"ge 0.99.7\"), vulnerable:make_list(\"lt 0.99.7\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Wireshark\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:27:36", "description": "Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nWireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal.\n\nSeveral flaws were found in Wireshark. Wireshark could crash or possibly execute arbitrary code as the user running Wireshark if it read a malformed packet off the network. (CVE-2007-6112, CVE-2007-6114, CVE-2007-6115, CVE-2007-6117)\n\nSeveral denial of service bugs were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off the network. (CVE-2007-6111, CVE-2007-6113, CVE-2007-6116, CVE-2007-6118, CVE-2007-6119, CVE-2007-6120, CVE-2007-6121, CVE-2007-6438, CVE-2007-6439, CVE-2007-6441, CVE-2007-6450, CVE-2007-6451)\n\nAs well, Wireshark switched from using net-snmp to libsmi, which is included in this errata.\n\nUsers of wireshark should upgrade to these updated packages, which contain Wireshark version 0.99.7, and resolve these issues.", "cvss3": {}, "published": "2008-01-21T00:00:00", "type": "nessus", "title": "RHEL 4 / 5 : wireshark (RHSA-2008:0058)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6111", "CVE-2007-6112", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6116", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6119", "CVE-2007-6120", "CVE-2007-6121", "CVE-2007-6438", "CVE-2007-6439", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6451"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:libsmi", "p-cpe:/a:redhat:enterprise_linux:libsmi-devel", "p-cpe:/a:redhat:enterprise_linux:wireshark", "p-cpe:/a:redhat:enterprise_linux:wireshark-gnome", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.6", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.1"], "id": "REDHAT-RHSA-2008-0058.NASL", "href": "https://www.tenable.com/plugins/nessus/30034", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0058. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(30034);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6111\", \"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6116\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6119\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6438\", \"CVE-2007-6439\", \"CVE-2007-6441\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_bugtraq_id(26532, 27071);\n script_xref(name:\"RHSA\", value:\"2008:0058\");\n\n script_name(english:\"RHEL 4 / 5 : wireshark (RHSA-2008:0058)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated wireshark packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nSeveral flaws were found in Wireshark. Wireshark could crash or\npossibly execute arbitrary code as the user running Wireshark if it\nread a malformed packet off the network. (CVE-2007-6112,\nCVE-2007-6114, CVE-2007-6115, CVE-2007-6117)\n\nSeveral denial of service bugs were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off the\nnetwork. (CVE-2007-6111, CVE-2007-6113, CVE-2007-6116, CVE-2007-6118,\nCVE-2007-6119, CVE-2007-6120, CVE-2007-6121, CVE-2007-6438,\nCVE-2007-6439, CVE-2007-6441, CVE-2007-6450, CVE-2007-6451)\n\nAs well, Wireshark switched from using net-snmp to libsmi, which is\nincluded in this errata.\n\nUsers of wireshark should upgrade to these updated packages, which\ncontain Wireshark version 0.99.7, and resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6111\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6112\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6113\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6115\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6116\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6117\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6118\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6119\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6120\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6121\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6438\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6439\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6441\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6450\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6451\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-0.99.7.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-0.99.7.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0058\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/01/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0058\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"libsmi-0.4.5-2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"libsmi-devel-0.4.5-2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"wireshark-0.99.7-1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"wireshark-gnome-0.99.7-1.el4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"libsmi-0.4.5-2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"libsmi-0.4.5-2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"libsmi-0.4.5-2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"libsmi-devel-0.4.5-2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"libsmi-devel-0.4.5-2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"libsmi-devel-0.4.5-2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"wireshark-0.99.7-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"wireshark-0.99.7-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"wireshark-0.99.7-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"wireshark-gnome-0.99.7-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"wireshark-gnome-0.99.7-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"wireshark-gnome-0.99.7-1.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsmi / libsmi-devel / wireshark / wireshark-gnome\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:00:15", "description": "A number of vulnerabilities in the Wireshark program were found that could cause crashes, excessive looping, or arbitrary code execution.\n\nThis update provides Wireshark 0.99.7 which is not vulnerable to these issues.\n\nAn updated version of libsmi is also being provided, not because of security issues, but because this version of wireshark uses it instead of net-snmp for SNMP support.\n\nUpdate :\n\nThis update is being reissued without libcap (kernel capabilities) support, as that is not required by the original released packages, and thus gave trouble for a number of users.", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : wireshark (MDVSA-2008:001-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6111", "CVE-2007-6112", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6116", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6119", "CVE-2007-6120", "CVE-2007-6121", "CVE-2007-6438", "CVE-2007-6439", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6451"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64wireshark-devel", "p-cpe:/a:mandriva:linux:lib64wireshark0", "p-cpe:/a:mandriva:linux:libwireshark-devel", "p-cpe:/a:mandriva:linux:libwireshark0", "p-cpe:/a:mandriva:linux:tshark", "p-cpe:/a:mandriva:linux:wireshark", "p-cpe:/a:mandriva:linux:wireshark-tools", "cpe:/o:mandriva:linux:2007", "cpe:/o:mandriva:linux:2007.1", "cpe:/o:mandriva:linux:2008.0"], "id": "MANDRIVA_MDVSA-2008-001.NASL", "href": "https://www.tenable.com/plugins/nessus/36583", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:001. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36583);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-6111\", \"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6116\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6119\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6438\", \"CVE-2007-6439\", \"CVE-2007-6441\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_xref(name:\"MDVSA\", value:\"2008:001-1\");\n\n script_name(english:\"Mandriva Linux Security Advisory : wireshark (MDVSA-2008:001-1)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of vulnerabilities in the Wireshark program were found that\ncould cause crashes, excessive looping, or arbitrary code execution.\n\nThis update provides Wireshark 0.99.7 which is not vulnerable to these\nissues.\n\nAn updated version of libsmi is also being provided, not because of\nsecurity issues, but because this version of wireshark uses it instead\nof net-snmp for SNMP support.\n\nUpdate :\n\nThis update is being reissued without libcap (kernel capabilities)\nsupport, as that is not required by the original released packages,\nand thus gave trouble for a number of users.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.wireshark.org/security/wnpa-sec-2007-03.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64wireshark0-0.99.7-0.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libwireshark0-0.99.7-0.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"tshark-0.99.7-0.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"wireshark-0.99.7-0.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"wireshark-tools-0.99.7-0.2mdv2007.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64wireshark0-0.99.7-0.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libwireshark0-0.99.7-0.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"tshark-0.99.7-0.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"wireshark-0.99.7-0.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"wireshark-tools-0.99.7-0.2mdv2007.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-0.99.7-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64wireshark0-0.99.7-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libwireshark-devel-0.99.7-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libwireshark0-0.99.7-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tshark-0.99.7-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"wireshark-0.99.7-0.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"wireshark-tools-0.99.7-0.2mdv2008.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:49:52", "description": "From Red Hat Security Advisory 2008:0058 :\n\nUpdated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nWireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal.\n\nSeveral flaws were found in Wireshark. Wireshark could crash or possibly execute arbitrary code as the user running Wireshark if it read a malformed packet off the network. (CVE-2007-6112, CVE-2007-6114, CVE-2007-6115, CVE-2007-6117)\n\nSeveral denial of service bugs were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off the network. (CVE-2007-6111, CVE-2007-6113, CVE-2007-6116, CVE-2007-6118, CVE-2007-6119, CVE-2007-6120, CVE-2007-6121, CVE-2007-6438, CVE-2007-6439, CVE-2007-6441, CVE-2007-6450, CVE-2007-6451)\n\nAs well, Wireshark switched from using net-snmp to libsmi, which is included in this errata.\n\nUsers of wireshark should upgrade to these updated packages, which contain Wireshark version 0.99.7, and resolve these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 / 5 : wireshark (ELSA-2008-0058)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6111", "CVE-2007-6112", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6116", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6119", "CVE-2007-6120", "CVE-2007-6121", "CVE-2007-6438", "CVE-2007-6439", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6451"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:libsmi", "p-cpe:/a:oracle:linux:libsmi-devel", "p-cpe:/a:oracle:linux:wireshark", "p-cpe:/a:oracle:linux:wireshark-gnome", "cpe:/o:oracle:linux:4", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2008-0058.NASL", "href": "https://www.tenable.com/plugins/nessus/67642", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0058 and \n# Oracle Linux Security Advisory ELSA-2008-0058 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67642);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6111\", \"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6116\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6119\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6438\", \"CVE-2007-6439\", \"CVE-2007-6441\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_bugtraq_id(26532, 27071);\n script_xref(name:\"RHSA\", value:\"2008:0058\");\n\n script_name(english:\"Oracle Linux 4 / 5 : wireshark (ELSA-2008-0058)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0058 :\n\nUpdated wireshark packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nSeveral flaws were found in Wireshark. Wireshark could crash or\npossibly execute arbitrary code as the user running Wireshark if it\nread a malformed packet off the network. (CVE-2007-6112,\nCVE-2007-6114, CVE-2007-6115, CVE-2007-6117)\n\nSeveral denial of service bugs were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off the\nnetwork. (CVE-2007-6111, CVE-2007-6113, CVE-2007-6116, CVE-2007-6118,\nCVE-2007-6119, CVE-2007-6120, CVE-2007-6121, CVE-2007-6438,\nCVE-2007-6439, CVE-2007-6441, CVE-2007-6450, CVE-2007-6451)\n\nAs well, Wireshark switched from using net-snmp to libsmi, which is\nincluded in this errata.\n\nUsers of wireshark should upgrade to these updated packages, which\ncontain Wireshark version 0.99.7, and resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-January/000495.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-January/000496.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsmi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsmi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"libsmi-0.4.5-2.el4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"libsmi-0.4.5-2.el4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"libsmi-devel-0.4.5-2.el4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"libsmi-devel-0.4.5-2.el4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"wireshark-0.99.7-1.el4.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"wireshark-0.99.7-1.el4.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"wireshark-gnome-0.99.7-1.el4.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"wireshark-gnome-0.99.7-1.el4.0.1\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"libsmi-0.4.5-2.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"libsmi-devel-0.4.5-2.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"wireshark-0.99.7-1.el5.0.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"wireshark-gnome-0.99.7-1.el5.0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsmi / libsmi-devel / wireshark / wireshark-gnome\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:35:04", "description": "Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to denial of service or execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2007-6114 Stefan Esser discovered a buffer overflow in the SSL dissector.'Fabiodds' discovered a buffer overflow in the iSeries trace dissector.\n\n - CVE-2007-6117 A programming error was discovered in the HTTP dissector, which may lead to denial of service.\n\n - CVE-2007-6118 The MEGACO dissector could be tricked into resource exhaustion.\n\n - CVE-2007-6120 The Bluetooth SDP dissector could be tricked into an endless loop.\n\n - CVE-2007-6121 The RPC portmap dissector could be tricked into dereferencing a NULL pointer.", "cvss3": {}, "published": "2007-11-29T00:00:00", "type": "nessus", "title": "Debian DSA-1414-1 : wireshark - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6114", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6120", "CVE-2007-6121"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:wireshark", "cpe:/o:debian:debian_linux:3.1", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1414.NASL", "href": "https://www.tenable.com/plugins/nessus/28337", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1414. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(28337);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-6114\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6120\", \"CVE-2007-6121\");\n script_xref(name:\"DSA\", value:\"1414\");\n\n script_name(english:\"Debian DSA-1414-1 : wireshark - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in the Wireshark\nnetwork traffic analyzer, which may lead to denial of service or\nexecution of arbitrary code. The Common Vulnerabilities and Exposures\nproject identifies the following problems :\n\n - CVE-2007-6114\n Stefan Esser discovered a buffer overflow in the SSL\n dissector.'Fabiodds' discovered a buffer overflow in the\n iSeries trace dissector.\n\n - CVE-2007-6117\n A programming error was discovered in the HTTP\n dissector, which may lead to denial of service.\n\n - CVE-2007-6118\n The MEGACO dissector could be tricked into resource\n exhaustion.\n\n - CVE-2007-6120\n The Bluetooth SDP dissector could be tricked into an\n endless loop.\n\n - CVE-2007-6121\n The RPC portmap dissector could be tricked into\n dereferencing a NULL pointer.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-6114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-6117\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-6118\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-6120\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-6121\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2007/dsa-1414\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the wireshark/ethereal packages.\n\nFor the old stable distribution (sarge), these problems have been\nfixed in version 0.10.10-2sarge10. (In Sarge Wireshark used to be\ncalled Ethereal). Updated packages for sparc and m68k will be provided\nlater.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 0.99.4-5.etch.1. Updated packages for sparc will be provided\nlater.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"ethereal\", reference:\"0.10.10-2sarge10\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ethereal-common\", reference:\"0.10.10-2sarge10\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ethereal-dev\", reference:\"0.10.10-2sarge10\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"tethereal\", reference:\"0.10.10-2sarge10\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"ethereal\", reference:\"0.99.4-5.etch.1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"ethereal-common\", reference:\"0.99.4-5.etch.1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"ethereal-dev\", reference:\"0.99.4-5.etch.1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"tethereal\", reference:\"0.99.4-5.etch.1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"tshark\", reference:\"0.99.4-5.etch.1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"wireshark\", reference:\"0.99.4-5.etch.1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"wireshark-common\", reference:\"0.99.4-5.etch.1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"wireshark-dev\", reference:\"0.99.4-5.etch.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:40:39", "description": "upgrade to 0.99.7 fixes various security flaws.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2007-12-24T00:00:00", "type": "nessus", "title": "Fedora 7 : wireshark-0.99.7-1.fc7 (2007-4690)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6111", "CVE-2007-6112", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6116", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6119", "CVE-2007-6120", "CVE-2007-6121"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:wireshark", "p-cpe:/a:fedoraproject:fedora:wireshark-debuginfo", "p-cpe:/a:fedoraproject:fedora:wireshark-gnome", "cpe:/o:fedoraproject:fedora:7"], "id": "FEDORA_2007-4690.NASL", "href": "https://www.tenable.com/plugins/nessus/29766", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2007-4690.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29766);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2007-6111\", \"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6116\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6119\", \"CVE-2007-6120\", \"CVE-2007-6121\");\n script_bugtraq_id(26532);\n script_xref(name:\"FEDORA\", value:\"2007-4690\");\n\n script_name(english:\"Fedora 7 : wireshark-0.99.7-1.fc7 (2007-4690)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"upgrade to 0.99.7 fixes various security flaws.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397251\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397271\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397281\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397291\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397311\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397321\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397331\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397341\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397351\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397361\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397371\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-December/006174.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?97d7f7e2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected wireshark, wireshark-debuginfo and / or\nwireshark-gnome packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 7.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC7\", reference:\"wireshark-0.99.7-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"wireshark-debuginfo-0.99.7-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"wireshark-gnome-0.99.7-1.fc7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-debuginfo / wireshark-gnome\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:40:41", "description": "Various flaws fixed by upgrade to 0.99.7\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2007-12-24T00:00:00", "type": "nessus", "title": "Fedora 8 : wireshark-0.99.7-2.fc8 (2007-4590)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6111", "CVE-2007-6112", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6116", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6119", "CVE-2007-6120", "CVE-2007-6121"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:wireshark", "p-cpe:/a:fedoraproject:fedora:wireshark-debuginfo", "p-cpe:/a:fedoraproject:fedora:wireshark-gnome", "cpe:/o:fedoraproject:fedora:8"], "id": "FEDORA_2007-4590.NASL", "href": "https://www.tenable.com/plugins/nessus/29760", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2007-4590.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29760);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2007-6111\", \"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6116\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6119\", \"CVE-2007-6120\", \"CVE-2007-6121\");\n script_bugtraq_id(26532);\n script_xref(name:\"FEDORA\", value:\"2007-4590\");\n\n script_name(english:\"Fedora 8 : wireshark-0.99.7-2.fc8 (2007-4590)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Various flaws fixed by upgrade to 0.99.7\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397251\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397271\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397281\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397291\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397311\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397321\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397331\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397341\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397351\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397361\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=397371\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-December/006068.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e91346ea\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected wireshark, wireshark-debuginfo and / or\nwireshark-gnome packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"wireshark-0.99.7-2.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"wireshark-debuginfo-0.99.7-2.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"wireshark-gnome-0.99.7-2.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-debuginfo / wireshark-gnome\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:28:10", "description": "Several flaws were found in Wireshark. Wireshark could crash or possibly execute arbitrary code as the user running Wireshark if it read a malformed packet off the network. (CVE-2007-6112, CVE-2007-6114, CVE-2007-6115, CVE-2007-6117)\n\nSeveral denial of service bugs were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off the network. (CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392, CVE-2007-3392, CVE-2007-3393, CVE-2007-6111, CVE-2007-6113, CVE-2007-6116, CVE-2007-6118, CVE-2007-6119, CVE-2007-6120, CVE-2007-6121, CVE-2007-6438, CVE-2007-6439, CVE-2007-6441, CVE-2007-6450, CVE-2007-6451)\n\nAs well, Wireshark switched from using net-snmp to libsmi, which is included in this errata.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : wireshark on SL3.x, SL4.x, SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3389", "CVE-2007-3390", "CVE-2007-3391", "CVE-2007-3392", "CVE-2007-3393", "CVE-2007-6111", "CVE-2007-6112", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6116", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6119", "CVE-2007-6120", "CVE-2007-6121", "CVE-2007-6438", "CVE-2007-6439", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6451"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20080121_WIRESHARK_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60350", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60350);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3389\", \"CVE-2007-3390\", \"CVE-2007-3391\", \"CVE-2007-3392\", \"CVE-2007-3393\", \"CVE-2007-6111\", \"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6116\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6119\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6438\", \"CVE-2007-6439\", \"CVE-2007-6441\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n\n script_name(english:\"Scientific Linux Security Update : wireshark on SL3.x, SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were found in Wireshark. Wireshark could crash or\npossibly execute arbitrary code as the user running Wireshark if it\nread a malformed packet off the network. (CVE-2007-6112,\nCVE-2007-6114, CVE-2007-6115, CVE-2007-6117)\n\nSeveral denial of service bugs were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off the\nnetwork. (CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392,\nCVE-2007-3392, CVE-2007-3393, CVE-2007-6111, CVE-2007-6113,\nCVE-2007-6116, CVE-2007-6118, CVE-2007-6119, CVE-2007-6120,\nCVE-2007-6121, CVE-2007-6438, CVE-2007-6439, CVE-2007-6441,\nCVE-2007-6450, CVE-2007-6451)\n\nAs well, Wireshark switched from using net-snmp to libsmi, which is\nincluded in this errata.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0801&L=scientific-linux-errata&T=0&P=1833\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9a57f048\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/06/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"libsmi-0.4.5-3.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"libsmi-devel-0.4.5-3.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"wireshark-0.99.7-EL3.1\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"wireshark-gnome-0.99.7-EL3.1\")) flag++;\n\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"libsmi-0.4.5-2.el4_6\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"libsmi-0.4.5-2\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"libsmi-devel-0.4.5-2.el4_6\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"libsmi-devel-0.4.5-2\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"wireshark-0.99.7-1.el4_6\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"wireshark-0.99.7-1\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"wireshark-gnome-0.99.7-1.el4_6\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"wireshark-gnome-0.99.7-1\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"libsmi-0.4.5-2.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"libsmi-devel-0.4.5-2.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"wireshark-0.99.7-1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"wireshark-gnome-0.99.7-1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:49:13", "description": "From Red Hat Security Advisory 2008:0059 :\n\nUpdated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nWireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal.\n\nSeveral flaws were found in Wireshark. Wireshark could crash or possibly execute arbitrary code as the user running Wireshark if it read a malformed packet off the network. (CVE-2007-6114, CVE-2007-6115, CVE-2007-6117)\n\nSeveral denial of service bugs were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off the network. (CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392, CVE-2007-3392, CVE-2007-3393, CVE-2007-6113, CVE-2007-6118, CVE-2007-6120, CVE-2007-6121, CVE-2007-6450, CVE-2007-6451)\n\nAs well, Wireshark switched from using net-snmp to libsmi, which is included in this errata.\n\nUsers of wireshark should upgrade to these updated packages, which contain Wireshark version 0.99.7, and resolve these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 3 : wireshark (ELSA-2008-0059)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3389", "CVE-2007-3390", "CVE-2007-3391", "CVE-2007-3392", "CVE-2007-3393", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6120", "CVE-2007-6121", "CVE-2007-6450", "CVE-2007-6451"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:libsmi", "p-cpe:/a:oracle:linux:libsmi-devel", "p-cpe:/a:oracle:linux:wireshark", "p-cpe:/a:oracle:linux:wireshark-gnome", "cpe:/o:oracle:linux:3"], "id": "ORACLELINUX_ELSA-2008-0059.NASL", "href": "https://www.tenable.com/plugins/nessus/67643", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0059 and \n# Oracle Linux Security Advisory ELSA-2008-0059 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67643);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3389\", \"CVE-2007-3390\", \"CVE-2007-3391\", \"CVE-2007-3392\", \"CVE-2007-3393\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_bugtraq_id(24662, 26532, 27071);\n script_xref(name:\"RHSA\", value:\"2008:0059\");\n\n script_name(english:\"Oracle Linux 3 : wireshark (ELSA-2008-0059)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0059 :\n\nUpdated wireshark packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nSeveral flaws were found in Wireshark. Wireshark could crash or\npossibly execute arbitrary code as the user running Wireshark if it\nread a malformed packet off the network. (CVE-2007-6114,\nCVE-2007-6115, CVE-2007-6117)\n\nSeveral denial of service bugs were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off the\nnetwork. (CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392,\nCVE-2007-3392, CVE-2007-3393, CVE-2007-6113, CVE-2007-6118,\nCVE-2007-6120, CVE-2007-6121, CVE-2007-6450, CVE-2007-6451)\n\nAs well, Wireshark switched from using net-snmp to libsmi, which is\nincluded in this errata.\n\nUsers of wireshark should upgrade to these updated packages, which\ncontain Wireshark version 0.99.7, and resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-January/000494.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsmi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsmi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/06/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"libsmi-0.4.5-3.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"libsmi-0.4.5-3.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"libsmi-devel-0.4.5-3.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"libsmi-devel-0.4.5-3.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"wireshark-0.99.7-EL3.1.0.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"wireshark-0.99.7-EL3.1.0.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"wireshark-gnome-0.99.7-EL3.1.0.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"wireshark-gnome-0.99.7-EL3.1.0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsmi / libsmi-devel / wireshark / wireshark-gnome\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:27:58", "description": "Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nWireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal.\n\nSeveral flaws were found in Wireshark. Wireshark could crash or possibly execute arbitrary code as the user running Wireshark if it read a malformed packet off the network. (CVE-2007-6114, CVE-2007-6115, CVE-2007-6117)\n\nSeveral denial of service bugs were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off the network. (CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392, CVE-2007-3392, CVE-2007-3393, CVE-2007-6113, CVE-2007-6118, CVE-2007-6120, CVE-2007-6121, CVE-2007-6450, CVE-2007-6451)\n\nAs well, Wireshark switched from using net-snmp to libsmi, which is included in this errata.\n\nUsers of wireshark should upgrade to these updated packages, which contain Wireshark version 0.99.7, and resolve these issues.", "cvss3": {}, "published": "2008-01-21T00:00:00", "type": "nessus", "title": "RHEL 3 : wireshark (RHSA-2008:0059)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3389", "CVE-2007-3390", "CVE-2007-3391", "CVE-2007-3392", "CVE-2007-3393", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6120", "CVE-2007-6121", "CVE-2007-6450", "CVE-2007-6451"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:libsmi", "p-cpe:/a:redhat:enterprise_linux:libsmi-devel", "p-cpe:/a:redhat:enterprise_linux:wireshark", "p-cpe:/a:redhat:enterprise_linux:wireshark-gnome", "cpe:/o:redhat:enterprise_linux:3"], "id": "REDHAT-RHSA-2008-0059.NASL", "href": "https://www.tenable.com/plugins/nessus/30035", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0059. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(30035);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3389\", \"CVE-2007-3390\", \"CVE-2007-3391\", \"CVE-2007-3392\", \"CVE-2007-3393\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_bugtraq_id(24662, 26532, 27071);\n script_xref(name:\"RHSA\", value:\"2008:0059\");\n\n script_name(english:\"RHEL 3 : wireshark (RHSA-2008:0059)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated wireshark packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nSeveral flaws were found in Wireshark. Wireshark could crash or\npossibly execute arbitrary code as the user running Wireshark if it\nread a malformed packet off the network. (CVE-2007-6114,\nCVE-2007-6115, CVE-2007-6117)\n\nSeveral denial of service bugs were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off the\nnetwork. (CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392,\nCVE-2007-3392, CVE-2007-3393, CVE-2007-6113, CVE-2007-6118,\nCVE-2007-6120, CVE-2007-6121, CVE-2007-6450, CVE-2007-6451)\n\nAs well, Wireshark switched from using net-snmp to libsmi, which is\nincluded in this errata.\n\nUsers of wireshark should upgrade to these updated packages, which\ncontain Wireshark version 0.99.7, and resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3389\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3390\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3391\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3392\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6113\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6115\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6117\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6118\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6120\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6121\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6450\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6451\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-0.99.7.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-0.99.7.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0059\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsmi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/06/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/01/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0059\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"libsmi-0.4.5-3.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"libsmi-devel-0.4.5-3.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"wireshark-0.99.7-EL3.1\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"wireshark-gnome-0.99.7-EL3.1\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsmi / libsmi-devel / wireshark / wireshark-gnome\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:28:07", "description": "Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nWireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal.\n\nSeveral flaws were found in Wireshark. Wireshark could crash or possibly execute arbitrary code as the user running Wireshark if it read a malformed packet off the network. (CVE-2007-6114, CVE-2007-6115, CVE-2007-6117)\n\nSeveral denial of service bugs were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off the network. (CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392, CVE-2007-3392, CVE-2007-3393, CVE-2007-6113, CVE-2007-6118, CVE-2007-6120, CVE-2007-6121, CVE-2007-6450, CVE-2007-6451)\n\nAs well, Wireshark switched from using net-snmp to libsmi, which is included in this errata.\n\nUsers of wireshark should upgrade to these updated packages, which contain Wireshark version 0.99.7, and resolve these issues.", "cvss3": {}, "published": "2008-01-22T00:00:00", "type": "nessus", "title": "CentOS 3 : wireshark (CESA-2008:0059)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3389", "CVE-2007-3390", "CVE-2007-3391", "CVE-2007-3392", "CVE-2007-3393", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6120", "CVE-2007-6121", "CVE-2007-6450", "CVE-2007-6451"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:libsmi", "p-cpe:/a:centos:centos:libsmi-devel", "p-cpe:/a:centos:centos:wireshark", "p-cpe:/a:centos:centos:wireshark-gnome", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2008-0059.NASL", "href": "https://www.tenable.com/plugins/nessus/30044", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0059 and \n# CentOS Errata and Security Advisory 2008:0059 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(30044);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-3389\", \"CVE-2007-3390\", \"CVE-2007-3391\", \"CVE-2007-3392\", \"CVE-2007-3393\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_bugtraq_id(24662, 26532, 27071);\n script_xref(name:\"RHSA\", value:\"2008:0059\");\n\n script_name(english:\"CentOS 3 : wireshark (CESA-2008:0059)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated wireshark packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nSeveral flaws were found in Wireshark. Wireshark could crash or\npossibly execute arbitrary code as the user running Wireshark if it\nread a malformed packet off the network. (CVE-2007-6114,\nCVE-2007-6115, CVE-2007-6117)\n\nSeveral denial of service bugs were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off the\nnetwork. (CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392,\nCVE-2007-3392, CVE-2007-3393, CVE-2007-6113, CVE-2007-6118,\nCVE-2007-6120, CVE-2007-6121, CVE-2007-6450, CVE-2007-6451)\n\nAs well, Wireshark switched from using net-snmp to libsmi, which is\nincluded in this errata.\n\nUsers of wireshark should upgrade to these updated packages, which\ncontain Wireshark version 0.99.7, and resolve these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-January/014631.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?22d27ace\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-January/014632.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3853ddf8\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-January/014637.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?496d5c10\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libsmi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libsmi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/06/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/01/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"libsmi-0.4.5-3.el3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"libsmi-devel-0.4.5-3.el3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"wireshark-0.99.7-EL3.1\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"wireshark-gnome-0.99.7-EL3.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsmi / libsmi-devel / wireshark / wireshark-gnome\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:29:43", "description": "A number of vulnerabilities in the Wireshark program were found that could cause crashes, excessive looping, or exhaustion of system memory.\n\nThis updated provides wireshark 0.99.6 which is not vulnerable to these issues.", "cvss3": {}, "published": "2007-07-11T00:00:00", "type": "nessus", "title": "Mandrake Linux Security Advisory : wireshark (MDKSA-2007:145)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3389", "CVE-2007-3390", "CVE-2007-3391", "CVE-2007-3392", "CVE-2007-3393", "CVE-2007-6113"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64wireshark0", "p-cpe:/a:mandriva:linux:libwireshark0", "p-cpe:/a:mandriva:linux:tshark", "p-cpe:/a:mandriva:linux:wireshark", "p-cpe:/a:mandriva:linux:wireshark-tools", "cpe:/o:mandriva:linux:2007", "cpe:/o:mandriva:linux:2007.1"], "id": "MANDRAKE_MDKSA-2007-145.NASL", "href": "https://www.tenable.com/plugins/nessus/25698", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2007:145. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25698);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-3389\", \"CVE-2007-3390\", \"CVE-2007-3391\", \"CVE-2007-3392\", \"CVE-2007-3393\", \"CVE-2007-6113\");\n script_xref(name:\"MDKSA\", value:\"2007:145\");\n\n script_name(english:\"Mandrake Linux Security Advisory : wireshark (MDKSA-2007:145)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of vulnerabilities in the Wireshark program were found that\ncould cause crashes, excessive looping, or exhaustion of system\nmemory.\n\nThis updated provides wireshark 0.99.6 which is not vulnerable to\nthese issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.wireshark.org/security/wnpa-sec-2007-02.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(20, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/07/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64wireshark0-0.99.6-0.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libwireshark0-0.99.6-0.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"tshark-0.99.6-0.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"wireshark-0.99.6-0.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"wireshark-tools-0.99.6-0.1mdv2007.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64wireshark0-0.99.6-0mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libwireshark0-0.99.6-0mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"tshark-0.99.6-0mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"wireshark-0.99.6-0mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"wireshark-tools-0.99.6-0mdv2007.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "centos": [{"lastseen": "2023-01-01T02:55:51", "description": "**CentOS Errata and Security Advisory** CESA-2008:0058\n\n\nWireshark is a program for monitoring network traffic. Wireshark was\r\npreviously known as Ethereal.\r\n\r\nSeveral flaws were found in Wireshark. Wireshark could crash or possibly\r\nexecute arbitrary code as the user running Wireshark if it read a malformed\r\npacket off the network. (CVE-2007-6112, CVE-2007-6114, CVE-2007-6115,\r\nCVE-2007-6117)\r\n\r\nSeveral denial of service bugs were found in Wireshark. Wireshark could\r\ncrash or stop responding if it read a malformed packet off the network.\r\n(CVE-2007-6111, CVE-2007-6113, CVE-2007-6116, CVE-2007-6118, CVE-2007-6119,\r\nCVE-2007-6120, CVE-2007-6121, CVE-2007-6438, CVE-2007-6439, CVE-2007-6441,\r\nCVE-2007-6450, CVE-2007-6451)\r\n\r\nAs well, Wireshark switched from using net-snmp to libsmi, which is\r\nincluded in this errata.\r\n\r\nUsers of wireshark should upgrade to these updated packages, which contain\r\nWireshark version 0.99.7, and resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2008-January/064110.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-January/064111.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-January/064113.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-January/064119.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-January/064127.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-January/064128.html\n\n**Affected packages:**\nlibsmi\nlibsmi-devel\nwireshark\nwireshark-gnome\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2008:0058", "cvss3": {}, "published": "2008-01-21T17:15:49", "type": "centos", "title": "libsmi, wireshark security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6111", "CVE-2007-6112", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6116", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6119", "CVE-2007-6120", "CVE-2007-6121", "CVE-2007-6438", "CVE-2007-6439", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6451"], "modified": "2008-01-25T02:24:10", "id": "CESA-2008:0058", "href": "https://lists.centos.org/pipermail/centos-announce/2008-January/064110.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-01T02:55:51", "description": "**CentOS Errata and Security Advisory** CESA-2008:0059\n\n\nWireshark is a program for monitoring network traffic. Wireshark was\r\npreviously known as Ethereal.\r\n\r\nSeveral flaws were found in Wireshark. Wireshark could crash or possibly\r\nexecute arbitrary code as the user running Wireshark if it read a malformed\r\npacket off the network. (CVE-2007-6114, CVE-2007-6115, CVE-2007-6117)\r\n\r\nSeveral denial of service bugs were found in Wireshark. Wireshark could\r\ncrash or stop responding if it read a malformed packet off the network.\r\n(CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392, CVE-2007-3392,\r\nCVE-2007-3393, CVE-2007-6113, CVE-2007-6118, CVE-2007-6120, CVE-2007-6121,\r\nCVE-2007-6450, CVE-2007-6451)\r\n\r\nAs well, Wireshark switched from using net-snmp to libsmi, which is\r\nincluded in this errata.\r\n\r\nUsers of wireshark should upgrade to these updated packages, which contain\r\nWireshark version 0.99.7, and resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2008-January/064106.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-January/064107.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-January/064112.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-January/064117.html\n\n**Affected packages:**\nlibsmi\nlibsmi-devel\nwireshark\nwireshark-gnome\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2008:0059", "cvss3": {}, "published": "2008-01-21T15:05:11", "type": "centos", "title": "libsmi, wireshark security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3389", "CVE-2007-3390", "CVE-2007-3391", "CVE-2007-3392", "CVE-2007-3393", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6120", "CVE-2007-6121", "CVE-2007-6450", "CVE-2007-6451"], "modified": "2008-01-24T00:41:11", "id": "CESA-2008:0059", "href": "https://lists.centos.org/pipermail/centos-announce/2008-January/064106.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-07-24T12:49:49", "description": "The remote host is missing updates announced in\nadvisory GLSA 200712-23.", "cvss3": {}, "published": "2008-09-24T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200712-23 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6438", "CVE-2007-6119", "CVE-2007-6112", "CVE-2007-6111", "CVE-2007-6121", "CVE-2007-6451", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6114", "CVE-2007-6120", "CVE-2007-6439", "CVE-2007-6113", "CVE-2007-6116", "CVE-2007-6115"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:60085", "href": "http://plugins.openvas.org/nasl.php?oid=60085", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities have been discovered in Wireshark, allowing for\nthe remote execution of arbitrary code and a Denial of Service.\";\ntag_solution = \"All Wireshark users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/wireshark-0.99.7'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200712-23\nhttp://bugs.gentoo.org/show_bug.cgi?id=199958\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200712-23.\";\n\n \n\nif(description)\n{\n script_id(60085);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2007-6111\", \"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6116\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6119\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6438\", \"CVE-2007-6439\", \"CVE-2007-6441\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200712-23 (wireshark)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-analyzer/wireshark\", unaffected: make_list(\"ge 0.99.7\"), vulnerable: make_list(\"lt 0.99.7\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:10:20", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2008-09-04T00:00:00", "type": "openvas", "title": "wireshark -- multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6438", "CVE-2007-6119", "CVE-2007-6112", "CVE-2007-6111", "CVE-2007-6121", "CVE-2007-6451", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6114", "CVE-2007-6120", "CVE-2007-6439", "CVE-2007-6113", "CVE-2007-6116", "CVE-2007-6115"], "modified": "2016-10-04T00:00:00", "id": "OPENVAS:60052", "href": "http://plugins.openvas.org/nasl.php?oid=60052", "sourceData": "#\n#VID 8a835235-ae84-11dc-a5f9-001a4d49522b\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n wireshark\n wireshark-lite\n ethereal\n ethereal-lite\n tethereal\n tethereal-lite\n\nCVE-2007-6438\nUnspecified vulnerability in the SMB dissector in Wireshark (formerly\nEthereal) 0.99.6 allows remote attackers to cause a denial of service\nvia unknown vectors. NOTE: this identifier originally included MP3\nand NCP, but those issues are already covered by CVE-2007-6111.\n\nCVE-2007-6439\nWireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause\na denial of service (infinite or large loop) via the (1) IPv6 or (2)\nUSB dissector, which can trigger resource consumption or a crash.\nNOTE: this identifier originally included Firebird/Interbase, but it\nis already covered by CVE-2007-6116. The DCP ETSI issue is already\ncovered by CVE-2007-6119.\n\nCVE-2007-6441\nThe WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows\nremote attackers to cause a denial of service (crash) via unknown\nvectors related to 'unaligned access on some platforms.'\n\nCVE-2007-6450\nThe RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6\nallows remote attackers to cause a denial of service (infinite loop)\nvia unknown vectors.\n\nCVE-2007-6451\nUnspecified vulnerability in the CIP dissector in Wireshark (formerly\nEthereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial\nof service (crash) via unknown vectors that trigger allocation of\nlarge amounts of memory.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.wireshark.org/security/wnpa-sec-2007-03.html\nhttp://www.vuxml.org/freebsd/8a835235-ae84-11dc-a5f9-001a4d49522b.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(60052);\n script_version(\"$Revision: 4203 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-10-04 07:30:30 +0200 (Tue, 04 Oct 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6438\", \"CVE-2007-6439\", \"CVE-2007-6441\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"wireshark -- multiple vulnerabilities\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"wireshark\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.8.16\")>=0 && revcomp(a:bver, b:\"0.99.7\")<0) {\n txt += 'Package wireshark version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"wireshark-lite\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.8.16\")>=0 && revcomp(a:bver, b:\"0.99.7\")<0) {\n txt += 'Package wireshark-lite version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ethereal\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.8.16\")>=0 && revcomp(a:bver, b:\"0.99.7\")<0) {\n txt += 'Package ethereal version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ethereal-lite\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.8.16\")>=0 && revcomp(a:bver, b:\"0.99.7\")<0) {\n txt += 'Package ethereal-lite version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"tethereal\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.8.16\")>=0 && revcomp(a:bver, b:\"0.99.7\")<0) {\n txt += 'Package tethereal version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"tethereal-lite\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.8.16\")>=0 && revcomp(a:bver, b:\"0.99.7\")<0) {\n txt += 'Package tethereal-lite version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:38", "description": "Check for the Version of libsmi", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for libsmi CESA-2008:0058 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6438", "CVE-2007-6119", "CVE-2007-6112", "CVE-2007-6111", "CVE-2007-6121", "CVE-2007-6451", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6114", "CVE-2007-6120", "CVE-2007-6439", "CVE-2007-6113", "CVE-2007-6116", "CVE-2007-6115"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880208", "href": "http://plugins.openvas.org/nasl.php?oid=880208", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libsmi CESA-2008:0058 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Several flaws were found in Wireshark. Wireshark could crash or possibly\n execute arbitrary code as the user running Wireshark if it read a malformed\n packet off the network. (CVE-2007-6112, CVE-2007-6114, CVE-2007-6115,\n CVE-2007-6117)\n \n Several denial of service bugs were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off the network.\n (CVE-2007-6111, CVE-2007-6113, CVE-2007-6116, CVE-2007-6118, CVE-2007-6119,\n CVE-2007-6120, CVE-2007-6121, CVE-2007-6438, CVE-2007-6439, CVE-2007-6441,\n CVE-2007-6450, CVE-2007-6451)\n \n As well, Wireshark switched from using net-snmp to libsmi, which is\n included in this errata.\n \n Users of wireshark should upgrade to these updated packages, which contain\n Wireshark version 0.99.7, and resolve these issues.\";\n\ntag_affected = \"libsmi on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-January/014652.html\");\n script_id(880208);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0058\");\n script_cve_id(\"CVE-2007-6111\", \"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6116\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6119\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6438\", \"CVE-2007-6439\", \"CVE-2007-6441\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_name( \"CentOS Update for libsmi CESA-2008:0058 centos4 i386\");\n\n script_summary(\"Check for the Version of libsmi\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmi\", rpm:\"libsmi~0.4.5~2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-devel\", rpm:\"libsmi-devel~0.4.5~2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~0.99.7~1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:30", "description": "Check for the Version of libsmi", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for libsmi CESA-2008:0058 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6438", "CVE-2007-6119", "CVE-2007-6112", "CVE-2007-6111", "CVE-2007-6121", "CVE-2007-6451", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6114", "CVE-2007-6120", "CVE-2007-6439", "CVE-2007-6113", "CVE-2007-6116", "CVE-2007-6115"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880183", "href": "http://plugins.openvas.org/nasl.php?oid=880183", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libsmi CESA-2008:0058 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Several flaws were found in Wireshark. Wireshark could crash or possibly\n execute arbitrary code as the user running Wireshark if it read a malformed\n packet off the network. (CVE-2007-6112, CVE-2007-6114, CVE-2007-6115,\n CVE-2007-6117)\n \n Several denial of service bugs were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off the network.\n (CVE-2007-6111, CVE-2007-6113, CVE-2007-6116, CVE-2007-6118, CVE-2007-6119,\n CVE-2007-6120, CVE-2007-6121, CVE-2007-6438, CVE-2007-6439, CVE-2007-6441,\n CVE-2007-6450, CVE-2007-6451)\n \n As well, Wireshark switched from using net-snmp to libsmi, which is\n included in this errata.\n \n Users of wireshark should upgrade to these updated packages, which contain\n Wireshark version 0.99.7, and resolve these issues.\";\n\ntag_affected = \"libsmi on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-January/014653.html\");\n script_id(880183);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0058\");\n script_cve_id(\"CVE-2007-6111\", \"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6116\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6119\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6438\", \"CVE-2007-6439\", \"CVE-2007-6441\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_name( \"CentOS Update for libsmi CESA-2008:0058 centos4 x86_64\");\n\n script_summary(\"Check for the Version of libsmi\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmi\", rpm:\"libsmi~0.4.5~2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-devel\", rpm:\"libsmi-devel~0.4.5~2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~0.99.7~1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:59", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for wireshark MDVSA-2008:001-1 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6438", "CVE-2007-6119", "CVE-2007-6112", "CVE-2007-6111", "CVE-2007-6121", "CVE-2007-6451", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6114", "CVE-2007-6120", "CVE-2007-6439", "CVE-2007-6113", "CVE-2007-6116", "CVE-2007-6115"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:830471", "href": "http://plugins.openvas.org/nasl.php?oid=830471", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for wireshark MDVSA-2008:001-1 (wireshark)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities in the Wireshark program were found that\n could cause crashes, excessive looping, or arbitrary code execution.\n\n This update provides Wireshark 0.99.7 which is not vulnerable to\n these issues.\n \n An updated version of libsmi is also being provided, not because\n of security issues, but because this version of wireshark uses it\n instead of net-snmp for SNMP support.\n \n Update:\n \n This update is being reissued without libcap (kernel capabilities)\n support, as that is not required by the original released packages,\n and thus gave trouble for a number of users.\";\n\ntag_affected = \"wireshark on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-01/msg00006.php\");\n script_id(830471);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:18:58 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2008:001-1\");\n script_cve_id(\"CVE-2007-6111\", \"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6116\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6119\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6438\", \"CVE-2007-6439\", \"CVE-2007-6441\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_name( \"Mandriva Update for wireshark MDVSA-2008:001-1 (wireshark)\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~0.99.7~0.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~0.99.7~0.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~0.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~0.99.7~0.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~0.99.7~0.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~0.99.7~0.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~0.99.7~0.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~0.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~0.99.7~0.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~0.99.7~0.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~0.99.7~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~0.99.7~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~0.99.7~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~0.99.7~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~0.99.7~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~0.99.7~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:51", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for wireshark MDVSA-2008:1 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6438", "CVE-2007-6119", "CVE-2007-6112", "CVE-2007-6111", "CVE-2007-6121", "CVE-2007-6451", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6114", "CVE-2007-6120", "CVE-2007-6439", "CVE-2007-6113", "CVE-2007-6116", "CVE-2007-6115"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:830541", "href": "http://plugins.openvas.org/nasl.php?oid=830541", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for wireshark MDVSA-2008:1 (wireshark)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities in the Wireshark program were found that\n could cause crashes, excessive looping, or arbitrary code execution.\n\n This update rovides Wireshark 0.99.7 which is not vulnerable to\n these issues.\n \n An updated version of libsmi is also being provided, not because\n of security issues, but because this version of wireshark uses it\n instead of net-snmp for SNMP support.\";\n\ntag_affected = \"wireshark on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-01/msg00001.php\");\n script_id(830541);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2008:1\");\n script_cve_id(\"CVE-2007-6111\", \"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6116\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6119\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6438\", \"CVE-2007-6439\", \"CVE-2007-6441\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_name( \"Mandriva Update for wireshark MDVSA-2008:1 (wireshark)\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmi-mibs-ext\", rpm:\"libsmi-mibs-ext~0.4.5~2.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-mibs-std\", rpm:\"libsmi-mibs-std~0.4.5~2.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi2\", rpm:\"libsmi2~0.4.5~2.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi2-devel\", rpm:\"libsmi2-devel~0.4.5~2.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~0.99.7~0.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"smi-tools\", rpm:\"smi-tools~0.4.5~2.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~0.99.7~0.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~0.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~0.99.7~0.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi\", rpm:\"libsmi~0.4.5~2.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smi2\", rpm:\"lib64smi2~0.4.5~2.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smi2-devel\", rpm:\"lib64smi2-devel~0.4.5~2.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~0.99.7~0.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmi-mibs-ext\", rpm:\"libsmi-mibs-ext~0.4.5~2.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-mibs-std\", rpm:\"libsmi-mibs-std~0.4.5~2.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi2\", rpm:\"libsmi2~0.4.5~2.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi2-devel\", rpm:\"libsmi2-devel~0.4.5~2.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~0.99.7~0.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"smi-tools\", rpm:\"smi-tools~0.4.5~2.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~0.99.7~0.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~0.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~0.99.7~0.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi\", rpm:\"libsmi~0.4.5~2.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smi2\", rpm:\"lib64smi2~0.4.5~2.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smi2-devel\", rpm:\"lib64smi2-devel~0.4.5~2.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~0.99.7~0.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmi-devel\", rpm:\"libsmi-devel~0.4.5~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-mibs-ext\", rpm:\"libsmi-mibs-ext~0.4.5~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-mibs-std\", rpm:\"libsmi-mibs-std~0.4.5~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi2\", rpm:\"libsmi2~0.4.5~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~0.99.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~0.99.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"smi-tools\", rpm:\"smi-tools~0.4.5~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~0.99.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~0.99.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi\", rpm:\"libsmi~0.4.5~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smi-devel\", rpm:\"lib64smi-devel~0.4.5~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smi2\", rpm:\"lib64smi2~0.4.5~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~0.99.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~0.99.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:40", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for wireshark RHSA-2008:0058-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6438", "CVE-2007-6119", "CVE-2007-6112", "CVE-2007-6111", "CVE-2007-6121", "CVE-2007-6451", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6114", "CVE-2007-6120", "CVE-2007-6439", "CVE-2007-6113", "CVE-2007-6116", "CVE-2007-6115"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870170", "href": "http://plugins.openvas.org/nasl.php?oid=870170", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for wireshark RHSA-2008:0058-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Several flaws were found in Wireshark. Wireshark could crash or possibly\n execute arbitrary code as the user running Wireshark if it read a malformed\n packet off the network. (CVE-2007-6112, CVE-2007-6114, CVE-2007-6115,\n CVE-2007-6117)\n \n Several denial of service bugs were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off the network.\n (CVE-2007-6111, CVE-2007-6113, CVE-2007-6116, CVE-2007-6118, CVE-2007-6119,\n CVE-2007-6120, CVE-2007-6121, CVE-2007-6438, CVE-2007-6439, CVE-2007-6441,\n CVE-2007-6450, CVE-2007-6451)\n \n As well, Wireshark switched from using net-snmp to libsmi, which is\n included in this errata.\n \n Users of wireshark should upgrade to these updated packages, which contain\n Wireshark version 0.99.7, and resolve these issues.\";\n\ntag_affected = \"wireshark on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4,\n Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-January/msg00014.html\");\n script_id(870170);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0058-01\");\n script_cve_id(\"CVE-2007-6111\", \"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6116\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6119\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6438\", \"CVE-2007-6439\", \"CVE-2007-6441\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_name( \"RedHat Update for wireshark RHSA-2008:0058-01\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmi\", rpm:\"libsmi~0.4.5~2.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-debuginfo\", rpm:\"libsmi-debuginfo~0.4.5~2.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-devel\", rpm:\"libsmi-devel~0.4.5~2.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~0.99.7~1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~0.99.7~1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmi\", rpm:\"libsmi~0.4.5~2.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-debuginfo\", rpm:\"libsmi-debuginfo~0.4.5~2.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-devel\", rpm:\"libsmi-devel~0.4.5~2.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~1.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~0.99.7~1.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~0.99.7~1.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:24", "description": "Oracle Linux Local Security Checks ELSA-2008-0058", "cvss3": {}, "published": "2015-10-08T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2008-0058", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6438", "CVE-2007-6119", "CVE-2007-6112", "CVE-2007-6111", "CVE-2007-6121", "CVE-2007-6451", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6114", "CVE-2007-6120", "CVE-2007-6439", "CVE-2007-6113", "CVE-2007-6116", "CVE-2007-6115"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122614", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122614", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2008-0058.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122614\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:49:22 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2008-0058\");\n script_tag(name:\"insight\", value:\"ELSA-2008-0058 - Moderate: wireshark security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2008-0058\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2008-0058.html\");\n script_cve_id(\"CVE-2007-6111\", \"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6116\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6119\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6438\", \"CVE-2007-6439\", \"CVE-2007-6441\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"libsmi\", rpm:\"libsmi~0.4.5~2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libsmi-devel\", rpm:\"libsmi-devel~0.4.5~2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~1.el5.0.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~0.99.7~1.el5.0.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-04-09T11:41:19", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for wireshark RHSA-2008:0058-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6438", "CVE-2007-6119", "CVE-2007-6112", "CVE-2007-6111", "CVE-2007-6121", "CVE-2007-6451", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6114", "CVE-2007-6120", "CVE-2007-6439", "CVE-2007-6113", "CVE-2007-6116", "CVE-2007-6115"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310870170", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870170", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for wireshark RHSA-2008:0058-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Several flaws were found in Wireshark. Wireshark could crash or possibly\n execute arbitrary code as the user running Wireshark if it read a malformed\n packet off the network. (CVE-2007-6112, CVE-2007-6114, CVE-2007-6115,\n CVE-2007-6117)\n \n Several denial of service bugs were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off the network.\n (CVE-2007-6111, CVE-2007-6113, CVE-2007-6116, CVE-2007-6118, CVE-2007-6119,\n CVE-2007-6120, CVE-2007-6121, CVE-2007-6438, CVE-2007-6439, CVE-2007-6441,\n CVE-2007-6450, CVE-2007-6451)\n \n As well, Wireshark switched from using net-snmp to libsmi, which is\n included in this errata.\n \n Users of wireshark should upgrade to these updated packages, which contain\n Wireshark version 0.99.7, and resolve these issues.\";\n\ntag_affected = \"wireshark on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4,\n Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-January/msg00014.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870170\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0058-01\");\n script_cve_id(\"CVE-2007-6111\", \"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6116\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6119\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6438\", \"CVE-2007-6439\", \"CVE-2007-6441\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_name( \"RedHat Update for wireshark RHSA-2008:0058-01\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmi\", rpm:\"libsmi~0.4.5~2.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-debuginfo\", rpm:\"libsmi-debuginfo~0.4.5~2.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-devel\", rpm:\"libsmi-devel~0.4.5~2.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~0.99.7~1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~0.99.7~1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmi\", rpm:\"libsmi~0.4.5~2.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-debuginfo\", rpm:\"libsmi-debuginfo~0.4.5~2.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-devel\", rpm:\"libsmi-devel~0.4.5~2.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~1.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~0.99.7~1.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~0.99.7~1.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:39:50", "description": "Check for the Version of libsmi", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for libsmi CESA-2008:0058 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6438", "CVE-2007-6119", "CVE-2007-6112", "CVE-2007-6111", "CVE-2007-6121", "CVE-2007-6451", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6114", "CVE-2007-6120", "CVE-2007-6439", "CVE-2007-6113", "CVE-2007-6116", "CVE-2007-6115"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880183", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880183", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libsmi CESA-2008:0058 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Several flaws were found in Wireshark. Wireshark could crash or possibly\n execute arbitrary code as the user running Wireshark if it read a malformed\n packet off the network. (CVE-2007-6112, CVE-2007-6114, CVE-2007-6115,\n CVE-2007-6117)\n \n Several denial of service bugs were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off the network.\n (CVE-2007-6111, CVE-2007-6113, CVE-2007-6116, CVE-2007-6118, CVE-2007-6119,\n CVE-2007-6120, CVE-2007-6121, CVE-2007-6438, CVE-2007-6439, CVE-2007-6441,\n CVE-2007-6450, CVE-2007-6451)\n \n As well, Wireshark switched from using net-snmp to libsmi, which is\n included in this errata.\n \n Users of wireshark should upgrade to these updated packages, which contain\n Wireshark version 0.99.7, and resolve these issues.\";\n\ntag_affected = \"libsmi on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-January/014653.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880183\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0058\");\n script_cve_id(\"CVE-2007-6111\", \"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6116\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6119\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6438\", \"CVE-2007-6439\", \"CVE-2007-6441\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_name( \"CentOS Update for libsmi CESA-2008:0058 centos4 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of libsmi\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmi\", rpm:\"libsmi~0.4.5~2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-devel\", rpm:\"libsmi-devel~0.4.5~2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~0.99.7~1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:13", "description": "Check for the Version of libsmi", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for libsmi CESA-2008:0058 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6438", "CVE-2007-6119", "CVE-2007-6112", "CVE-2007-6111", "CVE-2007-6121", "CVE-2007-6451", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6114", "CVE-2007-6120", "CVE-2007-6439", "CVE-2007-6113", "CVE-2007-6116", "CVE-2007-6115"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880208", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880208", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libsmi CESA-2008:0058 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Several flaws were found in Wireshark. Wireshark could crash or possibly\n execute arbitrary code as the user running Wireshark if it read a malformed\n packet off the network. (CVE-2007-6112, CVE-2007-6114, CVE-2007-6115,\n CVE-2007-6117)\n \n Several denial of service bugs were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off the network.\n (CVE-2007-6111, CVE-2007-6113, CVE-2007-6116, CVE-2007-6118, CVE-2007-6119,\n CVE-2007-6120, CVE-2007-6121, CVE-2007-6438, CVE-2007-6439, CVE-2007-6441,\n CVE-2007-6450, CVE-2007-6451)\n \n As well, Wireshark switched from using net-snmp to libsmi, which is\n included in this errata.\n \n Users of wireshark should upgrade to these updated packages, which contain\n Wireshark version 0.99.7, and resolve these issues.\";\n\ntag_affected = \"libsmi on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-January/014652.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880208\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0058\");\n script_cve_id(\"CVE-2007-6111\", \"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6116\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6119\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6438\", \"CVE-2007-6439\", \"CVE-2007-6441\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_name( \"CentOS Update for libsmi CESA-2008:0058 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of libsmi\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmi\", rpm:\"libsmi~0.4.5~2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-devel\", rpm:\"libsmi-devel~0.4.5~2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~0.99.7~1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:43", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for wireshark MDVSA-2008:1 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6438", "CVE-2007-6119", "CVE-2007-6112", "CVE-2007-6111", "CVE-2007-6121", "CVE-2007-6451", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6114", "CVE-2007-6120", "CVE-2007-6439", "CVE-2007-6113", "CVE-2007-6116", "CVE-2007-6115"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310830541", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830541", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for wireshark MDVSA-2008:1 (wireshark)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities in the Wireshark program were found that\n could cause crashes, excessive looping, or arbitrary code execution.\n\n This update rovides Wireshark 0.99.7 which is not vulnerable to\n these issues.\n \n An updated version of libsmi is also being provided, not because\n of security issues, but because this version of wireshark uses it\n instead of net-snmp for SNMP support.\";\n\ntag_affected = \"wireshark on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-01/msg00001.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830541\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2008:1\");\n script_cve_id(\"CVE-2007-6111\", \"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6116\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6119\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6438\", \"CVE-2007-6439\", \"CVE-2007-6441\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_name( \"Mandriva Update for wireshark MDVSA-2008:1 (wireshark)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmi-mibs-ext\", rpm:\"libsmi-mibs-ext~0.4.5~2.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-mibs-std\", rpm:\"libsmi-mibs-std~0.4.5~2.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi2\", rpm:\"libsmi2~0.4.5~2.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi2-devel\", rpm:\"libsmi2-devel~0.4.5~2.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~0.99.7~0.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"smi-tools\", rpm:\"smi-tools~0.4.5~2.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~0.99.7~0.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~0.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~0.99.7~0.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi\", rpm:\"libsmi~0.4.5~2.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smi2\", rpm:\"lib64smi2~0.4.5~2.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smi2-devel\", rpm:\"lib64smi2-devel~0.4.5~2.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~0.99.7~0.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmi-mibs-ext\", rpm:\"libsmi-mibs-ext~0.4.5~2.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-mibs-std\", rpm:\"libsmi-mibs-std~0.4.5~2.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi2\", rpm:\"libsmi2~0.4.5~2.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi2-devel\", rpm:\"libsmi2-devel~0.4.5~2.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~0.99.7~0.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"smi-tools\", rpm:\"smi-tools~0.4.5~2.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~0.99.7~0.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~0.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~0.99.7~0.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi\", rpm:\"libsmi~0.4.5~2.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smi2\", rpm:\"lib64smi2~0.4.5~2.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smi2-devel\", rpm:\"lib64smi2-devel~0.4.5~2.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~0.99.7~0.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmi-devel\", rpm:\"libsmi-devel~0.4.5~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-mibs-ext\", rpm:\"libsmi-mibs-ext~0.4.5~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-mibs-std\", rpm:\"libsmi-mibs-std~0.4.5~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi2\", rpm:\"libsmi2~0.4.5~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~0.99.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~0.99.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"smi-tools\", rpm:\"smi-tools~0.4.5~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~0.99.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~0.99.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi\", rpm:\"libsmi~0.4.5~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smi-devel\", rpm:\"lib64smi-devel~0.4.5~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64smi2\", rpm:\"lib64smi2~0.4.5~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~0.99.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~0.99.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:03", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for wireshark MDVSA-2008:001-1 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6438", "CVE-2007-6119", "CVE-2007-6112", "CVE-2007-6111", "CVE-2007-6121", "CVE-2007-6451", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6114", "CVE-2007-6120", "CVE-2007-6439", "CVE-2007-6113", "CVE-2007-6116", "CVE-2007-6115"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310830471", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830471", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for wireshark MDVSA-2008:001-1 (wireshark)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities in the Wireshark program were found that\n could cause crashes, excessive looping, or arbitrary code execution.\n\n This update provides Wireshark 0.99.7 which is not vulnerable to\n these issues.\n \n An updated version of libsmi is also being provided, not because\n of security issues, but because this version of wireshark uses it\n instead of net-snmp for SNMP support.\n \n Update:\n \n This update is being reissued without libcap (kernel capabilities)\n support, as that is not required by the original released packages,\n and thus gave trouble for a number of users.\";\n\ntag_affected = \"wireshark on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-01/msg00006.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830471\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:18:58 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2008:001-1\");\n script_cve_id(\"CVE-2007-6111\", \"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6116\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6119\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6438\", \"CVE-2007-6439\", \"CVE-2007-6441\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_name( \"Mandriva Update for wireshark MDVSA-2008:001-1 (wireshark)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~0.99.7~0.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~0.99.7~0.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~0.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~0.99.7~0.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~0.99.7~0.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~0.99.7~0.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~0.99.7~0.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~0.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~0.99.7~0.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~0.99.7~0.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~0.99.7~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~0.99.7~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~0.99.7~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~0.99.7~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~0.99.7~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~0.99.7~0.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:53", "description": "The remote host is missing an update to wireshark\nannounced via advisory DSA 1414-1.", "cvss3": {}, "published": "2008-01-17T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1414-1 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6121", "CVE-2007-6114", "CVE-2007-6120"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:59639", "href": "http://plugins.openvas.org/nasl.php?oid=59639", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1414_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1414-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in the Wireshark\nnetwork traffic analyzer, which may lead to denial of service or the\nexecution of arbitrary code. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2007-6114\n\nStefan Esser discovered a buffer overflow in the SSL dissector.\nFabiodds discovered a buffer overflow in the iSeries trace\ndissector.\n\nCVE-2007-6117\n\nA programming error was discovered in the HTTP dissector, which may\nlead to denial of service.\n\nCVE-2007-6118\n\nThe MEGACO dissector could be tricked into ressource exhaustion.\n\nCVE-2007-6120\n\nThe Bluetooth SDP dissector could be tricked into an endless loop.\n\nCVE-2007-6121\n\nThe RPC portmap dissector could be tricked into dereferencing\na NULL pointer.\n\nFor the stable distribution (etch), these problems have been fixed\nin version 0.99.4-5.etch.1. Updates packages for sparc will be provided\nlater.\n\nFor the old stable distribution (sarge), these problems have been\nfixed in version 0.10.10-2sarge10. (In Sarge Wireshark used to be\ncalled Ethereal). Updates packages for sparc and m68k will be provided\nlater.\n\nWe recommend that you upgrade your wireshark/ethereal packages.\";\ntag_summary = \"The remote host is missing an update to wireshark\nannounced via advisory DSA 1414-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201414-1\";\n\nif(description)\n{\n script_id(59639);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:23:47 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2007-6114\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6120\", \"CVE-2007-6121\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1414-1 (wireshark)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"ethereal-common\", ver:\"0.99.4-5.etch.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ethereal\", ver:\"0.99.4-5.etch.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ethereal-dev\", ver:\"0.99.4-5.etch.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tethereal\", ver:\"0.99.4-5.etch.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tshark\", ver:\"0.99.4-5.etch.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"0.99.4-5.etch.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"0.99.4-5.etch.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark\", ver:\"0.99.4-5.etch.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:46", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2007-4590", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6119", "CVE-2007-6112", "CVE-2007-6111", "CVE-2007-6121", "CVE-2007-6114", "CVE-2007-6120", "CVE-2007-6113", "CVE-2007-6116", "CVE-2007-6115"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:861173", "href": "http://plugins.openvas.org/nasl.php?oid=861173", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2007-4590\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a network traffic analyzer for Unix-ish operating systems.\n\n This package lays base for libpcap, a packet capture and filtering\n library, contains command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface is packaged\n separately to GTK+ package.\";\n\ntag_affected = \"wireshark on Fedora 8\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00606.html\");\n script_id(861173);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:27:46 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2007-4590\");\n script_cve_id(\"CVE-2007-6111\", \"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6116\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6119\", \"CVE-2007-6120\", \"CVE-2007-6121\");\n script_name( \"Fedora Update for wireshark FEDORA-2007-4590\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~2.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~0.99.7~2.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~0.99.7~2.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~2.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~0.99.7~2.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~0.99.7~2.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~2.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:59", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2007-4690", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6119", "CVE-2007-6112", "CVE-2007-6111", "CVE-2007-6121", "CVE-2007-6114", "CVE-2007-6120", "CVE-2007-6113", "CVE-2007-6116", "CVE-2007-6115"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:861563", "href": "http://plugins.openvas.org/nasl.php?oid=861563", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2007-4690\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a network traffic analyzer for Unix-ish operating systems.\n\n This package lays base for libpcap, a packet capture and filtering\n library, contains command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface is packaged\n separately to GTK+ package.\";\n\ntag_affected = \"wireshark on Fedora 7\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00712.html\");\n script_id(861563);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:27:46 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2007-4690\");\n script_cve_id(\"CVE-2007-6111\", \"CVE-2007-6112\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6116\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6119\", \"CVE-2007-6120\", \"CVE-2007-6121\");\n script_name( \"Fedora Update for wireshark FEDORA-2007-4690\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~0.99.7~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~0.99.7~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~0.99.7~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~0.99.7~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:54", "description": "Check for the Version of libsmi", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for libsmi CESA-2008:0059 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3390", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-3389", "CVE-2007-3392", "CVE-2007-6121", "CVE-2007-6451", "CVE-2007-6450", "CVE-2007-6114", "CVE-2007-3393", "CVE-2007-6120", "CVE-2007-3391", "CVE-2007-6113", "CVE-2007-6115"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880091", "href": "http://plugins.openvas.org/nasl.php?oid=880091", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libsmi CESA-2008:0059 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Several flaws were found in Wireshark. Wireshark could crash or possibly\n execute arbitrary code as the user running Wireshark if it read a malformed\n packet off the network. (CVE-2007-6114, CVE-2007-6115, CVE-2007-6117)\n \n Several denial of service bugs were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off the network.\n (CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392, CVE-2007-3392,\n CVE-2007-3393, CVE-2007-6113, CVE-2007-6118, CVE-2007-6120, CVE-2007-6121,\n CVE-2007-6450, CVE-2007-6451)\n \n As well, Wireshark switched from using net-snmp to libsmi, which is\n included in this errata.\n \n Users of wireshark should upgrade to these updated packages, which contain\n Wireshark version 0.99.7, and resolve these issues.\";\n\ntag_affected = \"libsmi on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-January/014631.html\");\n script_id(880091);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0059\");\n script_cve_id(\"CVE-2007-3389\", \"CVE-2007-3390\", \"CVE-2007-3391\", \"CVE-2007-3392\", \"CVE-2007-3393\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_name( \"CentOS Update for libsmi CESA-2008:0059 centos3 i386\");\n\n script_summary(\"Check for the Version of libsmi\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmi\", rpm:\"libsmi~0.4.5~3.el3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-devel\", rpm:\"libsmi-devel~0.4.5~3.el3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~EL3.1\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~0.99.7~EL3.1\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:56", "description": "Check for the Version of libsmi", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for libsmi CESA-2008:0059 centos3 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3390", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-3389", "CVE-2007-3392", "CVE-2007-6121", "CVE-2007-6451", "CVE-2007-6450", "CVE-2007-6114", "CVE-2007-3393", "CVE-2007-6120", "CVE-2007-3391", "CVE-2007-6113", "CVE-2007-6115"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880129", "href": "http://plugins.openvas.org/nasl.php?oid=880129", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libsmi CESA-2008:0059 centos3 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Several flaws were found in Wireshark. Wireshark could crash or possibly\n execute arbitrary code as the user running Wireshark if it read a malformed\n packet off the network. (CVE-2007-6114, CVE-2007-6115, CVE-2007-6117)\n \n Several denial of service bugs were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off the network.\n (CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392, CVE-2007-3392,\n CVE-2007-3393, CVE-2007-6113, CVE-2007-6118, CVE-2007-6120, CVE-2007-6121,\n CVE-2007-6450, CVE-2007-6451)\n \n As well, Wireshark switched from using net-snmp to libsmi, which is\n included in this errata.\n \n Users of wireshark should upgrade to these updated packages, which contain\n Wireshark version 0.99.7, and resolve these issues.\";\n\ntag_affected = \"libsmi on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-January/014632.html\");\n script_id(880129);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0059\");\n script_cve_id(\"CVE-2007-3389\", \"CVE-2007-3390\", \"CVE-2007-3391\", \"CVE-2007-3392\", \"CVE-2007-3393\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_name( \"CentOS Update for libsmi CESA-2008:0059 centos3 x86_64\");\n\n script_summary(\"Check for the Version of libsmi\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmi\", rpm:\"libsmi~0.4.5~3.el3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-devel\", rpm:\"libsmi-devel~0.4.5~3.el3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~EL3.1\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~0.99.7~EL3.1\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:41", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for wireshark RHSA-2008:0059-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3390", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-3389", "CVE-2007-3392", "CVE-2007-6121", "CVE-2007-6451", "CVE-2007-6450", "CVE-2007-6114", "CVE-2007-3393", "CVE-2007-6120", "CVE-2007-3391", "CVE-2007-6113", "CVE-2007-6115"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870085", "href": "http://plugins.openvas.org/nasl.php?oid=870085", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for wireshark RHSA-2008:0059-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Several flaws were found in Wireshark. Wireshark could crash or possibly\n execute arbitrary code as the user running Wireshark if it read a malformed\n packet off the network. (CVE-2007-6114, CVE-2007-6115, CVE-2007-6117)\n \n Several denial of service bugs were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off the network.\n (CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392, CVE-2007-3392,\n CVE-2007-3393, CVE-2007-6113, CVE-2007-6118, CVE-2007-6120, CVE-2007-6121,\n CVE-2007-6450, CVE-2007-6451)\n \n As well, Wireshark switched from using net-snmp to libsmi, which is\n included in this errata.\n \n Users of wireshark should upgrade to these updated packages, which contain\n Wireshark version 0.99.7, and resolve these issues.\";\n\ntag_affected = \"wireshark on Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux WS version 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-January/msg00015.html\");\n script_id(870085);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0059-01\");\n script_cve_id(\"CVE-2007-3389\", \"CVE-2007-3390\", \"CVE-2007-3391\", \"CVE-2007-3392\", \"CVE-2007-3393\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_name( \"RedHat Update for wireshark RHSA-2008:0059-01\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmi\", rpm:\"libsmi~0.4.5~3.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-debuginfo\", rpm:\"libsmi-debuginfo~0.4.5~3.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-devel\", rpm:\"libsmi-devel~0.4.5~3.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~EL3.1\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~0.99.7~EL3.1\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~0.99.7~EL3.1\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:23", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for wireshark RHSA-2008:0059-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3390", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-3389", "CVE-2007-3392", "CVE-2007-6121", "CVE-2007-6451", "CVE-2007-6450", "CVE-2007-6114", "CVE-2007-3393", "CVE-2007-6120", "CVE-2007-3391", "CVE-2007-6113", "CVE-2007-6115"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310870085", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870085", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for wireshark RHSA-2008:0059-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Several flaws were found in Wireshark. Wireshark could crash or possibly\n execute arbitrary code as the user running Wireshark if it read a malformed\n packet off the network. (CVE-2007-6114, CVE-2007-6115, CVE-2007-6117)\n \n Several denial of service bugs were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off the network.\n (CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392, CVE-2007-3392,\n CVE-2007-3393, CVE-2007-6113, CVE-2007-6118, CVE-2007-6120, CVE-2007-6121,\n CVE-2007-6450, CVE-2007-6451)\n \n As well, Wireshark switched from using net-snmp to libsmi, which is\n included in this errata.\n \n Users of wireshark should upgrade to these updated packages, which contain\n Wireshark version 0.99.7, and resolve these issues.\";\n\ntag_affected = \"wireshark on Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux WS version 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-January/msg00015.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870085\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0059-01\");\n script_cve_id(\"CVE-2007-3389\", \"CVE-2007-3390\", \"CVE-2007-3391\", \"CVE-2007-3392\", \"CVE-2007-3393\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_name( \"RedHat Update for wireshark RHSA-2008:0059-01\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmi\", rpm:\"libsmi~0.4.5~3.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-debuginfo\", rpm:\"libsmi-debuginfo~0.4.5~3.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-devel\", rpm:\"libsmi-devel~0.4.5~3.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~EL3.1\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~0.99.7~EL3.1\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~0.99.7~EL3.1\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:55", "description": "Check for the Version of libsmi", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for libsmi CESA-2008:0059 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3390", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-3389", "CVE-2007-3392", "CVE-2007-6121", "CVE-2007-6451", "CVE-2007-6450", "CVE-2007-6114", "CVE-2007-3393", "CVE-2007-6120", "CVE-2007-3391", "CVE-2007-6113", "CVE-2007-6115"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880091", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880091", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libsmi CESA-2008:0059 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Several flaws were found in Wireshark. Wireshark could crash or possibly\n execute arbitrary code as the user running Wireshark if it read a malformed\n packet off the network. (CVE-2007-6114, CVE-2007-6115, CVE-2007-6117)\n \n Several denial of service bugs were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off the network.\n (CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392, CVE-2007-3392,\n CVE-2007-3393, CVE-2007-6113, CVE-2007-6118, CVE-2007-6120, CVE-2007-6121,\n CVE-2007-6450, CVE-2007-6451)\n \n As well, Wireshark switched from using net-snmp to libsmi, which is\n included in this errata.\n \n Users of wireshark should upgrade to these updated packages, which contain\n Wireshark version 0.99.7, and resolve these issues.\";\n\ntag_affected = \"libsmi on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-January/014631.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880091\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0059\");\n script_cve_id(\"CVE-2007-3389\", \"CVE-2007-3390\", \"CVE-2007-3391\", \"CVE-2007-3392\", \"CVE-2007-3393\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_name( \"CentOS Update for libsmi CESA-2008:0059 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of libsmi\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmi\", rpm:\"libsmi~0.4.5~3.el3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-devel\", rpm:\"libsmi-devel~0.4.5~3.el3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~EL3.1\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~0.99.7~EL3.1\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:00", "description": "Check for the Version of libsmi", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for libsmi CESA-2008:0059 centos3 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3390", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-3389", "CVE-2007-3392", "CVE-2007-6121", "CVE-2007-6451", "CVE-2007-6450", "CVE-2007-6114", "CVE-2007-3393", "CVE-2007-6120", "CVE-2007-3391", "CVE-2007-6113", "CVE-2007-6115"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880129", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880129", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libsmi CESA-2008:0059 centos3 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Several flaws were found in Wireshark. Wireshark could crash or possibly\n execute arbitrary code as the user running Wireshark if it read a malformed\n packet off the network. (CVE-2007-6114, CVE-2007-6115, CVE-2007-6117)\n \n Several denial of service bugs were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off the network.\n (CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392, CVE-2007-3392,\n CVE-2007-3393, CVE-2007-6113, CVE-2007-6118, CVE-2007-6120, CVE-2007-6121,\n CVE-2007-6450, CVE-2007-6451)\n \n As well, Wireshark switched from using net-snmp to libsmi, which is\n included in this errata.\n \n Users of wireshark should upgrade to these updated packages, which contain\n Wireshark version 0.99.7, and resolve these issues.\";\n\ntag_affected = \"libsmi on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-January/014632.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880129\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0059\");\n script_cve_id(\"CVE-2007-3389\", \"CVE-2007-3390\", \"CVE-2007-3391\", \"CVE-2007-3392\", \"CVE-2007-3393\", \"CVE-2007-6113\", \"CVE-2007-6114\", \"CVE-2007-6115\", \"CVE-2007-6117\", \"CVE-2007-6118\", \"CVE-2007-6120\", \"CVE-2007-6121\", \"CVE-2007-6450\", \"CVE-2007-6451\");\n script_name( \"CentOS Update for libsmi CESA-2008:0059 centos3 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of libsmi\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"libsmi\", rpm:\"libsmi~0.4.5~3.el3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsmi-devel\", rpm:\"libsmi-devel~0.4.5~3.el3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.7~EL3.1\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~0.99.7~EL3.1\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:49", "description": "The remote host is missing an update to wireshark\nannounced via advisory DSA 1446-1.", "cvss3": {}, "published": "2008-01-17T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1446-1 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6451", "CVE-2007-6450"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:60100", "href": "http://plugins.openvas.org/nasl.php?oid=60100", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1446_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1446-1 (wireshark)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in the Wireshark\nnetwork traffic analyzer, which may lead to denial of service. The\nCommon Vulnerabilities and Exposures project identifies the following\nproblems:\n\nCVE-2007-6450\n\nThe RPL dissector could be tricked into an infinite loop.\n\nCVE-2007-6451\n\nThe CIP dissector could be tricked into excessive memory\nallocation.\n\nFor the old stable distribution (sarge), these problems have been fixed in\nversion 0.10.10-2sarge11. (In Sarge Wireshark used to be called Ethereal).\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 0.99.4-5.etch.2.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 0.99.7-1.\n\nWe recommend that you upgrade your wireshark packages.\";\ntag_summary = \"The remote host is missing an update to wireshark\nannounced via advisory DSA 1446-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201446-1\";\n\n\nif(description)\n{\n script_id(60100);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:23:47 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2007-6450\", \"CVE-2007-6451\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Debian Security Advisory DSA 1446-1 (wireshark)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"ethereal-common\", ver:\"0.10.10-2sarge11\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ethereal\", ver:\"0.10.10-2sarge11\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tethereal\", ver:\"0.10.10-2sarge11\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ethereal-dev\", ver:\"0.10.10-2sarge11\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ethereal-common\", ver:\"0.99.4-5.etch.2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"0.99.4-5.etch.2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"0.99.4-5.etch.2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ethereal\", ver:\"0.99.4-5.etch.2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tshark\", ver:\"0.99.4-5.etch.2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tethereal\", ver:\"0.99.4-5.etch.2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ethereal-dev\", ver:\"0.99.4-5.etch.2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark\", ver:\"0.99.4-5.etch.2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:37:18", "description": " wireshark-0.99.7-1.el5.0.1:\n \n [0.99.7-1.el5.0.1]\n - Add oracle-ocfs2-network.patch\n \n [0.99.7-1]\n - upgrade to 0.99.7\n - switch to libsmi from net-snmp\n - disable ADNS due to its lack of Ipv6 support\n - Resolves: #397411\n \n libsmi-0.4.5-2.el5:\n \n [0.4.5-2]\n - Handle rpath problems in 64-bit systems (#209522).\n \n [0.4.5-1]\n - Update to 0.4.5.\n \n [0.4.4-1]\n - Update to 0.4.4.\n \n [0.4.3-1]\n - First build. ", "cvss3": {}, "published": "2008-01-22T00:00:00", "type": "oraclelinux", "title": "Moderate: wireshark security update ", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6438", "CVE-2007-6119", "CVE-2007-6112", "CVE-2007-6111", "CVE-2007-6121", "CVE-2007-6451", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6114", "CVE-2007-6120", "CVE-2007-6439", "CVE-2007-6113", "CVE-2007-6116", "CVE-2007-6115"], "modified": "2008-01-22T00:00:00", "id": "ELSA-2008-0058", "href": "http://linux.oracle.com/errata/ELSA-2008-0058.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2021-10-21T04:43:28", "description": "Wireshark is a program for monitoring network traffic. Wireshark was\r\npreviously known as Ethereal.\r\n\r\nSeveral flaws were found in Wireshark. Wireshark could crash or possibly\r\nexecute arbitrary code as the user running Wireshark if it read a malformed\r\npacket off the network. (CVE-2007-6112, CVE-2007-6114, CVE-2007-6115,\r\nCVE-2007-6117)\r\n\r\nSeveral denial of service bugs were found in Wireshark. Wireshark could\r\ncrash or stop responding if it read a malformed packet off the network.\r\n(CVE-2007-6111, CVE-2007-6113, CVE-2007-6116, CVE-2007-6118, CVE-2007-6119,\r\nCVE-2007-6120, CVE-2007-6121, CVE-2007-6438, CVE-2007-6439, CVE-2007-6441,\r\nCVE-2007-6450, CVE-2007-6451)\r\n\r\nAs well, Wireshark switched from using net-snmp to libsmi, which is\r\nincluded in this errata.\r\n\r\nUsers of wireshark should upgrade to these updated packages, which contain\r\nWireshark version 0.99.7, and resolve these issues.", "cvss3": {}, "published": "2008-01-21T00:00:00", "type": "redhat", "title": "(RHSA-2008:0058) Moderate: wireshark security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6111", "CVE-2007-6112", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6116", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6119", "CVE-2007-6120", "CVE-2007-6121", "CVE-2007-6438", "CVE-2007-6439", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6451"], "modified": "2017-09-08T08:06:06", "id": "RHSA-2008:0058", "href": "https://access.redhat.com/errata/RHSA-2008:0058", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-21T04:45:58", "description": "Wireshark is a program for monitoring network traffic. Wireshark was\r\npreviously known as Ethereal.\r\n\r\nSeveral flaws were found in Wireshark. Wireshark could crash or possibly\r\nexecute arbitrary code as the user running Wireshark if it read a malformed\r\npacket off the network. (CVE-2007-6114, CVE-2007-6115, CVE-2007-6117)\r\n\r\nSeveral denial of service bugs were found in Wireshark. Wireshark could\r\ncrash or stop responding if it read a malformed packet off the network.\r\n(CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392, CVE-2007-3392,\r\nCVE-2007-3393, CVE-2007-6113, CVE-2007-6118, CVE-2007-6120, CVE-2007-6121,\r\nCVE-2007-6450, CVE-2007-6451)\r\n\r\nAs well, Wireshark switched from using net-snmp to libsmi, which is\r\nincluded in this errata.\r\n\r\nUsers of wireshark should upgrade to these updated packages, which contain\r\nWireshark version 0.99.7, and resolve these issues.", "cvss3": {}, "published": "2008-01-21T00:00:00", "type": "redhat", "title": "(RHSA-2008:0059) Moderate: wireshark security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3389", "CVE-2007-3390", "CVE-2007-3391", "CVE-2007-3392", "CVE-2007-3393", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6120", "CVE-2007-6121", "CVE-2007-6450", "CVE-2007-6451"], "modified": "2017-07-28T14:43:39", "id": "RHSA-2008:0059", "href": "https://access.redhat.com/errata/RHSA-2008:0059", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2021-10-22T01:50:46", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1414-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nNovember 27, 2007 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : wireshark\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2007-6114 CVE-2007-6117 CVE-2007-6118 CVE-2007-6120 CVE-2007-6121\n\nSeveral remote vulnerabilities have been discovered in the Wireshark\nnetwork traffic analyzer, which may lead to denial of service or the\nexecution of arbitrary code. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2007-6114\n\n Stefan Esser discovered a buffer overflow in the SSL dissector.\n "Fabiodds" discovered a buffer overflow in the iSeries trace\n dissector.\n\nCVE-2007-6117\n\n A programming error was discovered in the HTTP dissector, which may\n lead to denial of service.\n\nCVE-2007-6118\n\n The MEGACO dissector could be tricked into ressource exhaustion.\n\nCVE-2007-6120\n\n The Bluetooth SDP dissector could be tricked into an endless loop.\n\nCVE-2007-6121\n\n The RPC portmap dissector could be tricked into dereferencing\n a NULL pointer.\n\nFor the stable distribution (etch), these problems have been fixed\nin version 0.99.4-5.etch.1. Updates packages for sparc will be provided\nlater.\n\nFor the old stable distribution (sarge), these problems have been\nfixed in version 0.10.10-2sarge10. (In Sarge Wireshark used to be\ncalled Ethereal). Updates packages for sparc and m68k will be provided\nlater.\n\nWe recommend that you upgrade your wireshark/ethereal packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian 3.1 (oldstable)\n- ----------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10.dsc\n Size/MD5 checksum: 857 13f70e9eb8c1e2fed6ddeabb44ac1d3a\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10.diff.gz\n Size/MD5 checksum: 178414 82a9fb4100a52b10d70e6bc2dd46ba71\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10.orig.tar.gz\n Size/MD5 checksum: 7411510 e6b74468412c17bb66cd459bfb61471c\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge10_alpha.deb\n Size/MD5 checksum: 5473208 67be7f7d2a830e1d67596be0a034acb7\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10_alpha.deb\n Size/MD5 checksum: 543316 de8d2e0552b0597aa86909587f7fbdd4\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge10_alpha.deb\n Size/MD5 checksum: 155344 d0f405c14922bf0947bcaba9f1e1b5b5\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge10_alpha.deb\n Size/MD5 checksum: 106564 9e173e76cfee54406243122f54fb8736\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10_amd64.deb\n Size/MD5 checksum: 486588 a01a55b5556b78c96edc8be6a03f6164\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge10_amd64.deb\n Size/MD5 checksum: 5334642 4c11f3efdd48b23115b5a06fa1a2cad4\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge10_amd64.deb\n Size/MD5 checksum: 99666 e5974fe4027fa34906e9a233cfe79d28\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge10_amd64.deb\n Size/MD5 checksum: 154610 51ee5b66077bd1824f1c671627623288\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10_arm.deb\n Size/MD5 checksum: 472962 3243aa716b6a61aa5059ff40ad74d19c\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge10_arm.deb\n Size/MD5 checksum: 155880 2543ccfdacd0ad69e87b58dda3eac422\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge10_arm.deb\n Size/MD5 checksum: 96354 ab073d35ef7816c489497a316bce3866\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge10_arm.deb\n Size/MD5 checksum: 4684296 861dae74eefe8efac4d3608046fb869a\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10_hppa.deb\n Size/MD5 checksum: 489400 4cae5e9cf2847e646c3df2cafa491952\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge10_hppa.deb\n Size/MD5 checksum: 5787380 9c600f1e3bbaa39b2a5e4a799bbdb9fd\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge10_hppa.deb\n Size/MD5 checksum: 98554 866f8f5c39a42e11893b8292bcde21b6\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge10_hppa.deb\n Size/MD5 checksum: 154624 33c6ef867a81e16d3b42b250baf1ab6a\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge10_i386.deb\n Size/MD5 checksum: 154588 82db1d1552a6ccf512f6f5ec2e8eed6f\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10_i386.deb\n Size/MD5 checksum: 443758 56a43d004cf577cbf09f06b3990c1c23\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge10_i386.deb\n Size/MD5 checksum: 4529320 8ed21cc29d85ca22b07565e531357c59\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge10_i386.deb\n Size/MD5 checksum: 90984 36e28654888ed491c0afe8ca0942c1dc\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge10_ia64.deb\n Size/MD5 checksum: 6630094 3b4aee38a7f3149c3f2cb80271d3945b\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge10_ia64.deb\n Size/MD5 checksum: 129266 c60411c1b16b1b4823afe539ff6cc57b\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10_ia64.deb\n Size/MD5 checksum: 674538 25dbd3438c8c4a82b7ad257101c670ac\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge10_ia64.deb\n Size/MD5 checksum: 154596 6bd05ac93b14002e99478f3df87ea689\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge10_mips.deb\n Size/MD5 checksum: 4723420 846bf6114c51724ff12c0708d3e27f34\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10_mips.deb\n Size/MD5 checksum: 462884 065921607b447f0a7077eab8e067e27c\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge10_mips.deb\n Size/MD5 checksum: 154634 705ca5dbef162d627e0287662a680e2f\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge10_mips.deb\n Size/MD5 checksum: 94858 751305284a78ed0519919a66295346f3\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10_mipsel.deb\n Size/MD5 checksum: 458148 92424b86e76671aa039fcebe522bbfc4\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge10_mipsel.deb\n Size/MD5 checksum: 94764 bc6bfe73e35bc3fde71f9fd38b5a7463\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge10_mipsel.deb\n Size/MD5 checksum: 4460978 8ead9a4793611f12ffca619198a8f844\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge10_mipsel.deb\n Size/MD5 checksum: 154652 a94fccae248051cd70470c4a7e4b77ce\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge10_powerpc.deb\n Size/MD5 checksum: 5067716 62f0be94422a471a622899f3f6f11e7c\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge10_powerpc.deb\n Size/MD5 checksum: 154632 b6041c857bed2dbeeb49e21c890264eb\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10_powerpc.deb\n Size/MD5 checksum: 455806 f6c9db48b4373d84daf858f8dfb275a2\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge10_powerpc.deb\n Size/MD5 checksum: 94406 23b71c5db6f0443ca3db0d072b4bb14b\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge10_s390.deb\n Size/MD5 checksum: 99992 30d7eeb09507017a10c42e98f46e1d47\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge10_s390.deb\n Size/MD5 checksum: 154572 29756abde9da24dac8254d128d44bd8d\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10_s390.deb\n Size/MD5 checksum: 479760 c0d947771c2ad6b8f12e25812c1e7c5b\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge10_s390.deb\n Size/MD5 checksum: 5622238 7d86c0b58dc43c6bd84b88d27e3713c1\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4.orig.tar.gz\n Size/MD5 checksum: 13306790 2556a31d0d770dd1990bd67b98bd2f9b\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1.dsc\n Size/MD5 checksum: 1066 12e8146f9cc10fe216e4d1a0a750037f\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1.diff.gz\n Size/MD5 checksum: 42799 61ed409b92000f30877799228daff252\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.1_alpha.deb\n Size/MD5 checksum: 117224 d85a0b7e63b0c953b6f152e185fba6a9\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.1_alpha.deb\n Size/MD5 checksum: 22014 ad8ccffe577de4016acc15866f769829\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.1_alpha.deb\n Size/MD5 checksum: 9319128 e75f6f5ee1d858b0fc2f9413ee415f5d\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.1_alpha.deb\n Size/MD5 checksum: 21736 1c5d57697ebe337f34240c9dd342e3d8\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.1_alpha.deb\n Size/MD5 checksum: 181550 209f75537b0acc9c17b54e6b7cfdac2b\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.1_alpha.deb\n Size/MD5 checksum: 21744 e9b9909b4528978a75d323d02389eff8\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1_alpha.deb\n Size/MD5 checksum: 674254 55b36078f6d6f9f278ff34ff67cae28d\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.1_alpha.deb\n Size/MD5 checksum: 21748 525cdcc7f345f729181fb9399ca84867\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.1_amd64.deb\n Size/MD5 checksum: 22342 2db8ccf0421954242c6b7352503e7cba\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.1_amd64.deb\n Size/MD5 checksum: 9119562 ae17852ca0431cbb1b8fc6401c81aa21\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.1_amd64.deb\n Size/MD5 checksum: 22704 aeb68a6daccbd9c1c6cb711f26e93296\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.1_amd64.deb\n Size/MD5 checksum: 111974 010a55a4127333689fa8416d6214ec94\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.1_amd64.deb\n Size/MD5 checksum: 22352 cb17e51ae331c059ee2e2c2a71f4aa49\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.1_amd64.deb\n Size/MD5 checksum: 22360 5ee1e412767f67919ce51d0b534394a8\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.1_amd64.deb\n Size/MD5 checksum: 181590 44888c58cf54dc4329a30f55c4990d95\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1_amd64.deb\n Size/MD5 checksum: 619562 efa93cc7f881dba55c9b5b7cc8cb6e1a\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.1_arm.deb\n Size/MD5 checksum: 22356 4c49ab66e1e2706808ea9697f72ecfb7\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.1_arm.deb\n Size/MD5 checksum: 107198 8a5a6b4ea6cc4e3ab657f31aa1d4e6dc\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.1_arm.deb\n Size/MD5 checksum: 22714 0544f54d45e84847e71381a7d43f0003\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.1_arm.deb\n Size/MD5 checksum: 22372 be24fc579f74dd24836a9371066a7b79\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.1_arm.deb\n Size/MD5 checksum: 22364 d891953d3c4904a3dc4c30408b90d81c\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.1_arm.deb\n Size/MD5 checksum: 7739170 f8d2410802c8f03b68f27d9e07a5f962\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1_arm.deb\n Size/MD5 checksum: 600424 cbd6182358b03954f5026bd971073a8c\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.1_arm.deb\n Size/MD5 checksum: 181894 76286939d57837fefaa8c0ec3d535eee\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1_hppa.deb\n Size/MD5 checksum: 634494 6be054401a1db64c84e61c1260d01fb6\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.1_hppa.deb\n Size/MD5 checksum: 22696 be88e7f598274dc6161c8ec6b94c30e7\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.1_hppa.deb\n Size/MD5 checksum: 109690 97e0c2d2f877d6bc5eb2d766309c01f4\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.1_hppa.deb\n Size/MD5 checksum: 182482 e075af8dcb3d7a13fca3828de39fd3d9\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.1_hppa.deb\n Size/MD5 checksum: 22348 866c000ad64e3376d0d9320805119728\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.1_hppa.deb\n Size/MD5 checksum: 22356 cfcbb7502fdc4020b9aad33f67beb665\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.1_hppa.deb\n Size/MD5 checksum: 9854626 d36c3a094773a6c812ec0b4e3dc010c9\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.1_hppa.deb\n Size/MD5 checksum: 22340 45fc4629c3fc77e7987f2179ddfa24be\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1_i386.deb\n Size/MD5 checksum: 564526 4b8eb4fb7d8f606ed1789c8df2cb039a\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.1_i386.deb\n Size/MD5 checksum: 7501872 cbdc35a89f36b126c89b478452736cc6\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.1_i386.deb\n Size/MD5 checksum: 102150 59cf091877d995796a33b6482ac413ea\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.1_i386.deb\n Size/MD5 checksum: 22344 e9e76892435a11ab9f504f044893331d\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.1_i386.deb\n Size/MD5 checksum: 22354 6c8610eef3cdb923a5848c3c6e31d0fe\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.1_i386.deb\n Size/MD5 checksum: 22698 b2ff8d7600e250a50459ddc964f7dbdf\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.1_i386.deb\n Size/MD5 checksum: 22336 b1aad678b3ddf89bf94759f9f3858fe4\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.1_i386.deb\n Size/MD5 checksum: 182520 a3d50d0da284264b733f40ee7febd08f\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.1_ia64.deb\n Size/MD5 checksum: 182478 17b94fb0f374818cdd5ff7fffb814e3c\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.1_ia64.deb\n Size/MD5 checksum: 10650318 867330a74271726f25ec7cb437881675\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.1_ia64.deb\n Size/MD5 checksum: 145608 712a2349fd200a7d786416ed2e90b888\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.1_ia64.deb\n Size/MD5 checksum: 22350 db12f448877fa43dc8d16cf9f1bc0e76\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.1_ia64.deb\n Size/MD5 checksum: 22336 eab2d2ff1a049de7b0c350df34c49c6b\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.1_ia64.deb\n Size/MD5 checksum: 22344 4eebff3e87f1ef9410592a749c3d2542\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1_ia64.deb\n Size/MD5 checksum: 827424 0b3cf3ee033095dc2b77b5e4c7a031fb\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.1_ia64.deb\n Size/MD5 checksum: 22690 c5c429e114db82106e54b6b850eee18b\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.1_mips.deb\n Size/MD5 checksum: 22338 0959e956ec8a654df5783d41f25fe097\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.1_mips.deb\n Size/MD5 checksum: 8025014 79b62949c040c67c4bcab05f54b140a4\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.1_mips.deb\n Size/MD5 checksum: 22692 473b7ab46163aa2eec6fc283d4d8b326\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.1_mips.deb\n Size/MD5 checksum: 22354 93832d797079af2c7ed673eb8605ad08\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.1_mips.deb\n Size/MD5 checksum: 182502 abb2e923e897c8e5737a3304ff879ed7\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.1_mips.deb\n Size/MD5 checksum: 104892 7e25d3d517b0eb9ced49791660866358\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1_mips.deb\n Size/MD5 checksum: 588506 fed1a6a3a87b13a2cf706849b1cfab8b\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.1_mips.deb\n Size/MD5 checksum: 22350 b1d818602719192cd5438c849b31ed4d\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.1_mipsel.deb\n Size/MD5 checksum: 22338 d7abb1c1005e8c57f6d9e9d74a32a8fa\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.1_mipsel.deb\n Size/MD5 checksum: 104400 ca6d57ab13113dbaa3887a15dd65b6ea\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1_mipsel.deb\n Size/MD5 checksum: 575842 47be3916d499a906a4fe36b57c0cd17b\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.1_mipsel.deb\n Size/MD5 checksum: 22690 910a891b06d9a04be03c69b70ae9cc9a\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.1_mipsel.deb\n Size/MD5 checksum: 7406172 1385d56073bbd6ed2cfe42b1184937ac\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.1_mipsel.deb\n Size/MD5 checksum: 22350 97e7d6303d485700ea905521a4e46a6f\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.1_mipsel.deb\n Size/MD5 checksum: 22358 9d188ba3e2989713f6eb406a56602588\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.1_mipsel.deb\n Size/MD5 checksum: 182486 28a53abb380114393defbff0ec50df65\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.1_powerpc.deb\n Size/MD5 checksum: 22692 2f49b7a64f01b0a1037b61c36a015ed3\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.1_powerpc.deb\n Size/MD5 checksum: 104106 3418723376cbb0c3c18570ff68799836\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.1_powerpc.deb\n Size/MD5 checksum: 22338 99363115fa0dd4224dda0bc0e2e4762b\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.1_powerpc.deb\n Size/MD5 checksum: 182508 32eeaf5941336b48467accf6d14ea9ce\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1_powerpc.deb\n Size/MD5 checksum: 583462 dc78a9149389f6bc886a0211247e3539\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.1_powerpc.deb\n Size/MD5 checksum: 22352 47332c4cbce63f538b5b9d4f610b0a24\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.1_powerpc.deb\n Size/MD5 checksum: 22356 38c932a69d2a5ef6ba577d82b1b16857\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.1_powerpc.deb\n Size/MD5 checksum: 8605364 a431421901f9019bff4ce868f4e46c40\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.1_s390.deb\n Size/MD5 checksum: 22694 fa6f3fc7a39dc1b8b6030452488bf12a\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.1_s390.deb\n Size/MD5 checksum: 22334 9c6cd498668d092e4b9794c40356466f\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.1_s390.deb\n Size/MD5 checksum: 9755928 444aa912362bae9470537dd497bd60a3\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.1_s390.deb\n Size/MD5 checksum: 22338 24797312504679250cdd8b893e0996d4\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.1_s390.deb\n Size/MD5 checksum: 182454 fe98e9d9ad70ceb84d66657815bd6778\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1_s390.deb\n Size/MD5 checksum: 640886 c4eb7212909a6ad41cb1becf8bfe3656\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.1_s390.deb\n Size/MD5 checksum: 115478 7761780c7281fd5d3c488fc16df95a1e\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.1_s390.deb\n Size/MD5 checksum: 22354 75e8c12f8e5530ce95fdcbea118ec269\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2007-11-27T00:39:25", "type": "debian", "title": "[SECURITY] [DSA 1414-1] New wireshark packages fix several vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6114", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6120", "CVE-2007-6121"], "modified": "2007-11-27T00:39:25", "id": "DEBIAN:DSA-1414-1:6CA34", "href": "https://lists.debian.org/debian-security-announce/2007/msg00194.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-19T18:01:19", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1446-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nJanuary 03, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : wireshark\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2007-6450 CVE-2007-6451\n\nSeveral remote vulnerabilities have been discovered in the Wireshark\nnetwork traffic analyzer, which may lead to denial of service. The\nCommon Vulnerabilities and Exposures project identifies the following\nproblems:\n\nCVE-2007-6450\n\n The RPL dissector could be tricked into an infinite loop.\n\nCVE-2007-6451\n\n The CIP dissector could be tricked into excessive memory\n allocation.\n\nFor the old stable distribution (sarge), these problems have been fixed in\nversion 0.10.10-2sarge11. (In Sarge Wireshark used to be called Ethereal).\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 0.99.4-5.etch.2.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 0.99.7-1.\n\nWe recommend that you upgrade your wireshark packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian 3.1 (oldstable)\n- ----------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10.orig.tar.gz\n Size/MD5 checksum: 7411510 e6b74468412c17bb66cd459bfb61471c\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge11.diff.gz\n Size/MD5 checksum: 178746 933cfe01c6bd0906e46c96a7525eaaa9\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge11.dsc\n Size/MD5 checksum: 857 0515d93e91a408a93f71604bc53da60e\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge11_alpha.deb\n Size/MD5 checksum: 5473258 b9210afcc18fdbfdb4792915347fb387\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge11_alpha.deb\n Size/MD5 checksum: 543376 0251832610b4c2f07bcf915140b24195\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge11_alpha.deb\n Size/MD5 checksum: 106622 f0b57252d1c45defdfa375a41cbc57e6\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge11_alpha.deb\n Size/MD5 checksum: 155400 299e86be216b61506feb73da3176609b\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge11_amd64.deb\n Size/MD5 checksum: 486626 319742bfc1a65f5088625b5c20662b29\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge11_amd64.deb\n Size/MD5 checksum: 5334148 2c2fb3aa923bef3803a6030467b6ac39\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge11_amd64.deb\n Size/MD5 checksum: 99734 258f8660d8962e18cd957424989d66f1\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge11_amd64.deb\n Size/MD5 checksum: 154664 fe279aa0fa920e591cd99b5aacb363bf\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge11_arm.deb\n Size/MD5 checksum: 4684386 322e970b88200331531ba40423ad00b0\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge11_arm.deb\n Size/MD5 checksum: 473010 621f8e3ee24d6058028093418281e8e2\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge11_arm.deb\n Size/MD5 checksum: 96418 31abb070e574a3001595bf35b5163b65\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge11_arm.deb\n Size/MD5 checksum: 155950 c374875ca4d3545e492e294e71f33b32\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge11_hppa.deb\n Size/MD5 checksum: 98622 884882d2aa922acde1a92658190eacda\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge11_hppa.deb\n Size/MD5 checksum: 5787248 7768ca0724d2401156b709720f860ae2\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge11_hppa.deb\n Size/MD5 checksum: 154680 9d295a56913577c5251bfc7b500ec1c9\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge11_hppa.deb\n Size/MD5 checksum: 489482 05641d54cb7a2395105e85215713a5dd\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge11_i386.deb\n Size/MD5 checksum: 91062 223296e9280f5bdd1e352f5e1b32d541\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge11_i386.deb\n Size/MD5 checksum: 154668 4cabf74d5aa3e316202fc6cc5b1fdab6\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge11_i386.deb\n Size/MD5 checksum: 443836 0802c65cbd65f6479c695c4f110cdae5\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge11_i386.deb\n Size/MD5 checksum: 4529566 f7cee09f268308fd2e249e1c0f393aa7\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge11_ia64.deb\n Size/MD5 checksum: 154668 f8bd4c79877ba95277553142d1b0ac48\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge11_ia64.deb\n Size/MD5 checksum: 129324 98a7422c9838a9d866c47866b395bcd2\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge11_ia64.deb\n Size/MD5 checksum: 674590 be70a50979def7f1b9a39ba4a7a29819\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge11_ia64.deb\n Size/MD5 checksum: 6630622 31050587e2a5786c6c3d39164e827b32\n\nm68k architecture (Motorola Mc680x0)\n\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge11_m68k.deb\n Size/MD5 checksum: 447932 03fe7849d127361cc2d5ff6fa4fa3a66\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge11_m68k.deb\n Size/MD5 checksum: 5570160 33e74413a9258f10697b2d7c768acffc\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge11_m68k.deb\n Size/MD5 checksum: 91116 a2f24dfb47f144df4c9c651d899e0316\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge11_m68k.deb\n Size/MD5 checksum: 154754 bf89b5c4436d95c52ac7ba4669601533\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge11_mips.deb\n Size/MD5 checksum: 4723264 2795ac4612f87ace234799c1bfca5daf\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge11_mips.deb\n Size/MD5 checksum: 462960 6947d430b5e9260a218e953b3fd0e2fb\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge11_mips.deb\n Size/MD5 checksum: 154674 7d3cc285c21b8ee328c623155b08e9d0\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge11_mips.deb\n Size/MD5 checksum: 94914 ba091b5f869f1821e3587de4217b9dd8\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge11_mipsel.deb\n Size/MD5 checksum: 94818 532c3b76afce29da2d50d6508fc8efc7\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge11_mipsel.deb\n Size/MD5 checksum: 154680 a137ba8649f5b34fc8ee4bd1af246df2\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge11_mipsel.deb\n Size/MD5 checksum: 458216 54a6c2890e47769b2bf88e96faa5f7df\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge11_mipsel.deb\n Size/MD5 checksum: 4460936 842eb862a5529c83328ef733223af631\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge11_powerpc.deb\n Size/MD5 checksum: 94462 b13765526c8304fea6761fddfd646a95\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge11_powerpc.deb\n Size/MD5 checksum: 455878 444e592e79b53b3c3e8ff6c74a66d41f\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge11_powerpc.deb\n Size/MD5 checksum: 5068090 8b78b4443614b80d74c5e763538721a1\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge11_powerpc.deb\n Size/MD5 checksum: 154678 3588fb9f40e66a71c48a7dc86083782c\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge11_s390.deb\n Size/MD5 checksum: 5621666 1dd4004e6c4c8719aaba8b31390b095d\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge11_s390.deb\n Size/MD5 checksum: 154662 bcf649ee810da0d4d892e83aeef797fd\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge11_s390.deb\n Size/MD5 checksum: 100056 d9bfd2cb2e51411600e1005af43b4539\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge11_s390.deb\n Size/MD5 checksum: 479816 6b1d615b5e04ba12ad3b4ae7ec8d8cc6\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge11_sparc.deb\n Size/MD5 checksum: 5130376 d9ff58d019291252990735cf14601011\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge11_sparc.deb\n Size/MD5 checksum: 154684 8f68dc9a336e34723a4d6dd348898d47\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge11_sparc.deb\n Size/MD5 checksum: 93992 ee25522d8c19209831a8074a164dcef2\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge11_sparc.deb\n Size/MD5 checksum: 465546 d8f11b286f25e69b796b0473210e3db0\n\nDebian 4.0 (stable)\n- -------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4.orig.tar.gz\n Size/MD5 checksum: 13306790 2556a31d0d770dd1990bd67b98bd2f9b\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.2.diff.gz\n Size/MD5 checksum: 43214 852f91f8eb38039a7c8765c4bd05f08c\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.2.dsc\n Size/MD5 checksum: 1066 d7c8d2ff4d67149f020276757eaee490\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.2_alpha.deb\n Size/MD5 checksum: 22052 7cb3b1309285b09dccf514e91628df28\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.2_alpha.deb\n Size/MD5 checksum: 9319798 ba3b4ff7b8f39153c91f86d420b394f7\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.2_alpha.deb\n Size/MD5 checksum: 181630 66ded130da4b19090a35452d602a1950\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.2_alpha.deb\n Size/MD5 checksum: 21768 7aa512bedd63f205831228e58bb82897\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.2_alpha.deb\n Size/MD5 checksum: 117266 68b717382a7a9a8226c5d5d10a77e100\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.2_alpha.deb\n Size/MD5 checksum: 21772 2f10f5b5badc7a0e169ee22f960f5fb8\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.2_alpha.deb\n Size/MD5 checksum: 21780 d7622026fe2071fe65752a845d16e72f\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.2_alpha.deb\n Size/MD5 checksum: 674306 1b0f1ff481f32a6adb3424bec72abfab\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.2_amd64.deb\n Size/MD5 checksum: 22408 60e4c2647b621acd6024d5f6529dfc37\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.2_amd64.deb\n Size/MD5 checksum: 22402 6ea544466e1b19fb2e84b5ff60d4b9f3\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.2_amd64.deb\n Size/MD5 checksum: 181670 07b9285896252f5f630ffca47afecdd9\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.2_amd64.deb\n Size/MD5 checksum: 112030 23e49501be43ee6bb06c32af66b3c1de\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.2_amd64.deb\n Size/MD5 checksum: 9119366 96cdc850cbf460b2e611299d91a0b405\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.2_amd64.deb\n Size/MD5 checksum: 619608 a964d192aa76b6f1a544c0b78125500b\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.2_amd64.deb\n Size/MD5 checksum: 22744 72b205204f88c564faa0e4b961d35f7e\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.2_amd64.deb\n Size/MD5 checksum: 22396 8edaed490e0449d414be094232e868ad\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.2_arm.deb\n Size/MD5 checksum: 181922 ee62ef5c69ec18f7faf452d2c2c54a21\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.2_arm.deb\n Size/MD5 checksum: 22400 060200580222615ee5a05f6e706b7ad3\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.2_arm.deb\n Size/MD5 checksum: 22406 36ddaec9510a246830008d738e186f70\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.2_arm.deb\n Size/MD5 checksum: 107238 f85070e449a327961bb60c35f5d57634\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.2_arm.deb\n Size/MD5 checksum: 22760 f1ae6a49173592c44d892fcb387a2a96\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.2_arm.deb\n Size/MD5 checksum: 7739224 51d162e7dc971452a4010812ce0077a9\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.2_arm.deb\n Size/MD5 checksum: 22416 c5d9d3b28c6ca1c06a318c3a88c9b95e\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.2_arm.deb\n Size/MD5 checksum: 600466 982b4a3e062cd2ff624649a360881c29\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.2_hppa.deb\n Size/MD5 checksum: 182544 bc7e9cfba13a84e9fe6a21ae14bd0cd6\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.2_hppa.deb\n Size/MD5 checksum: 109740 7326c0f7465fde429230e5a1bc3f87dd\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.2_hppa.deb\n Size/MD5 checksum: 22404 e534361488c208ec2bccccf9f64682c5\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.2_hppa.deb\n Size/MD5 checksum: 22394 a2633b695eba48836b76b98239b49b68\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.2_hppa.deb\n Size/MD5 checksum: 22742 4e83ef21c0cd7921bae69226d9de4591\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.2_hppa.deb\n Size/MD5 checksum: 22402 ff7770c25c495f0d564d93042e010ba5\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.2_hppa.deb\n Size/MD5 checksum: 634564 b57123d9459ae329cea0db52898b599d\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.2_hppa.deb\n Size/MD5 checksum: 9855304 2c1d014fa6b674ff33739f250597d9af\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.2_i386.deb\n Size/MD5 checksum: 22410 0d34d4a3b91993db7f6ffa8832cb80bb\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.2_i386.deb\n Size/MD5 checksum: 22396 5d01b4fb59d676b81ffe88463734b5f1\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.2_i386.deb\n Size/MD5 checksum: 182558 2ea2e58b559c438e0dbe3d8eae20526d\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.2_i386.deb\n Size/MD5 checksum: 7502260 ea5a24b2bbf8bdb0e12d9b522d35d51e\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.2_i386.deb\n Size/MD5 checksum: 22402 a5e2d7d83467b19149c037612ae43ea0\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.2_i386.deb\n Size/MD5 checksum: 102208 00c4684ccf895233df30d748368ce386\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.2_i386.deb\n Size/MD5 checksum: 22752 15a7e72d32c9e2ea6af0f56d44fbdb6d\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.2_i386.deb\n Size/MD5 checksum: 564614 67bf694c2d06e07308881148e7544175\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.2_ia64.deb\n Size/MD5 checksum: 22404 6a91b22e9fa38b460f86806b279f74f4\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.2_ia64.deb\n Size/MD5 checksum: 827484 a0d3df63ed28965c092221815820327b\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.2_ia64.deb\n Size/MD5 checksum: 22738 92fbe2c822bf2fb40d9bca7dbc56c9c6\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.2_ia64.deb\n Size/MD5 checksum: 10651058 e14498025cff7520fcf213665b958f01\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.2_ia64.deb\n Size/MD5 checksum: 145656 2ec77fee2fa37f8ff2b472bb7112a14a\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.2_ia64.deb\n Size/MD5 checksum: 22392 969b40957504305712c6a4940b6c30ec\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.2_ia64.deb\n Size/MD5 checksum: 22408 49d75556f5873612d7b664ca6849f22b\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.2_ia64.deb\n Size/MD5 checksum: 182512 fb73577165992566da0389f86e3a6b95\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.2_mips.deb\n Size/MD5 checksum: 22738 3ed0461c9e4140c74e2f85ed2a2b2b81\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.2_mips.deb\n Size/MD5 checksum: 22400 8fa6694347367e82b4e50e39d5733eed\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.2_mips.deb\n Size/MD5 checksum: 104940 3a7883ff5c784a856c186e77a80622d0\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.2_mips.deb\n Size/MD5 checksum: 588554 905f9bd3a1b126ffe39e905c7d8ce8c6\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.2_mips.deb\n Size/MD5 checksum: 22406 3ac0c30337b8bdf65d0b21a000de20a5\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.2_mips.deb\n Size/MD5 checksum: 8025338 1387b73dfa64200820240f3f9dae7f1d\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.2_mips.deb\n Size/MD5 checksum: 182552 ee8499efd263c40237edeb8d93a569d6\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.2_mips.deb\n Size/MD5 checksum: 22390 8faf91bdeb2ec7423f07a725e50d1ad0\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.2_mipsel.deb\n Size/MD5 checksum: 22394 f5aa29e920753e3bcf0a0674318553d2\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.2_mipsel.deb\n Size/MD5 checksum: 104444 29bcac5ae36cac54a74694de8395c197\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.2_mipsel.deb\n Size/MD5 checksum: 22742 f8f77dc0c4f8a3bc67bf2214bcc46be9\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.2_mipsel.deb\n Size/MD5 checksum: 22408 e4e0350f57fd06adb2e2fbc89af42dd6\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.2_mipsel.deb\n Size/MD5 checksum: 7406210 3919cfdcc8da4478c10f41b5401cbdf6\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.2_mipsel.deb\n Size/MD5 checksum: 575888 21e0043941b17edbaa3cdc1e7111e057\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.2_mipsel.deb\n Size/MD5 checksum: 182532 399a017ea351749cd273e14e4bb90b4d\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.2_mipsel.deb\n Size/MD5 checksum: 22402 4703a3efb299bd24f2efbddc903e75b4\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.2_powerpc.deb\n Size/MD5 checksum: 583540 d28ec863702730a3a0c751348713fb08\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.2_powerpc.deb\n Size/MD5 checksum: 22402 bbd1291dc8ec5c51bec315cfd76dabe6\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.2_powerpc.deb\n Size/MD5 checksum: 22394 f0483cfdb2a6bd95e8279020e667a00b\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.2_powerpc.deb\n Size/MD5 checksum: 182528 76431e0cd12897406aad8d7c7d228b1d\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.2_powerpc.deb\n Size/MD5 checksum: 8605240 881a95185ccfd14962c4454e63a1e061\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.2_powerpc.deb\n Size/MD5 checksum: 22408 8eef1dd12f730770000167906dc13ba8\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.2_powerpc.deb\n Size/MD5 checksum: 22742 5ba721ddf0c19fe68c1e7e9b2a42d617\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.2_powerpc.deb\n Size/MD5 checksum: 104146 904f61784d5497b0e9c62c5f6212716b\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.2_s390.deb\n Size/MD5 checksum: 640934 a4c0a38b84f1743132fe97104e60e0f8\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.2_s390.deb\n Size/MD5 checksum: 115516 7e36d728f20872a20c97888ff71f2f8a\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.2_s390.deb\n Size/MD5 checksum: 22746 1d8ff68d170493a9f933efe99dc5de4b\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.2_s390.deb\n Size/MD5 checksum: 9756462 ef44439e24ad9fce4eb83def19baf2fd\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.2_s390.deb\n Size/MD5 checksum: 182512 efe82f566fd8cb93813aebb12b661915\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.2_s390.deb\n Size/MD5 checksum: 22396 19cb8ffa456f85d4df01a9aa4afcb790\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.2_s390.deb\n Size/MD5 checksum: 22404 dae9cb6e19ed7f64ce9c91b0ea428950\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.2_s390.deb\n Size/MD5 checksum: 22410 b8645896b1016a68bbd60f0074a5b8b2\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.2_sparc.deb\n Size/MD5 checksum: 22410 c7f2f6fd47e7d99a23c416be856bf7e3\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.2_sparc.deb\n Size/MD5 checksum: 22744 f4956c04dfaaf715f6d541f10c032603\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.2_sparc.deb\n Size/MD5 checksum: 103478 506c9304b2ad26c5d4b0d87b5250a4d8\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.2_sparc.deb\n Size/MD5 checksum: 22396 dd3f26bc33cf50407c0a48d380210285\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.2_sparc.deb\n Size/MD5 checksum: 8686584 4c989456f94e655e02eb60f89319efa2\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.2_sparc.deb\n Size/MD5 checksum: 586394 ffa4683f4363e6b712cf4033bddb57fb\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.2_sparc.deb\n Size/MD5 checksum: 22408 47b020875b4cbb7ca969acb5bd7e4476\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.2_sparc.deb\n Size/MD5 checksum: 182538 d9b164dc5a1cc864cd237fdb29bf46d3\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2008-01-03T21:31:39", "type": "debian", "title": "[SECURITY] [DSA 1446-1] New wireshark packages fix denial of service", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6450", "CVE-2007-6451"], "modified": "2008-01-03T21:31:39", "id": "DEBIAN:DSA-1446-1:5AD3D", "href": "https://lists.debian.org/debian-security-announce/2008/msg00003.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:24", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ------------------------------------------------------------------------\r\nDebian Security Advisory DSA-1414-1 security@debian.org\r\nhttp://www.debian.org/security/ Moritz Muehlenhoff\r\nNovember 27, 2007 http://www.debian.org/security/faq\r\n- ------------------------------------------------------------------------\r\n\r\nPackage : wireshark\r\nVulnerability : several\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE Id(s) : CVE-2007-6114 CVE-2007-6117 CVE-2007-6118 CVE-2007-6120 CVE-2007-6121\r\n\r\nSeveral remote vulnerabilities have been discovered in the Wireshark\r\nnetwork traffic analyzer, which may lead to denial of service or the\r\nexecution of arbitrary code. The Common Vulnerabilities and Exposures\r\nproject identifies the following problems:\r\n\r\nCVE-2007-6114\r\n\r\n Stefan Esser discovered a buffer overflow in the SSL dissector.\r\n "Fabiodds" discovered a buffer overflow in the iSeries trace\r\n dissector.\r\n\r\nCVE-2007-6117\r\n\r\n A programming error was discovered in the HTTP dissector, which may\r\n lead to denial of service.\r\n\r\nCVE-2007-6118\r\n\r\n The MEGACO dissector could be tricked into ressource exhaustion.\r\n\r\nCVE-2007-6120\r\n\r\n The Bluetooth SDP dissector could be tricked into an endless loop.\r\n\r\nCVE-2007-6121\r\n\r\n The RPC portmap dissector could be tricked into dereferencing\r\n a NULL pointer.\r\n\r\nFor the stable distribution (etch), these problems have been fixed\r\nin version 0.99.4-5.etch.1. Updates packages for sparc will be provided\r\nlater.\r\n\r\nFor the old stable distribution (sarge), these problems have been\r\nfixed in version 0.10.10-2sarge10. (In Sarge Wireshark used to be\r\ncalled Ethereal). Updates packages for sparc and m68k will be provided\r\nlater.\r\n\r\nWe recommend that you upgrade your wireshark/ethereal packages.\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian 3.1 (oldstable)\r\n- ----------------------\r\n\r\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10.dsc\r\n Size/MD5 checksum: 857 13f70e9eb8c1e2fed6ddeabb44ac1d3a\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10.diff.gz\r\n Size/MD5 checksum: 178414 82a9fb4100a52b10d70e6bc2dd46ba71\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10.orig.tar.gz\r\n Size/MD5 checksum: 7411510 e6b74468412c17bb66cd459bfb61471c\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge10_alpha.deb\r\n Size/MD5 checksum: 5473208 67be7f7d2a830e1d67596be0a034acb7\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10_alpha.deb\r\n Size/MD5 checksum: 543316 de8d2e0552b0597aa86909587f7fbdd4\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge10_alpha.deb\r\n Size/MD5 checksum: 155344 d0f405c14922bf0947bcaba9f1e1b5b5\r\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge10_alpha.deb\r\n Size/MD5 checksum: 106564 9e173e76cfee54406243122f54fb8736\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10_amd64.deb\r\n Size/MD5 checksum: 486588 a01a55b5556b78c96edc8be6a03f6164\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge10_amd64.deb\r\n Size/MD5 checksum: 5334642 4c11f3efdd48b23115b5a06fa1a2cad4\r\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge10_amd64.deb\r\n Size/MD5 checksum: 99666 e5974fe4027fa34906e9a233cfe79d28\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge10_amd64.deb\r\n Size/MD5 checksum: 154610 51ee5b66077bd1824f1c671627623288\r\n\r\narm architecture (ARM)\r\n\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10_arm.deb\r\n Size/MD5 checksum: 472962 3243aa716b6a61aa5059ff40ad74d19c\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge10_arm.deb\r\n Size/MD5 checksum: 155880 2543ccfdacd0ad69e87b58dda3eac422\r\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge10_arm.deb\r\n Size/MD5 checksum: 96354 ab073d35ef7816c489497a316bce3866\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge10_arm.deb\r\n Size/MD5 checksum: 4684296 861dae74eefe8efac4d3608046fb869a\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10_hppa.deb\r\n Size/MD5 checksum: 489400 4cae5e9cf2847e646c3df2cafa491952\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge10_hppa.deb\r\n Size/MD5 checksum: 5787380 9c600f1e3bbaa39b2a5e4a799bbdb9fd\r\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge10_hppa.deb\r\n Size/MD5 checksum: 98554 866f8f5c39a42e11893b8292bcde21b6\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge10_hppa.deb\r\n Size/MD5 checksum: 154624 33c6ef867a81e16d3b42b250baf1ab6a\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge10_i386.deb\r\n Size/MD5 checksum: 154588 82db1d1552a6ccf512f6f5ec2e8eed6f\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10_i386.deb\r\n Size/MD5 checksum: 443758 56a43d004cf577cbf09f06b3990c1c23\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge10_i386.deb\r\n Size/MD5 checksum: 4529320 8ed21cc29d85ca22b07565e531357c59\r\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge10_i386.deb\r\n Size/MD5 checksum: 90984 36e28654888ed491c0afe8ca0942c1dc\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge10_ia64.deb\r\n Size/MD5 checksum: 6630094 3b4aee38a7f3149c3f2cb80271d3945b\r\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge10_ia64.deb\r\n Size/MD5 checksum: 129266 c60411c1b16b1b4823afe539ff6cc57b\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10_ia64.deb\r\n Size/MD5 checksum: 674538 25dbd3438c8c4a82b7ad257101c670ac\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge10_ia64.deb\r\n Size/MD5 checksum: 154596 6bd05ac93b14002e99478f3df87ea689\r\n\r\nmips architecture (MIPS (Big Endian))\r\n\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge10_mips.deb\r\n Size/MD5 checksum: 4723420 846bf6114c51724ff12c0708d3e27f34\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10_mips.deb\r\n Size/MD5 checksum: 462884 065921607b447f0a7077eab8e067e27c\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge10_mips.deb\r\n Size/MD5 checksum: 154634 705ca5dbef162d627e0287662a680e2f\r\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge10_mips.deb\r\n Size/MD5 checksum: 94858 751305284a78ed0519919a66295346f3\r\n\r\nmipsel architecture (MIPS (Little Endian))\r\n\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10_mipsel.deb\r\n Size/MD5 checksum: 458148 92424b86e76671aa039fcebe522bbfc4\r\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge10_mipsel.deb\r\n Size/MD5 checksum: 94764 bc6bfe73e35bc3fde71f9fd38b5a7463\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge10_mipsel.deb\r\n Size/MD5 checksum: 4460978 8ead9a4793611f12ffca619198a8f844\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge10_mipsel.deb\r\n Size/MD5 checksum: 154652 a94fccae248051cd70470c4a7e4b77ce\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge10_powerpc.deb\r\n Size/MD5 checksum: 5067716 62f0be94422a471a622899f3f6f11e7c\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge10_powerpc.deb\r\n Size/MD5 checksum: 154632 b6041c857bed2dbeeb49e21c890264eb\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10_powerpc.deb\r\n Size/MD5 checksum: 455806 f6c9db48b4373d84daf858f8dfb275a2\r\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge10_powerpc.deb\r\n Size/MD5 checksum: 94406 23b71c5db6f0443ca3db0d072b4bb14b\r\n\r\ns390 architecture (IBM S/390)\r\n\r\n http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge10_s390.deb\r\n Size/MD5 checksum: 99992 30d7eeb09507017a10c42e98f46e1d47\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge10_s390.deb\r\n Size/MD5 checksum: 154572 29756abde9da24dac8254d128d44bd8d\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge10_s390.deb\r\n Size/MD5 checksum: 479760 c0d947771c2ad6b8f12e25812c1e7c5b\r\n http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge10_s390.deb\r\n Size/MD5 checksum: 5622238 7d86c0b58dc43c6bd84b88d27e3713c1\r\n\r\nDebian (stable)\r\n- ---------------\r\n\r\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4.orig.tar.gz\r\n Size/MD5 checksum: 13306790 2556a31d0d770dd1990bd67b98bd2f9b\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1.dsc\r\n Size/MD5 checksum: 1066 12e8146f9cc10fe216e4d1a0a750037f\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1.diff.gz\r\n Size/MD5 checksum: 42799 61ed409b92000f30877799228daff252\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.1_alpha.deb\r\n Size/MD5 checksum: 117224 d85a0b7e63b0c953b6f152e185fba6a9\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.1_alpha.deb\r\n Size/MD5 checksum: 22014 ad8ccffe577de4016acc15866f769829\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.1_alpha.deb\r\n Size/MD5 checksum: 9319128 e75f6f5ee1d858b0fc2f9413ee415f5d\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.1_alpha.deb\r\n Size/MD5 checksum: 21736 1c5d57697ebe337f34240c9dd342e3d8\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.1_alpha.deb\r\n Size/MD5 checksum: 181550 209f75537b0acc9c17b54e6b7cfdac2b\r\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.1_alpha.deb\r\n Size/MD5 checksum: 21744 e9b9909b4528978a75d323d02389eff8\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1_alpha.deb\r\n Size/MD5 checksum: 674254 55b36078f6d6f9f278ff34ff67cae28d\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.1_alpha.deb\r\n Size/MD5 checksum: 21748 525cdcc7f345f729181fb9399ca84867\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.1_amd64.deb\r\n Size/MD5 checksum: 22342 2db8ccf0421954242c6b7352503e7cba\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.1_amd64.deb\r\n Size/MD5 checksum: 9119562 ae17852ca0431cbb1b8fc6401c81aa21\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.1_amd64.deb\r\n Size/MD5 checksum: 22704 aeb68a6daccbd9c1c6cb711f26e93296\r\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.1_amd64.deb\r\n Size/MD5 checksum: 111974 010a55a4127333689fa8416d6214ec94\r\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.1_amd64.deb\r\n Size/MD5 checksum: 22352 cb17e51ae331c059ee2e2c2a71f4aa49\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.1_amd64.deb\r\n Size/MD5 checksum: 22360 5ee1e412767f67919ce51d0b534394a8\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.1_amd64.deb\r\n Size/MD5 checksum: 181590 44888c58cf54dc4329a30f55c4990d95\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1_amd64.deb\r\n Size/MD5 checksum: 619562 efa93cc7f881dba55c9b5b7cc8cb6e1a\r\n\r\narm architecture (ARM)\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.1_arm.deb\r\n Size/MD5 checksum: 22356 4c49ab66e1e2706808ea9697f72ecfb7\r\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.1_arm.deb\r\n Size/MD5 checksum: 107198 8a5a6b4ea6cc4e3ab657f31aa1d4e6dc\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.1_arm.deb\r\n Size/MD5 checksum: 22714 0544f54d45e84847e71381a7d43f0003\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.1_arm.deb\r\n Size/MD5 checksum: 22372 be24fc579f74dd24836a9371066a7b79\r\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.1_arm.deb\r\n Size/MD5 checksum: 22364 d891953d3c4904a3dc4c30408b90d81c\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.1_arm.deb\r\n Size/MD5 checksum: 7739170 f8d2410802c8f03b68f27d9e07a5f962\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1_arm.deb\r\n Size/MD5 checksum: 600424 cbd6182358b03954f5026bd971073a8c\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.1_arm.deb\r\n Size/MD5 checksum: 181894 76286939d57837fefaa8c0ec3d535eee\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1_hppa.deb\r\n Size/MD5 checksum: 634494 6be054401a1db64c84e61c1260d01fb6\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.1_hppa.deb\r\n Size/MD5 checksum: 22696 be88e7f598274dc6161c8ec6b94c30e7\r\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.1_hppa.deb\r\n Size/MD5 checksum: 109690 97e0c2d2f877d6bc5eb2d766309c01f4\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.1_hppa.deb\r\n Size/MD5 checksum: 182482 e075af8dcb3d7a13fca3828de39fd3d9\r\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.1_hppa.deb\r\n Size/MD5 checksum: 22348 866c000ad64e3376d0d9320805119728\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.1_hppa.deb\r\n Size/MD5 checksum: 22356 cfcbb7502fdc4020b9aad33f67beb665\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.1_hppa.deb\r\n Size/MD5 checksum: 9854626 d36c3a094773a6c812ec0b4e3dc010c9\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.1_hppa.deb\r\n Size/MD5 checksum: 22340 45fc4629c3fc77e7987f2179ddfa24be\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1_i386.deb\r\n Size/MD5 checksum: 564526 4b8eb4fb7d8f606ed1789c8df2cb039a\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.1_i386.deb\r\n Size/MD5 checksum: 7501872 cbdc35a89f36b126c89b478452736cc6\r\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.1_i386.deb\r\n Size/MD5 checksum: 102150 59cf091877d995796a33b6482ac413ea\r\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.1_i386.deb\r\n Size/MD5 checksum: 22344 e9e76892435a11ab9f504f044893331d\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.1_i386.deb\r\n Size/MD5 checksum: 22354 6c8610eef3cdb923a5848c3c6e31d0fe\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.1_i386.deb\r\n Size/MD5 checksum: 22698 b2ff8d7600e250a50459ddc964f7dbdf\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.1_i386.deb\r\n Size/MD5 checksum: 22336 b1aad678b3ddf89bf94759f9f3858fe4\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.1_i386.deb\r\n Size/MD5 checksum: 182520 a3d50d0da284264b733f40ee7febd08f\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.1_ia64.deb\r\n Size/MD5 checksum: 182478 17b94fb0f374818cdd5ff7fffb814e3c\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.1_ia64.deb\r\n Size/MD5 checksum: 10650318 867330a74271726f25ec7cb437881675\r\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.1_ia64.deb\r\n Size/MD5 checksum: 145608 712a2349fd200a7d786416ed2e90b888\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.1_ia64.deb\r\n Size/MD5 checksum: 22350 db12f448877fa43dc8d16cf9f1bc0e76\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.1_ia64.deb\r\n Size/MD5 checksum: 22336 eab2d2ff1a049de7b0c350df34c49c6b\r\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.1_ia64.deb\r\n Size/MD5 checksum: 22344 4eebff3e87f1ef9410592a749c3d2542\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1_ia64.deb\r\n Size/MD5 checksum: 827424 0b3cf3ee033095dc2b77b5e4c7a031fb\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.1_ia64.deb\r\n Size/MD5 checksum: 22690 c5c429e114db82106e54b6b850eee18b\r\n\r\nmips architecture (MIPS (Big Endian))\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.1_mips.deb\r\n Size/MD5 checksum: 22338 0959e956ec8a654df5783d41f25fe097\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.1_mips.deb\r\n Size/MD5 checksum: 8025014 79b62949c040c67c4bcab05f54b140a4\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.1_mips.deb\r\n Size/MD5 checksum: 22692 473b7ab46163aa2eec6fc283d4d8b326\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.1_mips.deb\r\n Size/MD5 checksum: 22354 93832d797079af2c7ed673eb8605ad08\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.1_mips.deb\r\n Size/MD5 checksum: 182502 abb2e923e897c8e5737a3304ff879ed7\r\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.1_mips.deb\r\n Size/MD5 checksum: 104892 7e25d3d517b0eb9ced49791660866358\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1_mips.deb\r\n Size/MD5 checksum: 588506 fed1a6a3a87b13a2cf706849b1cfab8b\r\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.1_mips.deb\r\n Size/MD5 checksum: 22350 b1d818602719192cd5438c849b31ed4d\r\n\r\nmipsel architecture (MIPS (Little Endian))\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.1_mipsel.deb\r\n Size/MD5 checksum: 22338 d7abb1c1005e8c57f6d9e9d74a32a8fa\r\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.1_mipsel.deb\r\n Size/MD5 checksum: 104400 ca6d57ab13113dbaa3887a15dd65b6ea\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1_mipsel.deb\r\n Size/MD5 checksum: 575842 47be3916d499a906a4fe36b57c0cd17b\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.1_mipsel.deb\r\n Size/MD5 checksum: 22690 910a891b06d9a04be03c69b70ae9cc9a\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.1_mipsel.deb\r\n Size/MD5 checksum: 7406172 1385d56073bbd6ed2cfe42b1184937ac\r\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.1_mipsel.deb\r\n Size/MD5 checksum: 22350 97e7d6303d485700ea905521a4e46a6f\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.1_mipsel.deb\r\n Size/MD5 checksum: 22358 9d188ba3e2989713f6eb406a56602588\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.1_mipsel.deb\r\n Size/MD5 checksum: 182486 28a53abb380114393defbff0ec50df65\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.1_powerpc.deb\r\n Size/MD5 checksum: 22692 2f49b7a64f01b0a1037b61c36a015ed3\r\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.1_powerpc.deb\r\n Size/MD5 checksum: 104106 3418723376cbb0c3c18570ff68799836\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.1_powerpc.deb\r\n Size/MD5 checksum: 22338 99363115fa0dd4224dda0bc0e2e4762b\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.1_powerpc.deb\r\n Size/MD5 checksum: 182508 32eeaf5941336b48467accf6d14ea9ce\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1_powerpc.deb\r\n Size/MD5 checksum: 583462 dc78a9149389f6bc886a0211247e3539\r\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.1_powerpc.deb\r\n Size/MD5 checksum: 22352 47332c4cbce63f538b5b9d4f610b0a24\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.1_powerpc.deb\r\n Size/MD5 checksum: 22356 38c932a69d2a5ef6ba577d82b1b16857\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.1_powerpc.deb\r\n Size/MD5 checksum: 8605364 a431421901f9019bff4ce868f4e46c40\r\n\r\ns390 architecture (IBM S/390)\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.1_s390.deb\r\n Size/MD5 checksum: 22694 fa6f3fc7a39dc1b8b6030452488bf12a\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.1_s390.deb\r\n Size/MD5 checksum: 22334 9c6cd498668d092e4b9794c40356466f\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.1_s390.deb\r\n Size/MD5 checksum: 9755928 444aa912362bae9470537dd497bd60a3\r\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.1_s390.deb\r\n Size/MD5 checksum: 22338 24797312504679250cdd8b893e0996d4\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.1_s390.deb\r\n Size/MD5 checksum: 182454 fe98e9d9ad70ceb84d66657815bd6778\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.1_s390.deb\r\n Size/MD5 checksum: 640886 c4eb7212909a6ad41cb1becf8bfe3656\r\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.1_s390.deb\r\n Size/MD5 checksum: 115478 7761780c7281fd5d3c488fc16df95a1e\r\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.1_s390.deb\r\n Size/MD5 checksum: 22354 75e8c12f8e5530ce95fdcbea118ec269\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.6 (GNU/Linux)\r\n\r\niD8DBQFHS2GEXm3vHE4uyloRAoQ2AKC5GfbCzvCX3+6gRt5uPMr4sxAgqACfQGz3\r\nWhpZ2Bo2+NDEtZs7ba3jwGo=\r\n=5Tfg\r\n-----END PGP SIGNATURE-----", "cvss3": {}, "published": "2007-11-29T00:00:00", "type": "securityvulns", "title": "[SECURITY] [DSA 1414-1] New wireshark packages fix several vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6121", "CVE-2007-6114", "CVE-2007-6120"], "modified": "2007-11-29T00:00:00", "id": "SECURITYVULNS:DOC:18530", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:18530", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:27", "description": "Buffer overflow on SSL parsing, DoS on HTTP, MEGACO, Bluetooth SDP, RPC parsing.", "cvss3": {}, "published": "2007-11-29T00:00:00", "type": "securityvulns", "title": "WireShark sniffer multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6121", "CVE-2007-6114", "CVE-2007-6120"], "modified": "2007-11-29T00:00:00", "id": "SECURITYVULNS:VULN:8386", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8386", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:28", "description": "Infinite loop in RPC dissector, memory exhaustion in CIP dissector.", "cvss3": {}, "published": "2008-01-04T00:00:00", "type": "securityvulns", "title": "Wireshark multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2007-6451", "CVE-2007-6450"], "modified": "2008-01-04T00:00:00", "id": "SECURITYVULNS:VULN:8520", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8520", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "osv": [{"lastseen": "2022-07-21T08:35:00", "description": "\nSeveral remote vulnerabilities have been discovered in the Wireshark\nnetwork traffic analyzer, which may lead to denial of service or \nexecution of arbitrary code. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\n\n* [CVE-2007-6114](https://security-tracker.debian.org/tracker/CVE-2007-6114)\nStefan Esser discovered a buffer overflow in the SSL dissector.\n Fabiodds discovered a buffer overflow in the iSeries trace\n dissector.\n* [CVE-2007-6117](https://security-tracker.debian.org/tracker/CVE-2007-6117)\nA programming error was discovered in the HTTP dissector, which may\n lead to denial of service.\n* [CVE-2007-6118](https://security-tracker.debian.org/tracker/CVE-2007-6118)\nThe MEGACO dissector could be tricked into resource exhaustion.\n* [CVE-2007-6120](https://security-tracker.debian.org/tracker/CVE-2007-6120)\nThe Bluetooth SDP dissector could be tricked into an endless loop.\n* [CVE-2007-6121](https://security-tracker.debian.org/tracker/CVE-2007-6121)\nThe RPC portmap dissector could be tricked into dereferencing\n a NULL pointer.\n\n\nFor the old stable distribution (sarge), these problems have been\nfixed in version 0.10.10-2sarge10. (In Sarge Wireshark used to be\ncalled Ethereal). Updated packages for sparc and m68k will be provided\nlater.\n\n\nFor the stable distribution (etch), these problems have been fixed\nin version 0.99.4-5.etch.1. Updated packages for sparc will be provided\nlater.\n\n\nWe recommend that you upgrade your wireshark/ethereal packages.\n\n\n", "cvss3": {}, "published": "2007-11-27T00:00:00", "type": "osv", "title": "wireshark - several vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6121", "CVE-2007-6114", "CVE-2007-6120"], "modified": "2022-07-21T05:46:24", "id": "OSV:DSA-1414-1", "href": "https://osv.dev/vulnerability/DSA-1414-1", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-21T08:34:55", "description": "\n\nSeveral remote vulnerabilities have been discovered in the Wireshark\nnetwork traffic analyzer, which may lead to denial of service. The\nCommon Vulnerabilities and Exposures project identifies the following\nproblems:\n\n\n\n* [CVE-2007-6450](https://security-tracker.debian.org/tracker/CVE-2007-6450)\n\n The RPL dissector could be tricked into an infinite loop.\n* [CVE-2007-6451](https://security-tracker.debian.org/tracker/CVE-2007-6451)\n\n The CIP dissector could be tricked into excessive memory\n allocation.\n\n\n\nFor the old stable distribution (sarge), these problems have been fixed in\nversion 0.10.10-2sarge11. (In Sarge Wireshark used to be called Ethereal).\n\n\n\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 0.99.4-5.etch.2.\n\n\n\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 0.99.7-1.\n\n\n\n\nWe recommend that you upgrade your wireshark packages.\n\n\n\n", "cvss3": {}, "published": "2008-01-03T00:00:00", "type": "osv", "title": "wireshark denial of service", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6451", "CVE-2007-6450"], "modified": "2022-07-21T05:46:27", "id": "OSV:DSA-1446-1", "href": "https://osv.dev/vulnerability/DSA-1446-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:48", "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "cvss3": {}, "published": "2007-12-20T19:51:33", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: wireshark-0.99.7-2.fc8", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6111", "CVE-2007-6112", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6116", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6119", "CVE-2007-6120", "CVE-2007-6121"], "modified": "2007-12-20T19:51:33", "id": "FEDORA:LBKJPVWE025732", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/2ABDZTCBHEFFQDPOVAOBLKJTCAOCDF4E/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:48", "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "cvss3": {}, "published": "2007-12-21T21:09:16", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: wireshark-0.99.7-1.fc7", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6111", "CVE-2007-6112", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6116", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6119", "CVE-2007-6120", "CVE-2007-6121"], "modified": "2007-12-21T21:09:16", "id": "FEDORA:LBLL8LEN001925", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/E5ALS4YZVZQ5L4VWJC2BBJSBQ6IASO2F/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debiancve": [{"lastseen": "2023-01-23T06:10:00", "description": "Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors.", "cvss3": {}, "published": "2007-11-23T20:46:00", "type": "debiancve", "title": "CVE-2007-6115", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6115"], "modified": "2007-11-23T20:46:00", "id": "DEBIANCVE:CVE-2007-6115", "href": "https://security-tracker.debian.org/tracker/CVE-2007-6115", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-23T06:10:00", "description": "The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors.", "cvss3": {}, "published": "2007-11-23T20:46:00", "type": "debiancve", "title": "CVE-2007-6118", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6118"], "modified": "2007-11-23T20:46:00", "id": "DEBIANCVE:CVE-2007-6118", "href": "https://security-tracker.debian.org/tracker/CVE-2007-6118", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-23T06:10:00", "description": "Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.", "cvss3": {}, "published": "2007-11-23T20:46:00", "type": "debiancve", "title": "CVE-2007-6112", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6112"], "modified": "2007-11-23T20:46:00", "id": "DEBIANCVE:CVE-2007-6112", "href": "https://security-tracker.debian.org/tracker/CVE-2007-6112", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-23T06:10:00", "description": "Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser.", "cvss3": {}, "published": "2007-11-23T20:46:00", "type": "debiancve", "title": "CVE-2007-6114", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6114"], "modified": "2007-11-23T20:46:00", "id": "DEBIANCVE:CVE-2007-6114", "href": "https://security-tracker.debian.org/tracker/CVE-2007-6114", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-23T06:10:00", "description": "Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet.", "cvss3": {}, "published": "2007-11-23T20:46:00", "type": "debiancve", "title": "CVE-2007-6121", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6121"], "modified": "2007-11-23T20:46:00", "id": "DEBIANCVE:CVE-2007-6121", "href": "https://security-tracker.debian.org/tracker/CVE-2007-6121", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-23T06:10:00", "description": "The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.", "cvss3": {}, "published": "2007-11-23T20:46:00", "type": "debiancve", "title": "CVE-2007-6120", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6120"], "modified": "2007-11-23T20:46:00", "id": "DEBIANCVE:CVE-2007-6120", "href": "https://security-tracker.debian.org/tracker/CVE-2007-6120", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-23T06:10:00", "description": "Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP3 packet.", "cvss3": {}, "published": "2007-11-23T20:46:00", "type": "debiancve", "title": "CVE-2007-6113", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6113"], "modified": "2007-11-23T20:46:00", "id": "DEBIANCVE:CVE-2007-6113", "href": "https://security-tracker.debian.org/tracker/CVE-2007-6113", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-23T06:10:00", "description": "Unspecified vulnerability in the HTTP dissector for Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted chunked messages.", "cvss3": {}, "published": "2007-11-23T20:46:00", "type": "debiancve", "title": "CVE-2007-6117", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6117"], "modified": "2007-11-23T20:46:00", "id": "DEBIANCVE:CVE-2007-6117", "href": "https://security-tracker.debian.org/tracker/CVE-2007-6117", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-23T06:10:00", "description": "The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors related to \"unaligned access on some platforms.\"", "cvss3": {}, "published": "2007-12-19T22:46:00", "type": "debiancve", "title": "CVE-2007-6441", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6441"], "modified": "2007-12-19T22:46:00", "id": "DEBIANCVE:CVE-2007-6441", "href": "https://security-tracker.debian.org/tracker/CVE-2007-6441", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-23T06:10:00", "description": "Unspecified vulnerability in the CIP dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger allocation of large amounts of memory.", "cvss3": {}, "published": "2007-12-19T22:46:00", "type": "debiancve", "title": "CVE-2007-6451", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6451"], "modified": "2007-12-19T22:46:00", "id": "DEBIANCVE:CVE-2007-6451", "href": "https://security-tracker.debian.org/tracker/CVE-2007-6451", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-23T06:10:00", "description": "The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.", "cvss3": {}, "published": "2007-12-19T22:46:00", "type": "debiancve", "title": "CVE-2007-6450", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6450"], "modified": "2007-12-19T22:46:00", "id": "DEBIANCVE:CVE-2007-6450", "href": "https://security-tracker.debian.org/tracker/CVE-2007-6450", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-14T06:12:39", "description": "Unspecified vulnerability in the SMB dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service via unknown vectors. NOTE: this identifier originally included MP3 and NCP, but those issues are already covered by CVE-2007-6111.", "cvss3": {}, "published": "2007-12-19T22:46:00", "type": "debiancve", "title": "CVE-2007-6438", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6111", "CVE-2007-6438"], "modified": "2007-12-19T22:46:00", "id": "DEBIANCVE:CVE-2007-6438", "href": "https://security-tracker.debian.org/tracker/CVE-2007-6438", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-14T06:12:39", "description": "Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite or large loop) via the (1) IPv6 or (2) USB dissector, which can trigger resource consumption or a crash. NOTE: this identifier originally included Firebird/Interbase, but it is already covered by CVE-2007-6116. The DCP ETSI issue is already covered by CVE-2007-6119.", "cvss3": {}, "published": "2007-12-19T22:46:00", "type": "debiancve", "title": "CVE-2007-6439", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 6.1, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6116", "CVE-2007-6119", "CVE-2007-6439"], "modified": "2007-12-19T22:46:00", "id": "DEBIANCVE:CVE-2007-6439", "href": "https://security-tracker.debian.org/tracker/CVE-2007-6439", "cvss": {"score": 6.1, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:C"}}], "ubuntucve": [{"lastseen": "2023-02-15T16:44:48", "description": "Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal)\n0.99.5 to 0.99.6, when running on unspecified platforms, allows remote\nattackers to cause a denial of service and possibly execute arbitrary code\nvia unknown vectors.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+source/wireshark/+bug/164501>\n", "cvss3": {}, "published": "2007-11-23T00:00:00", "type": "ubuntucve", "title": "CVE-2007-6115", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6115"], "modified": "2007-11-23T00:00:00", "id": "UB:CVE-2007-6115", "href": "https://ubuntu.com/security/CVE-2007-6115", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-15T16:44:48", "description": "Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6\nallows remote attackers to cause a denial of service (crash) and possibly\nexecute arbitrary code via unknown vectors.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+source/wireshark/+bug/164501>\n", "cvss3": {}, "published": "2007-11-23T00:00:00", "type": "ubuntucve", "title": "CVE-2007-6112", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6112"], "modified": "2007-11-23T00:00:00", "id": "UB:CVE-2007-6112", "href": "https://ubuntu.com/security/CVE-2007-6112", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-15T16:44:47", "description": "The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6\nallows remote attackers to cause a denial of service (long loop and\nresource consumption) via unknown vectors.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+source/wireshark/+bug/164501>\n", "cvss3": {}, "published": "2007-11-23T00:00:00", "type": "ubuntucve", "title": "CVE-2007-6118", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6118"], "modified": "2007-11-23T00:00:00", "id": "UB:CVE-2007-6118", "href": "https://ubuntu.com/security/CVE-2007-6118", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-15T16:44:47", "description": "Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through\n0.99.6 allow remote attackers to cause a denial of service (crash) and\npossibly execute arbitrary code via (1) the SSL dissector or (2) the\niSeries (OS/400) Communication trace file parser.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+source/wireshark/+bug/164501>\n", "cvss3": {}, "published": "2007-11-23T00:00:00", "type": "ubuntucve", "title": "CVE-2007-6114", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6114"], "modified": "2007-11-23T00:00:00", "id": "UB:CVE-2007-6114", "href": "https://ubuntu.com/security/CVE-2007-6114", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-15T16:44:48", "description": "Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to\ncause a denial of service (crash) via a malformed RPC Portmap packet.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+source/wireshark/+bug/164501>\n", "cvss3": {}, "published": "2007-11-23T00:00:00", "type": "ubuntucve", "title": "CVE-2007-6121", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6121"], "modified": "2007-11-23T00:00:00", "id": "UB:CVE-2007-6121", "href": "https://ubuntu.com/security/CVE-2007-6121", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-15T16:44:49", "description": "Integer signedness error in the DNP3 dissector in Wireshark (formerly\nEthereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of\nservice (long loop) via a malformed DNP3 packet.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+source/wireshark/+bug/164501>\n", "cvss3": {}, "published": "2007-11-23T00:00:00", "type": "ubuntucve", "title": "CVE-2007-6113", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6113"], "modified": "2007-11-23T00:00:00", "id": "UB:CVE-2007-6113", "href": "https://ubuntu.com/security/CVE-2007-6113", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-15T16:44:45", "description": "The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6\nallows remote attackers to cause a denial of service (infinite loop) via\nunknown vectors.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+source/wireshark/+bug/164501>\n", "cvss3": {}, "published": "2007-11-23T00:00:00", "type": "ubuntucve", "title": "CVE-2007-6120", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6120"], "modified": "2007-11-23T00:00:00", "id": "UB:CVE-2007-6120", "href": "https://ubuntu.com/security/CVE-2007-6120", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-15T16:44:48", "description": "Unspecified vulnerability in the HTTP dissector for Wireshark (formerly\nEthereal) 0.10.14 to 0.99.6 allows remote attackers to cause a denial of\nservice (crash) and possibly execute arbitrary code via crafted chunked\nmessages.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+source/wireshark/+bug/164501>\n", "cvss3": {}, "published": "2007-11-23T00:00:00", "type": "ubuntucve", "title": "CVE-2007-6117", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6117"], "modified": "2007-11-23T00:00:00", "id": "UB:CVE-2007-6117", "href": "https://ubuntu.com/security/CVE-2007-6117", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-15T16:44:20", "description": "The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote\nattackers to cause a denial of service (crash) via unknown vectors related\nto \"unaligned access on some platforms.\"", "cvss3": {}, "published": "2007-12-19T00:00:00", "type": "ubuntucve", "title": "CVE-2007-6441", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6441"], "modified": "2007-12-19T00:00:00", "id": "UB:CVE-2007-6441", "href": "https://ubuntu.com/security/CVE-2007-6441", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-15T16:44:18", "description": "Unspecified vulnerability in the CIP dissector in Wireshark (formerly\nEthereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of\nservice (crash) via unknown vectors that trigger allocation of large\namounts of memory.", "cvss3": {}, "published": "2007-12-19T00:00:00", "type": "ubuntucve", "title": "CVE-2007-6451", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6451"], "modified": "2007-12-19T00:00:00", "id": "UB:CVE-2007-6451", "href": "https://ubuntu.com/security/CVE-2007-6451", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-15T16:44:18", "description": "The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6 allows\nremote attackers to cause a denial of service (infinite loop) via unknown\nvectors.", "cvss3": {}, "published": "2007-12-19T00:00:00", "type": "ubuntucve", "title": "CVE-2007-6450", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6450"], "modified": "2007-12-19T00:00:00", "id": "UB:CVE-2007-6450", "href": "https://ubuntu.com/security/CVE-2007-6450", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-15T16:44:20", "description": "Unspecified vulnerability in the SMB dissector in Wireshark (formerly\nEthereal) 0.99.6 allows remote attackers to cause a denial of service via\nunknown vectors. NOTE: this identifier originally included MP3 and NCP, but\nthose issues are already covered by CVE-2007-6111.", "cvss3": {}, "published": "2007-12-19T00:00:00", "type": "ubuntucve", "title": "CVE-2007-6438", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6111", "CVE-2007-6438"], "modified": "2007-12-19T00:00:00", "id": "UB:CVE-2007-6438", "href": "https://ubuntu.com/security/CVE-2007-6438", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-15T16:44:19", "description": "Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a\ndenial of service (infinite or large loop) via the (1) IPv6 or (2) USB\ndissector, which can trigger resource consumption or a crash. NOTE: this\nidentifier originally included Firebird/Interbase, but it is already\ncovered by CVE-2007-6116. The DCP ETSI issue is already covered by\nCVE-2007-6119.", "cvss3": {}, "published": "2007-12-19T00:00:00", "type": "ubuntucve", "title": "CVE-2007-6439", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 6.1, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6116", "CVE-2007-6119", "CVE-2007-6439"], "modified": "2007-12-19T00:00:00", "id": "UB:CVE-2007-6439", "href": "https://ubuntu.com/security/CVE-2007-6439", "cvss": {"score": 6.1, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:C"}}], "veracode": [{"lastseen": "2022-07-27T09:59:51", "description": "wireshark is vulnerable to arbitrary code execution. Several flaws were found in Wireshark. Wireshark could crash or possibly execute arbitrary code as the user running Wireshark if it read a malformed packet off the network.\n", "cvss3": {}, "published": "2020-04-10T00:23:11", "type": "veracode", "title": "Arbitrary Code Execution", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6115"], "modified": "2022-04-19T18:28:54", "id": "VERACODE:23334", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-23334/summary", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-27T10:00:06", "description": "wireshark is vulnerable to arbitrary code execution. Several flaws were found in Wireshark. Wireshark could crash or possibly execute arbitrary code as the user running Wireshark if it read a malformed packet off the network.\n", "cvss3": {}, "published": "2020-04-10T00:23:10", "type": "veracode", "title": "Arbitrary Code Execution", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6112"], "modified": "2022-04-19T18:28:49", "id": "VERACODE:23331", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-23331/summary", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-27T10:06:42", "description": "wireshark is vulnerable to denial of service. Several denial of service bugs were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off the network.\n", "cvss3": {}, "published": "2020-04-10T00:23:12", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6118"], "modified": "2022-04-19T18:28:49", "id": "VERACODE:23337", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-23337/summary", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-07-27T09:59:35", "description": "wireshark is vulnerable to arbitrary code execution. Several flaws were found in Wireshark. Wireshark could crash or possibly execute arbitrary code as the user running Wireshark if it read a malformed packet off the network.\n", "cvss3": {}, "published": "2020-04-10T00:23:11", "type": "veracode", "title": "Arbitrary Code Execution", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6114"], "modified": "2022-04-19T18:28:51", "id": "VERACODE:23333", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-23333/summary", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-27T10:23:23", "description": "wireshark is vulnerable to denial of service. Several denial of service bugs were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off the network. \n", "cvss3": {}, "published": "2020-04-10T00:23:13", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6121"], "modified": "2022-04-19T18:28:53", "id": "VERACODE:23340", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-23340/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-27T10:23:22", "description": "wireshark is vulnerable to denial of service. Several denial of service bugs were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off the network. \n", "cvss3": {}, "published": "2020-04-10T00:23:13", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6120"], "modified": "2022-04-19T18:28:52", "id": "VERACODE:23339", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-23339/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-27T10:42:16", "description": "wireshark is vulnerable to denial of service. Several denial of service bugs were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off the network.\n", "cvss3": {}, "published": "2020-04-10T00:23:11", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6113"], "modified": "2022-04-19T18:35:54", "id": "VERACODE:23332", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-23332/summary", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-27T10:23:22", "description": "wireshark is vulnerable to denial of service. Several denial of service bugs were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off the network.\n", "cvss3": {}, "published": "2020-04-10T00:23:12", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6117"], "modified": "2022-04-19T18:28:53", "id": "VERACODE:23336", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-23336/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-27T10:57:00", "description": "wireshark is vulnerable to denial of service (DoS). The vulnerability exists as wireshark could crash or stop responding if it read a malformed packet off the network.\n", "cvss3": {}, "published": "2020-04-10T00:23:14", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6441"], "modified": "2022-04-19T18:35:53", "id": "VERACODE:23343", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-23343/summary", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-27T10:18:11", "description": "wireshark is vulnerable to denial of service. Several denial of service bugs were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off the network. \n", "cvss3": {}, "published": "2020-04-10T00:23:14", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 6.1, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6439"], "modified": "2022-04-19T18:28:57", "id": "VERACODE:23342", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-23342/summary", "cvss": {"score": 6.1, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-07-27T10:42:18", "description": "wireshark is vulnerable to denial of service (DoS). The vulnerability exists as wireshark could crash or stop responding if it read a malformed packet off the network.\n", "cvss3": {}, "published": "2020-04-10T00:23:15", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6451"], "modified": "2022-04-19T18:28:58", "id": "VERACODE:23345", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-23345/summary", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-27T10:23:25", "description": "wireshark is vulnerable to denial of service (DoS). The vulnerability exists as wireshark could crash or stop responding if it read a malformed packet off the network.\n", "cvss3": {}, "published": "2020-04-10T00:23:15", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6450"], "modified": "2022-04-19T18:35:54", "id": "VERACODE:23344", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-23344/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-27T10:23:23", "description": "wireshark is vulnerable to denial of service. Several denial of service bugs were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off the network. \n", "cvss3": {}, "published": "2020-04-10T00:23:14", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6438"], "modified": "2022-04-19T18:28:55", "id": "VERACODE:23341", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-23341/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2023-02-13T14:16:38", "description": "Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors.", "cvss3": {}, "published": "2007-11-23T20:46:00", "type": "cve", "title": "CVE-2007-6115", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6115"], "modified": "2018-10-15T21:50:00", "cpe": ["cpe:/a:wireshark:wireshark:0.99.5", "cpe:/a:wireshark:wireshark:0.99.6"], "id": "CVE-2007-6115", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6115", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-13T14:16:40", "description": "Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.", "cvss3": {}, "published": "2007-11-23T20:46:00", "type": "cve", "title": "CVE-2007-6112", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6112"], "modified": "2018-10-15T21:49:00", "cpe": ["cpe:/a:wireshark:wireshark:0.99.6"], "id": "CVE-2007-6112", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6112", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-13T14:16:41", "description": "The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors.", "cvss3": {}, "published": "2007-11-23T20:46:00", "type": "cve", "title": "CVE-2007-6118", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6118"], "modified": "2018-10-15T21:50:00", "cpe": ["cpe:/a:ethereal_group:ethereal:0.9.16", "cpe:/a:wireshark:wireshark:0.99.1", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:wireshark:wireshark:0.99.0", "cpe:/a:wireshark:wireshark:0.99.3", "cpe:/a:wireshark:wireshark:0.99.2", "cpe:/a:ethereal_group:ethereal:0.99.0", "cpe:/a:ethereal_group:ethereal:0.9.14", "cpe:/a:ethereal_group:ethereal:0.9.15", "cpe:/a:wireshark:wireshark:0.99", "cpe:/a:wireshark:wireshark:0.99.4", "cpe:/a:wireshark:wireshark:0.99.5"], "id": "CVE-2007-6118", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6118", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.0:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.99.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.16:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.15:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.14:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-13T14:16:40", "description": "Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser.", "cvss3": {}, "published": "2007-11-23T20:46:00", "type": "cve", "title": "CVE-2007-6114", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6114"], "modified": "2018-10-15T21:50:00", "cpe": ["cpe:/a:wireshark:wireshark:0.99.1", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:wireshark:wireshark:0.99.0", "cpe:/a:wireshark:wireshark:0.99.3", "cpe:/a:wireshark:wireshark:0.99.2", "cpe:/a:wireshark:wireshark:0.99.4", "cpe:/a:wireshark:wireshark:0.99.5", "cpe:/a:wireshark:wireshark:0.99"], "id": "CVE-2007-6114", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6114", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-13T14:16:40", "description": "Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet.", "cvss3": {}, "published": "2007-11-23T20:46:00", "type": "cve", "title": "CVE-2007-6121", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6121"], "modified": "2018-10-15T21:50:00", "cpe": ["cpe:/a:ethereal_group:ethereal:0.9.10", "cpe:/a:ethereal_group:ethereal:0.9.6", "cpe:/a:ethereal_group:ethereal:0.10", "cpe:/a:wireshark:wireshark:0.8.16", "cpe:/a:ethereal_group:ethereal:0.8.20", "cpe:/a:wireshark:wireshark:0.99.0", "cpe:/a:ethereal_group:ethereal:0.9.9", "cpe:/a:ethereal_group:ethereal:0.9.2", "cpe:/a:ethereal_group:ethereal:0.9.3", "cpe:/a:ethereal_group:ethereal:0.8.18", "cpe:/a:ethereal_group:ethereal:0.10.13", "cpe:/a:ethereal_group:ethereal:0.10.2", "cpe:/a:ethereal_group:ethereal:0.10.11", "cpe:/a:ethereal_group:ethereal:0.10.14", "cpe:/a:ethereal_group:ethereal:0.10.6", "cpe:/a:ethereal_group:ethereal:0.10.3", "cpe:/a:ethereal_group:ethereal:0.9.16", "cpe:/a:wireshark:wireshark:0.9.8", "cpe:/a:ethereal_group:ethereal:0.9", "cpe:/a:ethereal_group:ethereal:0.9.7", "cpe:/a:ethereal_group:ethereal:0.10.7", "cpe:/a:ethereal_group:ethereal:0.8.16", "cpe:/a:ethereal_group:ethereal:0.9.12", "cpe:/a:ethereal_group:ethereal:0.10.4", "cpe:/a:ethereal_group:ethereal:0.8.17a", "cpe:/a:ethereal_group:ethereal:0.10.0", "cpe:/a:ethereal_group:ethereal:0.10.10", "cpe:/a:ethereal_group:ethereal:0.9.8", "cpe:/a:ethereal_group:ethereal:0.9.14", "cpe:/a:ethereal_group:ethereal:0.99.0", "cpe:/a:ethereal_group:ethereal:0.9.15", "cpe:/a:wireshark:wireshark:0.99.5", "cpe:/a:ethereal_group:ethereal:0.8.19", "cpe:/a:ethereal_group:ethereal:0.9.0", "cpe:/a:ethereal_group:ethereal:0.9.11", "cpe:/a:ethereal_group:ethereal:0.9.4", "cpe:/a:wireshark:wireshark:0.99.4", "cpe:/a:wireshark:wireshark:0.99", "cpe:/a:ethereal_group:ethereal:0.8.17", "cpe:/a:ethereal_group:ethereal:0.10.9", "cpe:/a:ethereal_group:ethereal:0.10.1", "cpe:/a:ethereal_group:ethereal:0.10.5", "cpe:/a:wireshark:wireshark:0.99.1", "cpe:/a:ethereal_group:ethereal:0.10.12", "cpe:/a:ethereal_group:ethereal:0.9.13", "cpe:/a:wireshark:wireshark:0.9.10", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:ethereal_group:ethereal:0.10.8", "cpe:/a:wireshark:wireshark:0.99.3", "cpe:/a:wireshark:wireshark:0.99.2", "cpe:/a:ethereal_group:ethereal:0.9.1", "cpe:/a:ethereal_group:ethereal:0.10.0a", "cpe:/a:ethereal_group:ethereal:0.9.5"], "id": "CVE-2007-6121", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6121", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.8.16:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.6:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.7:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.14:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.8.20:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.14:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.0a:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.8.17a:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.10:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.10:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.8.17:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.12:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.6:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.10:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.15:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.9:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.8.16:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.11:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.99.0:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.5:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.16:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.11:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.12:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.9:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.8.19:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.1:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.13:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.13:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.8:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.8.18:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-13T14:16:40", "description": "Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP3 packet.", "cvss3": {}, "published": "2007-11-23T20:46:00", "type": "cve", "title": "CVE-2007-6113", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6113"], "modified": "2018-10-15T21:49:00", "cpe": ["cpe:/a:wireshark:wireshark:0.10.9", "cpe:/a:wireshark:wireshark:0.8.16", "cpe:/a:wireshark:wireshark:0.99.0", "cpe:/a:wireshark:wireshark:0.10.2", "cpe:/a:wireshark:wireshark:0.9.14", "cpe:/a:wireshark:wireshark:0.10.8", "cpe:/a:wireshark:wireshark:0.9.8", "cpe:/a:wireshark:wireshark:0.10.6", "cpe:/a:wireshark:wireshark:0.10.4", "cpe:/a:wireshark:wireshark:0.9.2", "cpe:/a:wireshark:wireshark:0.6", "cpe:/a:wireshark:wireshark:0.9.15", "cpe:/a:wireshark:wireshark:0.9.5", "cpe:/a:wireshark:wireshark:0.7.9", "cpe:/a:wireshark:wireshark:0.9.6", "cpe:/a:wireshark:wireshark:0.9.7", "cpe:/a:wireshark:wireshark:0.10.7", "cpe:/a:wireshark:wireshark:0.99.4", "cpe:/a:wireshark:wireshark:0.99.5", "cpe:/a:wireshark:wireshark:0.99", "cpe:/a:wireshark:wireshark:0.8.20", "cpe:/a:wireshark:wireshark:0.99.1", "cpe:/a:wireshark:wireshark:0.9.10", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:wireshark:wireshark:0.10.12", "cpe:/a:wireshark:wireshark:0.10.14", "cpe:/a:wireshark:wireshark:0.99.3", "cpe:/a:wireshark:wireshark:0.99.2", "cpe:/a:wireshark:wireshark:0.10.13", "cpe:/a:wireshark:wireshark:0.10.5", "cpe:/a:wireshark:wireshark:0.8.19", "cpe:/a:wireshark:wireshark:0.10.3"], "id": "CVE-2007-6113", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6113", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.8.16:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.14:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.10:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.14:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.13:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.12:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.7.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.8.19:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.15:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.8.20:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-13T14:16:41", "description": "The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.", "cvss3": {}, "published": "2007-11-23T20:46:00", "type": "cve", "title": "CVE-2007-6120", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6120"], "modified": "2018-10-15T21:50:00", "cpe": ["cpe:/a:ethereal_group:ethereal:0.9.10", "cpe:/a:ethereal_group:ethereal:0.9.6", "cpe:/a:ethereal_group:ethereal:0.10", "cpe:/a:wireshark:wireshark:0.99.0", "cpe:/a:ethereal_group:ethereal:0.9.9", "cpe:/a:ethereal_group:ethereal:0.9.2", "cpe:/a:ethereal_group:ethereal:0.9.3", "cpe:/a:ethereal_group:ethereal:0.8.18", "cpe:/a:ethereal_group:ethereal:0.10.13", "cpe:/a:ethereal_group:ethereal:0.10.2", "cpe:/a:ethereal_group:ethereal:0.10.11", "cpe:/a:ethereal_group:ethereal:0.10.14", "cpe:/a:ethereal_group:ethereal:0.8.5", "cpe:/a:ethereal_group:ethereal:0.10.6", "cpe:/a:ethereal_group:ethereal:0.10.3", "cpe:/a:ethereal_group:ethereal:0.9.16", "cpe:/a:ethereal_group:ethereal:0.9", "cpe:/a:ethereal_group:ethereal:0.9.7", "cpe:/a:ethereal_group:ethereal:0.10.7", "cpe:/a:ethereal_group:ethereal:0.8.16", "cpe:/a:ethereal_group:ethereal:0.9.12", "cpe:/a:ethereal_group:ethereal:0.10.4", "cpe:/a:ethereal_group:ethereal:0.10.10", "cpe:/a:ethereal_group:ethereal:0.9.8", "cpe:/a:ethereal_group:ethereal:0.9.14", "cpe:/a:wireshark:wireshark:0.99.4", "cpe:/a:wireshark:wireshark:0.99.5", "cpe:/a:wireshark:wireshark:0.99", "cpe:/a:ethereal_group:ethereal:0.8.19", "cpe:/a:ethereal_group:ethereal:0.9.15", "cpe:/a:ethereal_group:ethereal:0.9.11", "cpe:/a:ethereal_group:ethereal:0.9.4", "cpe:/a:ethereal_group:ethereal:0.8.17", "cpe:/a:ethereal_group:ethereal:0.10.9", "cpe:/a:ethereal_group:ethereal:0.10.1", "cpe:/a:ethereal_group:ethereal:0.10.5", "cpe:/a:wireshark:wireshark:0.99.1", "cpe:/a:ethereal_group:ethereal:0.10.12", "cpe:/a:ethereal_group:ethereal:0.9.13", "cpe:/a:ethereal_group:ethereal:0.10.8", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:wireshark:wireshark:0.99.3", "cpe:/a:wireshark:wireshark:0.99.2", "cpe:/a:ethereal_group:ethereal:0.9.1", "cpe:/a:ethereal_group:ethereal:0.9.5"], "id": "CVE-2007-6120", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6120", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.6:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.7:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.14:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.14:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.10:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.8.17:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.12:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.10:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.15:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.9:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.8.16:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.11:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.5:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.16:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.11:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.12:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.9:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.8.19:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.1:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.13:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.9.13:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.10.8:*:*:*:*:*:*:*", "cpe:2.3:a:ethereal_group:ethereal:0.8.18:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-13T14:16:41", "description": "Unspecified vulnerability in the HTTP dissector for Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted chunked messages.", "cvss3": {}, "published": "2007-11-23T20:46:00", "type": "cve", "title": "CVE-2007-6117", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6117"], "modified": "2018-10-15T21:50:00", "cpe": ["cpe:/a:wireshark:wireshark:0.99.1", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:wireshark:wireshark:0.10.14", "cpe:/a:wireshark:wireshark:0.99.0", "cpe:/a:wireshark:wireshark:0.99.3", "cpe:/a:wireshark:wireshark:0.99.2", "cpe:/a:wireshark:wireshark:0.99.4", "cpe:/a:wireshark:wireshark:0.99.5", "cpe:/a:wireshark:wireshark:0.99"], "id": "CVE-2007-6117", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6117", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.14:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-13T14:17:34", "description": "The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors related to \"unaligned access on some platforms.\"", "cvss3": {}, "published": "2007-12-19T22:46:00", "type": "cve", "title": "CVE-2007-6441", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6441"], "modified": "2018-10-15T21:54:00", "cpe": ["cpe:/a:wireshark:wireshark:0.99.6"], "id": "CVE-2007-6441", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6441", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-13T14:17:35", "description": "Unspecified vulnerability in the CIP dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger allocation of large amounts of memory.", "cvss3": {}, "published": "2007-12-19T22:46:00", "type": "cve", "title": "CVE-2007-6451", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6451"], "modified": "2018-10-15T21:54:00", "cpe": ["cpe:/a:wireshark:wireshark:0.9.8", "cpe:/a:wireshark:wireshark:0.99.1", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:wireshark:wireshark:0.99.0", "cpe:/a:wireshark:wireshark:0.99.3", "cpe:/a:wireshark:wireshark:0.99.2", "cpe:/a:wireshark:wireshark:0.9.14", "cpe:/a:wireshark:wireshark:0.99.5", "cpe:/a:wireshark:wireshark:0.99", "cpe:/a:wireshark:wireshark:0.99.4"], "id": "CVE-2007-6451", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6451", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.14:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.8:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-13T14:17:35", "description": "The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.", "cvss3": {}, "published": "2007-12-19T22:46:00", "type": "cve", "title": "CVE-2007-6450", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6450"], "modified": "2018-10-15T21:54:00", "cpe": ["cpe:/a:wireshark:wireshark:0.9.8", "cpe:/a:wireshark:wireshark:0.99.1", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:wireshark:wireshark:0.99.0", "cpe:/a:wireshark:wireshark:0.99.3", "cpe:/a:wireshark:wireshark:0.99.2", "cpe:/a:wireshark:wireshark:0.99.4", "cpe:/a:wireshark:wireshark:0.99.5", "cpe:/a:wireshark:wireshark:0.99"], "id": "CVE-2007-6450", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6450", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.8:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T13:32:48", "description": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6115. Reason: This candidate is a duplicate of CVE-2007-6115. Notes: All CVE users should reference CVE-2007-6115 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", "cvss3": {}, "published": "2007-12-19T22:46:00", "type": "cve", "title": "CVE-2007-6443", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2007-6115", "CVE-2007-6443"], "modified": "2008-01-10T05:00:00", "cpe": [], "id": "CVE-2007-6443", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6443", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}, {"lastseen": "2022-03-23T13:32:49", "description": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6118. Reason: This candidate is a duplicate of CVE-2007-6118. Notes: All CVE users should reference CVE-2007-6118 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", "cvss3": {}, "published": "2007-12-19T22:46:00", "type": "cve", "title": "CVE-2007-6446", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2007-6118", "CVE-2007-6446"], "modified": "2008-01-10T05:00:00", "cpe": [], "id": "CVE-2007-6446", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6446", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}, {"lastseen": "2022-03-23T13:32:47", "description": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6112. Reason: This candidate is a duplicate of CVE-2007-6112. Notes: All CVE users should reference CVE-2007-6112 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", "cvss3": {}, "published": "2007-12-19T22:46:00", "type": "cve", "title": "CVE-2007-6440", "cwe": ["CWE-119", "NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2007-6112", "CVE-2007-6440"], "modified": "2008-01-10T05:00:00", "cpe": [], "id": "CVE-2007-6440", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6440", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}, {"lastseen": "2022-03-23T13:32:48", "description": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6114. Reason: This candidate is a duplicate of CVE-2007-6114. Notes: All CVE users should reference CVE-2007-6114 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", "cvss3": {}, "published": "2007-12-19T22:46:00", "type": "cve", "title": "CVE-2007-6442", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2007-6114", "CVE-2007-6442"], "modified": "2008-01-10T05:00:00", "cpe": [], "id": "CVE-2007-6442", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6442", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}, {"lastseen": "2022-03-23T13:32:50", "description": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6114. Reason: This candidate is a duplicate of CVE-2007-6114. Notes: All CVE users should reference CVE-2007-6114 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", "cvss3": {}, "published": "2007-12-19T22:46:00", "type": "cve", "title": "CVE-2007-6447", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2007-6114", "CVE-2007-6447"], "modified": "2008-01-10T05:00:00", "cpe": [], "id": "CVE-2007-6447", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6447", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}, {"lastseen": "2022-03-23T13:32:51", "description": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6121. Reason: This candidate is a duplicate of CVE-2007-6121. Notes: All CVE users should reference CVE-2007-6121 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", "cvss3": {}, "published": "2007-12-19T22:46:00", "type": "cve", "title": "CVE-2007-6449", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2007-6121", "CVE-2007-6449"], "modified": "2008-01-10T05:00:00", "cpe": [], "id": "CVE-2007-6449", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6449", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}, {"lastseen": "2022-03-23T13:03:46", "description": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6113. Reason: This candidate is a duplicate of CVE-2007-6113. Notes: All CVE users should reference CVE-2007-6113 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", "cvss3": {}, "published": "2007-09-05T19:17:00", "type": "cve", "title": "CVE-2007-4721", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2007-4721", "CVE-2007-6113"], "modified": "2008-02-11T05:00:00", "cpe": [], "id": "CVE-2007-4721", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4721", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}, {"lastseen": "2022-03-23T13:32:49", "description": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6113. Reason: This candidate is a duplicate of CVE-2007-6113, Notes: All CVE users should reference CVE-2007-6113 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", "cvss3": {}, "published": "2007-12-19T22:46:00", "type": "cve", "title": "CVE-2007-6444", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2007-6113", "CVE-2007-6444"], "modified": "2008-01-10T05:00:00", "cpe": [], "id": "CVE-2007-6444", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6444", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}, {"lastseen": "2022-03-23T13:32:50", "description": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6120. Reason: This candidate is a duplicate of CVE-2007-6120. Notes: All CVE users should reference CVE-2007-6120 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", "cvss3": {}, "published": "2007-12-19T22:46:00", "type": "cve", "title": "CVE-2007-6448", "cwe": ["CWE-119", "CWE-20"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2007-6120", "CVE-2007-6448"], "modified": "2008-01-10T05:00:00", "cpe": [], "id": "CVE-2007-6448", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6448", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}, {"lastseen": "2022-03-23T13:32:54", "description": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6117. Reason: This candidate is a duplicate of CVE-2007-6117. Notes: All CVE users should reference CVE-2007-6117 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", "cvss3": {}, "published": "2007-12-19T22:46:00", "type": "cve", "title": "CVE-2007-6445", "cwe": ["NVD-CWE-noinfo", "CWE-20"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2007-6117", "CVE-2007-6445"], "modified": "2008-01-10T05:00:00", "cpe": [], "id": "CVE-2007-6445", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6445", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}, {"lastseen": "2023-02-13T06:40:16", "description": "Unspecified vulnerability in the SMB dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service via unknown vectors. NOTE: this identifier originally included MP3 and NCP, but those issues are already covered by CVE-2007-6111.", "cvss3": {}, "published": "2007-12-19T22:46:00", "type": "cve", "title": "CVE-2007-6438", "cwe": ["CWE-119", "NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6111", "CVE-2007-6438"], "modified": "2023-02-13T02:18:00", "cpe": ["cpe:/a:wireshark:wireshark:0.99.6"], "id": "CVE-2007-6438", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6438", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-13T06:40:15", "description": "Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite or large loop) via the (1) IPv6 or (2) USB dissector, which can trigger resource consumption or a crash. NOTE: this identifier originally included Firebird/Interbase, but it is already covered by CVE-2007-6116. The DCP ETSI issue is already covered by CVE-2007-6119.", "cvss3": {}, "published": "2007-12-19T22:46:00", "type": "cve", "title": "CVE-2007-6439", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 6.1, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6116", "CVE-2007-6119", "CVE-2007-6439"], "modified": "2023-02-13T02:18:00", "cpe": ["cpe:/a:wireshark:wireshark:0.99.6"], "id": "CVE-2007-6439", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6439", "cvss": {"score": 6.1, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*"]}]}

FreeBSD : wireshark -- multiple vulnerabilities (8a835235-ae84-11dc-a5f9-001a4d49522b)

Description

Related