The remote host is affected by the vulnerability described in GLSA-202007-13 (Wireshark: Multiple vulnerabilities)
Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details.
Impact :
Please review the referenced CVE identifiers for details.
Workaround :
There is no known workaround at this time.
{"id": "GENTOO_GLSA-202007-13.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "GLSA-202007-13 : Wireshark: Multiple vulnerabilities", "description": "The remote host is affected by the vulnerability described in GLSA-202007-13 (Wireshark: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details.\n Impact :\n\n Please review the referenced CVE identifiers for details.\n Workaround :\n\n There is no known workaround at this time.", "published": "2020-07-27T00:00:00", "modified": "2020-08-21T00:00:00", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {}, "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "href": "https://www.tenable.com/plugins/nessus/138936", "reporter": "This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15466", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13164", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9429", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9428", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11647", "https://security.gentoo.org/glsa/202007-13", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9431", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9430"], "cvelist": ["CVE-2020-11647", "CVE-2020-13164", "CVE-2020-15466", "CVE-2020-9428", "CVE-2020-9429", "CVE-2020-9430", "CVE-2020-9431"], "immutableFields": [], "lastseen": "2022-06-28T15:45:29", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "altlinux", "idList": ["0E65D26679FEE3D2692DABD466820CDB", "EEDCCD69307BBF0C0D9328D2783B5A32"]}, {"type": "archlinux", "idList": ["ASA-202004-10", "ASA-202007-2"]}, {"type": "attackerkb", "idList": ["AKB:0F7C99DD-A482-4BC0-980E-6B103DECD87D"]}, {"type": "cve", "idList": ["CVE-2020-11647", "CVE-2020-13164", "CVE-2020-15466", "CVE-2020-9428", "CVE-2020-9429", "CVE-2020-9430", "CVE-2020-9431"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2547-1:C57F2"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-11647", "DEBIANCVE:CVE-2020-13164", "DEBIANCVE:CVE-2020-15466", "DEBIANCVE:CVE-2020-9428", "DEBIANCVE:CVE-2020-9429", "DEBIANCVE:CVE-2020-9430", "DEBIANCVE:CVE-2020-9431"]}, {"type": "fedora", "idList": ["FEDORA:3E30B6331A26", "FEDORA:5E28360F98E0", "FEDORA:A4555604E7EE", "FEDORA:B2B1C63CD072", "FEDORA:EC9736361C63"]}, {"type": "gentoo", "idList": ["GLSA-202007-13"]}, {"type": "kaspersky", "idList": ["KLA11728", "KLA11729", "KLA12077"]}, {"type": "mageia", "idList": ["MGASA-2020-0172"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-2547.NASL", "FEDORA_2020-4F5588CF97.NASL", "FEDORA_2020-87737529A4.NASL", "FEDORA_2020-CA3D3F15F0.NASL", "FEDORA_2020-DA7DCEE2EC.NASL", "MACOSX_WIRESHARK_2_6_17.NASL", "MACOSX_WIRESHARK_3_0_11.NASL", "MACOSX_WIRESHARK_3_2_3.NASL", "MACOSX_WIRESHARK_3_2_4.NASL", "MACOSX_WIRESHARK_3_2_5.NASL", "OPENSUSE-2020-1188.NASL", "OPENSUSE-2020-1199.NASL", "OPENSUSE-2020-362.NASL", "SUSE_SU-2020-0693-1.NASL", "SUSE_SU-2020-2144-1.NASL", "WIRESHARK_2_6_15.NASL", "WIRESHARK_2_6_17.NASL", "WIRESHARK_3_0_11.NASL", "WIRESHARK_3_2_3.NASL", "WIRESHARK_3_2_4.NASL", "WIRESHARK_3_2_5.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310815781", "OPENVAS:1361412562310815782", "OPENVAS:1361412562310815783", "OPENVAS:1361412562310815784", "OPENVAS:1361412562310817031", "OPENVAS:1361412562310817032", "OPENVAS:1361412562310853075", "OPENVAS:1361412562310877730", "OPENVAS:1361412562310877749", "OPENVAS:1361412562310877759", "OPENVAS:1361412562310877927", "OPENVAS:1361412562310877944"]}, {"type": "osv", "idList": ["OSV:DLA-2547-1"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-11647", "RH:CVE-2020-13164", "RH:CVE-2020-15466", "RH:CVE-2020-9428", "RH:CVE-2020-9429", "RH:CVE-2020-9430", "RH:CVE-2020-9431"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:0362-1", "OPENSUSE-SU-2020:1188-1", "OPENSUSE-SU-2020:1199-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-11647", "UB:CVE-2020-13164", "UB:CVE-2020-15466", "UB:CVE-2020-9428", "UB:CVE-2020-9429", "UB:CVE-2020-9430", "UB:CVE-2020-9431"]}, {"type": "veracode", "idList": ["VERACODE:26064", "VERACODE:26280", "VERACODE:26644", "VERACODE:27203", "VERACODE:27204", "VERACODE:27211"]}]}, "score": {"value": 0.5, "vector": "NONE"}, "backreferences": {"references": [{"type": "archlinux", "idList": ["ASA-202004-10", "ASA-202007-2"]}, {"type": "attackerkb", "idList": ["AKB:0F7C99DD-A482-4BC0-980E-6B103DECD87D"]}, {"type": "cve", "idList": ["CVE-2020-9428", "CVE-2020-9429", "CVE-2020-9430", "CVE-2020-9431"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2547-1:C57F2"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-11647", "DEBIANCVE:CVE-2020-13164", "DEBIANCVE:CVE-2020-15466", "DEBIANCVE:CVE-2020-9428", "DEBIANCVE:CVE-2020-9429", "DEBIANCVE:CVE-2020-9430", "DEBIANCVE:CVE-2020-9431"]}, {"type": "fedora", "idList": ["FEDORA:3E30B6331A26", "FEDORA:5E28360F98E0", "FEDORA:A4555604E7EE", "FEDORA:B2B1C63CD072", "FEDORA:EC9736361C63"]}, {"type": "gentoo", "idList": ["GLSA-202007-13"]}, {"type": "kaspersky", "idList": ["KLA11728", "KLA11729"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-2547.NASL", "OPENSUSE-2020-362.NASL", "SUSE_SU-2020-0693-1.NASL", "WIRESHARK_2_6_15.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310815781", "OPENVAS:1361412562310815782", "OPENVAS:1361412562310815783", "OPENVAS:1361412562310815784", "OPENVAS:1361412562310853075"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-11647", "RH:CVE-2020-13164", "RH:CVE-2020-15466", "RH:CVE-2020-9428", "RH:CVE-2020-9429", "RH:CVE-2020-9430", "RH:CVE-2020-9431"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:0362-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-11647", "UB:CVE-2020-13164", "UB:CVE-2020-15466", "UB:CVE-2020-9428", "UB:CVE-2020-9429", "UB:CVE-2020-9430", "UB:CVE-2020-9431"]}]}, "exploitation": null, "vulnersScore": 0.5}, "_state": {"dependencies": 1659994789, "score": 1659880287}, "_internal": {"score_hash": "581ab85b9beebfc923dcea0ddeba6cc1"}, "pluginID": "138936", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202007-13.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138936);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/21\");\n\n script_cve_id(\n \"CVE-2020-11647\",\n \"CVE-2020-13164\",\n \"CVE-2020-15466\",\n \"CVE-2020-9428\",\n \"CVE-2020-9429\",\n \"CVE-2020-9430\",\n \"CVE-2020-9431\"\n );\n script_xref(name:\"GLSA\", value:\"202007-13\");\n script_xref(name:\"IAVB\", value:\"2020-B-0037-S\");\n\n script_name(english:\"GLSA-202007-13 : Wireshark: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-202007-13\n(Wireshark: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Wireshark. Please\n review the CVE identifiers referenced below for details.\n \nImpact :\n\n Please review the referenced CVE identifiers for details.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://security.gentoo.org/glsa/202007-13\");\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All Wireshark users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/wireshark-3.2.5'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/02/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-analyzer/wireshark\", unaffected:make_list(\"ge 3.2.5\"), vulnerable:make_list(\"lt 3.2.5\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Wireshark\");\n}\n", "naslFamily": "Gentoo Local Security Checks", "cpe": ["p-cpe:/a:gentoo:linux:wireshark", "cpe:/o:gentoo:linux"], "solution": "All Wireshark users should upgrade to the latest version:\n # emerge --sync # emerge --ask --oneshot --verbose '>=net-analyzer/wireshark-3.2.5'", "nessusSeverity": "Medium", "cvssScoreSource": "", "vpr": {"risk factor": "Low", "score": "3.6"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-07-26T00:00:00", "vulnerabilityPublicationDate": "2020-02-27T00:00:00", "exploitableWith": []}
{"gentoo": [{"lastseen": "2022-01-17T19:01:53", "description": "### Background\n\nWireshark is a network protocol analyzer formerly known as ethereal.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nPlease review the referenced CVE identifiers for details.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Wireshark users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-analyzer/wireshark-3.2.5\"", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-07-26T00:00:00", "type": "gentoo", "title": "Wireshark: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11647", "CVE-2020-13164", "CVE-2020-15466", "CVE-2020-9428", "CVE-2020-9429", "CVE-2020-9430", "CVE-2020-9431"], "modified": "2020-07-26T00:00:00", "id": "GLSA-202007-13", "href": "https://security.gentoo.org/glsa/202007-13", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "kaspersky": [{"lastseen": "2021-08-18T11:04:46", "description": "### *Detect date*:\n02/26/2020\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service.\n\n### *Affected products*:\nWireshark 3.2.x up to 3.2.2 \nWireshark 3.0.x up to 3.0.9 \nWireshark 2.6.x up to 2.6.15\n\n### *Solution*:\nUpdate to the latest version \n[Download Wireshark](<https://www.wireshark.org/download.html>)\n\n### *Original advisories*:\n[wnpa-sec-2020-03](<https://www.wireshark.org/security/wnpa-sec-2020-03.html>) \n[wnpa-sec-2020-04](<https://www.wireshark.org/security/wnpa-sec-2020-04.html>) \n[wnpa-sec-2020-05](<https://www.wireshark.org/security/wnpa-sec-2020-05.html>) \n[wnpa-sec-2020-06](<https://www.wireshark.org/security/wnpa-sec-2020-06.html>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[Wireshark](<https://threats.kaspersky.com/en/product/Wireshark/>)\n\n### *CVE-IDS*:\n[CVE-2020-9431](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9431>)5.0Critical \n[CVE-2020-9429](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9429>)5.0Critical \n[CVE-2020-9428](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9428>)5.0Critical \n[CVE-2020-9430](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9430>)5.0Critical", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-02-26T00:00:00", "type": "kaspersky", "title": "KLA11728 Multiple vulnerabilities in Wireshark", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9428", "CVE-2020-9429", "CVE-2020-9430", "CVE-2020-9431"], "modified": "2020-06-03T00:00:00", "id": "KLA11728", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11728/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-18T11:04:45", "description": "### *Detect date*:\n04/08/2020\n\n### *Severity*:\nWarning\n\n### *Description*:\nDenial of service vulnerability was found in Wireshark. Malicious users can exploit this vulnerability to cause denial of service.\n\n### *Affected products*:\nWireshark 3.2.x up to 3.2.3 \nWireshark 3.0.x up to 3.0.10 \nWireshark 2.6.x up to 2.6.16\n\n### *Solution*:\nUpdate to the latest version \n[Download Wireshark](<https://www.wireshark.org/download.html>)\n\n### *Original advisories*:\n[wnpa-sec-2020-07](<https://www.wireshark.org/security/wnpa-sec-2020-07.html>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[Wireshark](<https://threats.kaspersky.com/en/product/Wireshark/>)\n\n### *CVE-IDS*:\n[CVE-2020-11647](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11647>)5.0Critical", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-08T00:00:00", "type": "kaspersky", "title": "KLA11729 DoS vulnerability in Wireshark", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11647"], "modified": "2020-06-03T00:00:00", "id": "KLA11729", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11729/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-18T10:58:17", "description": "### *Detect date*:\n07/01/2020\n\n### *Severity*:\nWarning\n\n### *Description*:\nA denial of service vulnerability was found in Wireshark. Malicious users can exploit this vulnerability to cause denial of service.\n\n### *Affected products*:\nWireshark 3.2.x earlier than 3.2.5\n\n### *Solution*:\nUpdate to the latest version \n[Download Wireshark](<https://www.wireshark.org/download.html>)\n\n### *Original advisories*:\n[wnpa-sec-2020-09 \u00b7 GVCP dissector infinite loop](<https://www.wireshark.org/security/wnpa-sec-2020-09.html>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[Wireshark](<https://threats.kaspersky.com/en/product/Wireshark/>)\n\n### *CVE-IDS*:\n[CVE-2020-15466](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15466>)5.0Critical", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-07-01T00:00:00", "type": "kaspersky", "title": "KLA12077 DoS vulnerability in Wireshark", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15466"], "modified": "2021-02-16T00:00:00", "id": "KLA12077", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12077/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2022-02-19T12:22:33", "description": "This update for wireshark fixes the following issues :\n\n - Wireshark to 3.2.5 :\n\n - CVE-2020-15466: GVCP dissector infinite loop (bsc#1173606)\n\n - CVE-2020-13164: NFS dissector crash (bsc#1171899)\n\n - CVE-2020-11647: The BACapp dissector could crash (bsc#1169063)\n\n - Further features, bug fixes and updated protocol support as listed in:\n https://www.wireshark.org/docs/relnotes/wireshark-3.2.5.\n html\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-08-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : wireshark (openSUSE-2020-1188)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11647", "CVE-2020-13164", "CVE-2020-15466"], "modified": "2020-08-18T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libwireshark13", "p-cpe:/a:novell:opensuse:libwireshark13-debuginfo", "p-cpe:/a:novell:opensuse:libwiretap10", "p-cpe:/a:novell:opensuse:libwiretap10-debuginfo", "p-cpe:/a:novell:opensuse:libwsutil11", "p-cpe:/a:novell:opensuse:libwsutil11-debuginfo", "p-cpe:/a:novell:opensuse:wireshark", "p-cpe:/a:novell:opensuse:wireshark-debuginfo", "p-cpe:/a:novell:opensuse:wireshark-debugsource", "p-cpe:/a:novell:opensuse:wireshark-devel", "p-cpe:/a:novell:opensuse:wireshark-ui-qt", "p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-1188.NASL", "href": "https://www.tenable.com/plugins/nessus/139561", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1188.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139561);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/18\");\n\n script_cve_id(\"CVE-2020-11647\", \"CVE-2020-13164\", \"CVE-2020-15466\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-2020-1188)\");\n script_summary(english:\"Check for the openSUSE-2020-1188 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for wireshark fixes the following issues :\n\n - Wireshark to 3.2.5 :\n\n - CVE-2020-15466: GVCP dissector infinite loop\n (bsc#1173606)\n\n - CVE-2020-13164: NFS dissector crash (bsc#1171899)\n\n - CVE-2020-11647: The BACapp dissector could crash\n (bsc#1169063)\n\n - Further features, bug fixes and updated protocol support\n as listed in:\n https://www.wireshark.org/docs/relnotes/wireshark-3.2.5.\n html\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1171899\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173606\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.2.5.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark13-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap10-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwireshark13-3.2.5-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwireshark13-debuginfo-3.2.5-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwiretap10-3.2.5-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwiretap10-debuginfo-3.2.5-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwsutil11-3.2.5-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwsutil11-debuginfo-3.2.5-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-3.2.5-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-debuginfo-3.2.5-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-debugsource-3.2.5-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-devel-3.2.5-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-ui-qt-3.2.5-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-ui-qt-debuginfo-3.2.5-lp151.2.12.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwireshark13 / libwireshark13-debuginfo / libwiretap10 / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-19T12:22:46", "description": "This update for wireshark fixes the following issues :\n\n - Wireshark to 3.2.5 :\n\n - CVE-2020-15466: GVCP dissector infinite loop (bsc#1173606)\n\n - CVE-2020-13164: NFS dissector crash (bsc#1171899)\n\n - CVE-2020-11647: The BACapp dissector could crash (bsc#1169063)\n\n - Further features, bug fixes and updated protocol support as listed in:\n https://www.wireshark.org/docs/relnotes/wireshark-3.2.5.\n html\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-08-18T00:00:00", "type": "nessus", "title": "openSUSE Security Update : wireshark (openSUSE-2020-1199)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11647", "CVE-2020-13164", "CVE-2020-15466"], "modified": "2020-08-20T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libwireshark13", "p-cpe:/a:novell:opensuse:libwireshark13-debuginfo", "p-cpe:/a:novell:opensuse:libwiretap10", "p-cpe:/a:novell:opensuse:libwiretap10-debuginfo", "p-cpe:/a:novell:opensuse:libwsutil11", "p-cpe:/a:novell:opensuse:libwsutil11-debuginfo", "p-cpe:/a:novell:opensuse:wireshark", "p-cpe:/a:novell:opensuse:wireshark-debuginfo", "p-cpe:/a:novell:opensuse:wireshark-debugsource", "p-cpe:/a:novell:opensuse:wireshark-devel", "p-cpe:/a:novell:opensuse:wireshark-ui-qt", "p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2020-1199.NASL", "href": "https://www.tenable.com/plugins/nessus/139645", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1199.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139645);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/20\");\n\n script_cve_id(\"CVE-2020-11647\", \"CVE-2020-13164\", \"CVE-2020-15466\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-2020-1199)\");\n script_summary(english:\"Check for the openSUSE-2020-1199 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for wireshark fixes the following issues :\n\n - Wireshark to 3.2.5 :\n\n - CVE-2020-15466: GVCP dissector infinite loop\n (bsc#1173606)\n\n - CVE-2020-13164: NFS dissector crash (bsc#1171899)\n\n - CVE-2020-11647: The BACapp dissector could crash\n (bsc#1169063)\n\n - Further features, bug fixes and updated protocol support\n as listed in:\n https://www.wireshark.org/docs/relnotes/wireshark-3.2.5.\n html\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1171899\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173606\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.2.5.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark13-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap10-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwireshark13-3.2.5-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwireshark13-debuginfo-3.2.5-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwiretap10-3.2.5-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwiretap10-debuginfo-3.2.5-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwsutil11-3.2.5-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwsutil11-debuginfo-3.2.5-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"wireshark-3.2.5-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"wireshark-debuginfo-3.2.5-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"wireshark-debugsource-3.2.5-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"wireshark-devel-3.2.5-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"wireshark-ui-qt-3.2.5-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"wireshark-ui-qt-debuginfo-3.2.5-lp152.2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwireshark13 / libwireshark13-debuginfo / libwiretap10 / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-19T12:30:36", "description": "This update for wireshark fixes the following issues :\n\nWireshark to 3.2.5 :\n\n - CVE-2020-15466: GVCP dissector infinite loop (bsc#1173606)\n\n - CVE-2020-13164: NFS dissector crash (bsc#1171899)\n\n - CVE-2020-11647: The BACapp dissector could crash (bsc#1169063)\n\nFurther features, bug fixes and updated protocol support as listed in:\nhttps://www.wireshark.org/docs/relnotes/wireshark-3.2.5.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-08-07T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2020:2144-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11647", "CVE-2020-13164", "CVE-2020-15466"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libwireshark13", "p-cpe:/a:novell:suse_linux:libwireshark13-debuginfo", "p-cpe:/a:novell:suse_linux:libwiretap10", "p-cpe:/a:novell:suse_linux:libwiretap10-debuginfo", "p-cpe:/a:novell:suse_linux:libwsutil11", "p-cpe:/a:novell:suse_linux:libwsutil11-debuginfo", "p-cpe:/a:novell:suse_linux:wireshark", "p-cpe:/a:novell:suse_linux:wireshark-debuginfo", "p-cpe:/a:novell:suse_linux:wireshark-debugsource", "p-cpe:/a:novell:suse_linux:wireshark-devel", "p-cpe:/a:novell:suse_linux:wireshark-ui-qt", "p-cpe:/a:novell:suse_linux:wireshark-ui-qt-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-2144-1.NASL", "href": "https://www.tenable.com/plugins/nessus/139405", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:2144-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139405);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2020-11647\", \"CVE-2020-13164\", \"CVE-2020-15466\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2020:2144-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for wireshark fixes the following issues :\n\nWireshark to 3.2.5 :\n\n - CVE-2020-15466: GVCP dissector infinite loop\n (bsc#1173606)\n\n - CVE-2020-13164: NFS dissector crash (bsc#1171899)\n\n - CVE-2020-11647: The BACapp dissector could crash\n (bsc#1169063)\n\nFurther features, bug fixes and updated protocol support as listed in:\nhttps://www.wireshark.org/docs/relnotes/wireshark-3.2.5.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171899\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1173606\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-11647/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-13164/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-15466/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20202144-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?706e5e0a\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.2.5.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Desktop Applications 15-SP2 :\n\nzypper in -t patch\nSUSE-SLE-Module-Desktop-Applications-15-SP2-2020-2144=1\n\nSUSE Linux Enterprise Module for Desktop Applications 15-SP1 :\n\nzypper in -t patch\nSUSE-SLE-Module-Desktop-Applications-15-SP1-2020-2144=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP2 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2020-2144=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-2144=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark13-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap10-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-ui-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1/2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1/2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwireshark13-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwireshark13-debuginfo-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwiretap10-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwiretap10-debuginfo-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwsutil11-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwsutil11-debuginfo-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-debuginfo-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-debugsource-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-devel-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-ui-qt-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-ui-qt-debuginfo-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libwireshark13-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libwireshark13-debuginfo-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libwiretap10-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libwiretap10-debuginfo-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libwsutil11-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libwsutil11-debuginfo-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"wireshark-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"wireshark-debuginfo-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"wireshark-debugsource-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"wireshark-devel-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"wireshark-ui-qt-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"wireshark-ui-qt-debuginfo-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwireshark13-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwireshark13-debuginfo-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwiretap10-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwiretap10-debuginfo-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwsutil11-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwsutil11-debuginfo-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-debuginfo-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-debugsource-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-devel-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-ui-qt-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-ui-qt-debuginfo-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libwireshark13-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libwireshark13-debuginfo-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libwiretap10-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libwiretap10-debuginfo-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libwsutil11-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libwsutil11-debuginfo-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"wireshark-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"wireshark-debuginfo-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"wireshark-debugsource-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"wireshark-devel-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"wireshark-ui-qt-3.2.5-3.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"wireshark-ui-qt-debuginfo-3.2.5-3.38.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:16:39", "description": "The version of Wireshark installed on the remote Windows host is prior to 2.6.15. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.6.15 advisory.\n\n - The LTE RRC dissector could leak memory. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (wireshark-bug-16341) (CVE-2020-9431)\n\n - The WiMax DLMAP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (wireshark- bug-16368) (CVE-2020-9430)\n\n - The EAP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (wireshark-bug-16397) (CVE-2020-9428)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-02-28T00:00:00", "type": "nessus", "title": "Wireshark 2.6.x < 2.6.15 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-9428", "CVE-2020-9430", "CVE-2020-9431"], "modified": "2020-10-15T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_2_6_15.NASL", "href": "https://www.tenable.com/plugins/nessus/134114", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134114);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/15\");\n\n script_cve_id(\"CVE-2020-9428\", \"CVE-2020-9430\", \"CVE-2020-9431\");\n script_xref(name:\"IAVB\", value:\"2020-B-0011-S\");\n\n script_name(english:\"Wireshark 2.6.x < 2.6.15 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote Windows host is prior to 2.6.15. It is, therefore, affected by multiple\nvulnerabilities as referenced in the wireshark-2.6.15 advisory.\n\n - The LTE RRC dissector could leak memory. It may be\n possible to make Wireshark consume excessive CPU\n resources by injecting a malformed packet onto the wire\n or by convincing someone to read a malformed packet\n trace file. (wireshark-bug-16341) (CVE-2020-9431)\n\n - The WiMax DLMAP dissector could crash. It may be\n possible to make Wireshark crash by injecting a\n malformed packet onto the wire or by convincing someone\n to read a malformed packet trace file. (wireshark-\n bug-16368) (CVE-2020-9430)\n\n - The EAP dissector could crash. It may be possible to\n make Wireshark crash by injecting a malformed packet\n onto the wire or by convincing someone to read a\n malformed packet trace file. (wireshark-bug-16397) \n (CVE-2020-9428)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.6.15.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16341\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-03\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16368\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-04\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16397\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-05\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 2.6.15 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-9428\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"installed_sw/Wireshark\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\n\napp_info = vcf::get_app_info(app:'Wireshark', win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '2.6.0', 'max_version' : '2.6.14', 'fixed_version' : '2.6.15' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:15:25", "description": "3.2.3\n\n----\n\nNew version 3.2.2 Security fix for CVE-2020-7044, CVE-2020-9428, CVE-2020-9430, CVE-2020-9431\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-04-27T00:00:00", "type": "nessus", "title": "Fedora 31 : 1:wireshark (2020-87737529a4)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-7044", "CVE-2020-9428", "CVE-2020-9430", "CVE-2020-9431"], "modified": "2020-04-29T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:wireshark", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2020-87737529A4.NASL", "href": "https://www.tenable.com/plugins/nessus/135994", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-87737529a4.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135994);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/29\");\n\n script_cve_id(\"CVE-2020-7044\", \"CVE-2020-9428\", \"CVE-2020-9430\", \"CVE-2020-9431\");\n script_xref(name:\"FEDORA\", value:\"2020-87737529a4\");\n\n script_name(english:\"Fedora 31 : 1:wireshark (2020-87737529a4)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"3.2.3\n\n----\n\nNew version 3.2.2 Security fix for CVE-2020-7044, CVE-2020-9428,\nCVE-2020-9430, CVE-2020-9431\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-87737529a4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 1:wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"wireshark-3.2.3-1.fc31\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:wireshark\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:15:43", "description": "3.2.3\n\n----\n\nNew version 3.2.2 Security fix for CVE-2020-7044, CVE-2020-9428, CVE-2020-9430, CVE-2020-9431\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-04-27T00:00:00", "type": "nessus", "title": "Fedora 30 : 1:wireshark (2020-da7dcee2ec)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-7044", "CVE-2020-9428", "CVE-2020-9430", "CVE-2020-9431"], "modified": "2020-04-29T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:wireshark", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2020-DA7DCEE2EC.NASL", "href": "https://www.tenable.com/plugins/nessus/135997", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-da7dcee2ec.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135997);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/29\");\n\n script_cve_id(\"CVE-2020-7044\", \"CVE-2020-9428\", \"CVE-2020-9430\", \"CVE-2020-9431\");\n script_xref(name:\"FEDORA\", value:\"2020-da7dcee2ec\");\n\n script_name(english:\"Fedora 30 : 1:wireshark (2020-da7dcee2ec)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"3.2.3\n\n----\n\nNew version 3.2.2 Security fix for CVE-2020-7044, CVE-2020-9428,\nCVE-2020-9430, CVE-2020-9431\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-da7dcee2ec\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 1:wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"wireshark-3.2.3-1.fc30\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:wireshark\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-12T14:46:20", "description": "Several vulnerabilities were fixed in Wireshark, a network sniffer.\n\nCVE-2019-13619\n\nASN.1 BER and related dissectors crash.\n\nCVE-2019-16319\n\nThe Gryphon dissector could go into an infinite loop.\n\nCVE-2019-19553\n\nThe CMS dissector could crash.\n\nCVE-2020-7045\n\nThe BT ATT dissector could crash.\n\nCVE-2020-9428\n\nThe EAP dissector could crash.\n\nCVE-2020-9430\n\nThe WiMax DLMAP dissector could crash.\n\nCVE-2020-9431\n\nThe LTE RRC dissector could leak memory.\n\nCVE-2020-11647\n\nThe BACapp dissector could crash.\n\nCVE-2020-13164\n\nThe NFS dissector could crash.\n\nCVE-2020-15466\n\nThe GVCP dissector could go into an infinite loop.\n\nCVE-2020-25862\n\nThe TCP dissector could crash.\n\nCVE-2020-25863\n\nThe MIME Multipart dissector could crash.\n\nCVE-2020-26418\n\nMemory leak in the Kafka protocol dissector.\n\nCVE-2020-26421\n\nCrash in USB HID protocol dissector.\n\nCVE-2020-26575\n\nThe Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop.\n\nCVE-2020-28030\n\nThe GQUIC dissector could crash.\n\nFor Debian 9 stretch, these problems have been fixed in version 2.6.20-0+deb9u1.\n\nWe recommend that you upgrade your wireshark packages.\n\nFor the detailed security status of wireshark please refer to its security tracker page at:\nhttps://security-tracker.debian.org/tracker/wireshark\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-02-08T00:00:00", "type": "nessus", "title": "Debian DLA-2547-1 : wireshark security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13619", "CVE-2019-16319", "CVE-2019-19553", "CVE-2020-11647", "CVE-2020-13164", "CVE-2020-15466", "CVE-2020-25862", "CVE-2020-25863", "CVE-2020-26418", "CVE-2020-26421", "CVE-2020-26575", "CVE-2020-28030", "CVE-2020-7045", "CVE-2020-9428", "CVE-2020-9430", "CVE-2020-9431"], "modified": "2021-02-10T00:00:00", "cpe": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libwireshark-data:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libwireshark-dev:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libwiretap-dev:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libwsutil-dev:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:tshark:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:wireshark:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:wireshark-common:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:wireshark-dev:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:wireshark-doc:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:wireshark-qt:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libwireshark8:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libwiretap6:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libwscodecs1:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libwsutil7:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:wireshark-gtk:*:*:*:*:*:*:*"], "id": "DEBIAN_DLA-2547.NASL", "href": "https://www.tenable.com/plugins/nessus/146291", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2547-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(146291);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/10\");\n\n script_cve_id(\"CVE-2019-13619\", \"CVE-2019-16319\", \"CVE-2019-19553\", \"CVE-2020-11647\", \"CVE-2020-13164\", \"CVE-2020-15466\", \"CVE-2020-25862\", \"CVE-2020-25863\", \"CVE-2020-26418\", \"CVE-2020-26421\", \"CVE-2020-26575\", \"CVE-2020-28030\", \"CVE-2020-7045\", \"CVE-2020-9428\", \"CVE-2020-9430\", \"CVE-2020-9431\");\n\n script_name(english:\"Debian DLA-2547-1 : wireshark security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several vulnerabilities were fixed in Wireshark, a network sniffer.\n\nCVE-2019-13619\n\nASN.1 BER and related dissectors crash.\n\nCVE-2019-16319\n\nThe Gryphon dissector could go into an infinite loop.\n\nCVE-2019-19553\n\nThe CMS dissector could crash.\n\nCVE-2020-7045\n\nThe BT ATT dissector could crash.\n\nCVE-2020-9428\n\nThe EAP dissector could crash.\n\nCVE-2020-9430\n\nThe WiMax DLMAP dissector could crash.\n\nCVE-2020-9431\n\nThe LTE RRC dissector could leak memory.\n\nCVE-2020-11647\n\nThe BACapp dissector could crash.\n\nCVE-2020-13164\n\nThe NFS dissector could crash.\n\nCVE-2020-15466\n\nThe GVCP dissector could go into an infinite loop.\n\nCVE-2020-25862\n\nThe TCP dissector could crash.\n\nCVE-2020-25863\n\nThe MIME Multipart dissector could crash.\n\nCVE-2020-26418\n\nMemory leak in the Kafka protocol dissector.\n\nCVE-2020-26421\n\nCrash in USB HID protocol dissector.\n\nCVE-2020-26575\n\nThe Facebook Zero Protocol (aka FBZERO) dissector could enter an\ninfinite loop.\n\nCVE-2020-28030\n\nThe GQUIC dissector could crash.\n\nFor Debian 9 stretch, these problems have been fixed in version\n2.6.20-0+deb9u1.\n\nWe recommend that you upgrade your wireshark packages.\n\nFor the detailed security status of wireshark please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/wireshark\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/wireshark\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/wireshark\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwireshark-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwireshark-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwireshark8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwiretap-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwiretap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwscodecs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwsutil-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwsutil7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libwireshark-data\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwireshark-dev\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwireshark8\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwiretap-dev\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwiretap6\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwscodecs1\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwsutil-dev\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwsutil7\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"tshark\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark-common\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark-dev\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark-doc\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark-gtk\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark-qt\", reference:\"2.6.20-0+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:15:34", "description": "The version of Wireshark installed on the remote Windows host is 2.6.x prior to 2.6.16, 3.0.x prior to 3.0.10, or 3.2.x prior to 3.2.3.\nIt is, therefore, affected by a vulnerability in the BACapp dissector where injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file can crash Wireshark.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-04-21T00:00:00", "type": "nessus", "title": "Wireshark 2.6.x < 2.6.16 / 3.0.x < 3.0.10 / 3.2.x < 3.2.3 BACapp Dissector DoS", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11647"], "modified": "2020-05-29T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_3_2_3.NASL", "href": "https://www.tenable.com/plugins/nessus/135857", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135857);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2020-11647\");\n script_xref(name:\"IAVB\", value:\"2020-B-0021-S\");\n\n script_name(english:\"Wireshark 2.6.x < 2.6.16 / 3.0.x < 3.0.10 / 3.2.x < 3.2.3 BACapp Dissector DoS\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Windows host is affected by a DoS vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote Windows host is\n2.6.x prior to 2.6.16, 3.0.x prior to 3.0.10, or 3.2.x prior to 3.2.3.\nIt is, therefore, affected by a vulnerability in the BACapp dissector\nwhere injecting a malformed packet onto the wire or by convincing\nsomeone to read a malformed packet trace file can crash Wireshark.\n\nNote that Nessus has not tested for this issue but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.2.3.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.0.10.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.6.16.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16474\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-07\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 2.6.16 / 3.0.10 / 3.2.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11647\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"installed_sw/Wireshark\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\n\napp_info = vcf::get_app_info(app:'Wireshark', win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '2.6.0', 'max_version' : '2.6.15', 'fixed_version' : '2.6.16' },\n { 'min_version' : '3.0.0', 'max_version' : '3.0.9', 'fixed_version' : '3.0.10' },\n { 'min_version' : '3.2.0', 'max_version' : '3.2.2', 'fixed_version' : '3.2.3' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:15:25", "description": "The version of Wireshark installed on the remote macOS / Mac OS X host is 2.6.x prior to 2.6.16, 3.0.x prior to 3.0.10, or 3.2.x prior to 3.2.3.\nIt is, therefore, affected by a vulnerability in the BACapp dissector where injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file can crash Wireshark.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-04-21T00:00:00", "type": "nessus", "title": "Wireshark 2.6.x < 2.6.16 / 3.0.x < 3.0.10 / 3.2.x < 3.2.3 BACapp Dissector DoS (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11647"], "modified": "2020-05-29T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "MACOSX_WIRESHARK_3_2_3.NASL", "href": "https://www.tenable.com/plugins/nessus/135856", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135856);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2020-11647\");\n script_xref(name:\"IAVB\", value:\"2020-B-0021-S\");\n\n script_name(english:\"Wireshark 2.6.x < 2.6.16 / 3.0.x < 3.0.10 / 3.2.x < 3.2.3 BACapp Dissector DoS (macOS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote macOS / Mac OS X host is affected by a DoS vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote macOS / Mac OS X host is\n2.6.x prior to 2.6.16, 3.0.x prior to 3.0.10, or 3.2.x prior to 3.2.3.\nIt is, therefore, affected by a vulnerability in the BACapp dissector\nwhere injecting a malformed packet onto the wire or by convincing\nsomeone to read a malformed packet trace file can crash Wireshark.\n\nNote that Nessus has not tested for this issue but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.2.3.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.0.10.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.6.16.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16474\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-07\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 2.6.16 / 3.0.10 / 3.2.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11647\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_wireshark_installed.nbin\");\n script_require_keys(\"installed_sw/Wireshark\", \"Host/MacOSX/Version\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp_info = vcf::get_app_info(app:'Wireshark');\n\nconstraints = [\n { 'min_version' : '2.6.0', 'max_version' : '2.6.15', 'fixed_version' : '2.6.16' },\n { 'min_version' : '3.0.0', 'max_version' : '3.0.9', 'fixed_version' : '3.0.10' },\n { 'min_version' : '3.2.0', 'max_version' : '3.2.2', 'fixed_version' : '3.2.3' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:14:24", "description": "The version of Wireshark installed on the remote Windows host is prior to 3.2.5. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.2.5 advisory.\n\n - The GVCP dissector could go into an infinite loop. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-15466)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-07-02T00:00:00", "type": "nessus", "title": "Wireshark 3.2.x < 3.2.5 A Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-15466"], "modified": "2020-08-21T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_3_2_5.NASL", "href": "https://www.tenable.com/plugins/nessus/138087", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138087);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/21\");\n\n script_cve_id(\"CVE-2020-15466\");\n script_xref(name:\"IAVB\", value:\"2020-B-0037-S\");\n\n script_name(english:\"Wireshark 3.2.x < 3.2.5 A Vulnerability\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Windows host is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote Windows host is prior to 3.2.5. It is, therefore, affected by a\nvulnerability as referenced in the wireshark-3.2.5 advisory.\n\n - The GVCP dissector could go into an infinite loop. It\n may be possible to make Wireshark consume excessive CPU\n resources by injecting a malformed packet onto the wire\n or by convincing someone to read a malformed packet\n trace file. (CVE-2020-15466)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.2.5.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16029\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-09\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 3.2.5 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-15466\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"installed_sw/Wireshark\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\n\napp_info = vcf::get_app_info(app:'Wireshark', win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '3.2.0', 'max_version' : '3.2.4', 'fixed_version' : '3.2.5' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-19T12:37:39", "description": "The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.2.5. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.2.5 advisory.\n\n - The GVCP dissector could go into an infinite loop. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-15466)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-07-02T00:00:00", "type": "nessus", "title": "Wireshark 3.2.x < 3.2.5 A Vulnerability (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-15466"], "modified": "2020-08-21T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "MACOSX_WIRESHARK_3_2_5.NASL", "href": "https://www.tenable.com/plugins/nessus/138086", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138086);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/21\");\n\n script_cve_id(\"CVE-2020-15466\");\n script_xref(name:\"IAVB\", value:\"2020-B-0037-S\");\n\n script_name(english:\"Wireshark 3.2.x < 3.2.5 A Vulnerability (macOS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote macOS / Mac OS X host is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.2.5. It is, therefore, affected by\na vulnerability as referenced in the wireshark-3.2.5 advisory.\n\n - The GVCP dissector could go into an infinite loop. It\n may be possible to make Wireshark consume excessive CPU\n resources by injecting a malformed packet onto the wire\n or by convincing someone to read a malformed packet\n trace file. (CVE-2020-15466)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.2.5.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16029\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-09\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 3.2.5 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-15466\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_wireshark_installed.nbin\");\n script_require_keys(\"installed_sw/Wireshark\", \"Host/MacOSX/Version\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp_info = vcf::get_app_info(app:'Wireshark');\n\nconstraints = [\n { 'min_version' : '3.2.0', 'max_version' : '3.2.4', 'fixed_version' : '3.2.5' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:15:09", "description": "New version 3.2.4, enabled build with androiddump.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-06-01T00:00:00", "type": "nessus", "title": "Fedora 31 : 1:wireshark (2020-ca3d3f15f0)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13164"], "modified": "2021-06-03T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:wireshark", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2020-CA3D3F15F0.NASL", "href": "https://www.tenable.com/plugins/nessus/136989", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-ca3d3f15f0.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136989);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2020-13164\");\n script_xref(name:\"FEDORA\", value:\"2020-ca3d3f15f0\");\n script_xref(name:\"IAVB\", value:\"2020-B-0031-S\");\n\n script_name(english:\"Fedora 31 : 1:wireshark (2020-ca3d3f15f0)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"New version 3.2.4, enabled build with androiddump.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-ca3d3f15f0\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected 1:wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"wireshark-3.2.4-1.fc31\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:wireshark\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:15:17", "description": "The version of Wireshark installed on the remote Windows host is prior to 2.6.17. It is, therefore, affected by a DoS vulnerability as referenced in the wireshark-2.6.17 advisory.\n\n - It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (wireshark-bug-16476)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-05-27T00:00:00", "type": "nessus", "title": "Wireshark 2.6.x < 2.6.17 NFS dissector DoS Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13164"], "modified": "2021-06-03T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_2_6_17.NASL", "href": "https://www.tenable.com/plugins/nessus/136922", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136922);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2020-13164\");\n script_xref(name:\"IAVB\", value:\"2020-B-0031-S\");\n\n script_name(english:\"Wireshark 2.6.x < 2.6.17 NFS dissector DoS Vulnerability\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Windows host is affected by a DoS vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote Windows host is\nprior to 2.6.17. It is, therefore, affected by a DoS vulnerability\nas referenced in the wireshark-2.6.17 advisory.\n\n - It may be possible to make Wireshark crash by\n injecting a malformed packet onto the wire or by\n convincing someone to read a malformed packet trace\n file. (wireshark-bug-16476)\n\nNote that Nessus has not tested for this issue but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.6.17.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16476\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-08\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 2.6.17 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13164\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"installed_sw/Wireshark\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\n\napp_info = vcf::get_app_info(app:'Wireshark', win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '2.6.0', 'max_version' : '2.6.16', 'fixed_version' : '2.6.17' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:15:17", "description": "New version 3.2.4, enabled build with androiddump.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-06-04T00:00:00", "type": "nessus", "title": "Fedora 32 : 1:wireshark (2020-4f5588cf97)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13164"], "modified": "2021-06-03T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:wireshark", "cpe:/o:fedoraproject:fedora:32"], "id": "FEDORA_2020-4F5588CF97.NASL", "href": "https://www.tenable.com/plugins/nessus/137113", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-4f5588cf97.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(137113);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2020-13164\");\n script_xref(name:\"FEDORA\", value:\"2020-4f5588cf97\");\n script_xref(name:\"IAVB\", value:\"2020-B-0031-S\");\n\n script_name(english:\"Fedora 32 : 1:wireshark (2020-4f5588cf97)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"New version 3.2.4, enabled build with androiddump.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-4f5588cf97\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected 1:wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13164\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:32\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^32([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 32\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC32\", reference:\"wireshark-3.2.4-1.fc32\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:wireshark\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:15:17", "description": "The version of Wireshark installed on the remote Windows host is prior to 3.0.11. It is, therefore, affected by a DoS vulnerability as referenced in the wireshark-3.0.11 advisory.\n\n - It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (wireshark-bug-16476)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-05-27T00:00:00", "type": "nessus", "title": "Wireshark 3.0.x < 3.0.11 NFS dissector DoS Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13164"], "modified": "2021-06-03T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_3_0_11.NASL", "href": "https://www.tenable.com/plugins/nessus/136926", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136926);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2020-13164\");\n script_xref(name:\"IAVB\", value:\"2020-B-0031-S\");\n\n script_name(english:\"Wireshark 3.0.x < 3.0.11 NFS dissector DoS Vulnerability\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Windows host is affected by a DoS vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote Windows host is\nprior to 3.0.11. It is, therefore, affected by a DoS vulnerability\nas referenced in the wireshark-3.0.11 advisory.\n\n - It may be possible to make Wireshark crash by\n injecting a malformed packet onto the wire or by\n convincing someone to read a malformed packet trace\n file. (wireshark-bug-16476)\n\nNote that Nessus has not tested for this issue but has instead\nrelied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.0.11.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16476\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-08\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 3.0.11 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13164\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"installed_sw/Wireshark\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\n\napp_info = vcf::get_app_info(app:'Wireshark', win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '3.0.0', 'max_version' : '3.0.10', 'fixed_version' : '3.0.11' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:15:17", "description": "The version of Wireshark installed on the remote Windows host is prior to 3.2.4. It is, therefore, affected by a DoS vulnerability as referenced in the wireshark-3.2.4 advisory.\n\n - It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (wireshark-bug-16476)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-05-27T00:00:00", "type": "nessus", "title": "Wireshark 3.2.x < 3.2.4 NFS Dissector DoS Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13164"], "modified": "2021-06-03T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_3_2_4.NASL", "href": "https://www.tenable.com/plugins/nessus/136924", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136924);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2020-13164\");\n script_xref(name:\"IAVB\", value:\"2020-B-0031-S\");\n\n script_name(english:\"Wireshark 3.2.x < 3.2.4 NFS Dissector DoS Vulnerability\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Windows host is affected by a DoS vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote Windows host is\nprior to 3.2.4. It is, therefore, affected by a DoS vulnerability\nas referenced in the wireshark-3.2.4 advisory.\n\n - It may be possible to make Wireshark crash by\n injecting a malformed packet onto the wire or by\n convincing someone to read a malformed packet trace\n file. (wireshark-bug-16476)\n\nNote that Nessus has not tested for this issue but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.2.4.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16476\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-08\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 3.2.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13164\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"installed_sw/Wireshark\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\n\napp_info = vcf::get_app_info(app:'Wireshark', win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '3.2.0', 'max_version' : '3.2.3', 'fixed_version' : '3.2.4' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-12T14:57:34", "description": "The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.6.17. It is, therefore, affected by a DoS vulnerability as referenced in the wireshark-2.6.17 advisory.\n\n - It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (wireshark-bug-16476)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-05-27T00:00:00", "type": "nessus", "title": "Wireshark 2.6.x < 2.6.17 NFS dissector Vulnerability (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13164"], "modified": "2021-06-03T00:00:00", "cpe": ["cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*"], "id": "MACOSX_WIRESHARK_2_6_17.NASL", "href": "https://www.tenable.com/plugins/nessus/136921", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136921);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2020-13164\");\n script_xref(name:\"IAVB\", value:\"2020-B-0031-S\");\n\n script_name(english:\"Wireshark 2.6.x < 2.6.17 NFS dissector Vulnerability (macOS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote macOS / Mac OS X host is affected by a DoS vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote macOS / Mac OS X\nhost is prior to 2.6.17. It is, therefore, affected by a DoS\nvulnerability as referenced in the wireshark-2.6.17 advisory.\n\n - It may be possible to make Wireshark crash by\n injecting a malformed packet onto the wire or by\n convincing someone to read a malformed packet trace\n file. (wireshark-bug-16476)\n\nNote that Nessus has not tested for this issue but has instead\nrelied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.6.17.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16476\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-08\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 2.6.17 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13164\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_wireshark_installed.nbin\");\n script_require_keys(\"installed_sw/Wireshark\", \"Host/MacOSX/Version\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp_info = vcf::get_app_info(app:'Wireshark');\n\nconstraints = [\n { 'min_version' : '2.6.0', 'max_version' : '2.6.16', 'fixed_version' : '2.6.17' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-12T14:58:16", "description": "The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.0.11. It is, therefore, affected by a DoS vulnerability as referenced in the wireshark-3.0.11 advisory.\n\n - It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (wireshark-bug-16476)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-05-27T00:00:00", "type": "nessus", "title": "Wireshark 3.0.x < 3.0.11 NFS Dissector Vulnerability (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13164"], "modified": "2021-06-03T00:00:00", "cpe": ["cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*"], "id": "MACOSX_WIRESHARK_3_0_11.NASL", "href": "https://www.tenable.com/plugins/nessus/136925", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136925);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2020-13164\");\n script_xref(name:\"IAVB\", value:\"2020-B-0031-S\");\n\n script_name(english:\"Wireshark 3.0.x < 3.0.11 NFS Dissector Vulnerability (macOS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote macOS / Mac OS X host is affected by a DoS vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote macOS / Mac OS X\nhost is prior to 3.0.11. It is, therefore, affected by a DoS\nvulnerability as referenced in the wireshark-3.0.11 advisory.\n\n - It may be possible to make Wireshark crash by\n injecting a malformed packet onto the wire or by\n convincing someone to read a malformed packet trace\n file. (wireshark-bug-16476)\n\nNote that Nessus has not tested for this issue but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.0.11.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16476\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-08\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 3.0.11 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13164\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_wireshark_installed.nbin\");\n script_require_keys(\"installed_sw/Wireshark\", \"Host/MacOSX/Version\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp_info = vcf::get_app_info(app:'Wireshark');\n\nconstraints = [\n { 'min_version' : '3.0.0', 'max_version' : '3.0.10', 'fixed_version' : '3.0.11' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-12T14:58:59", "description": "The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.2.4. It is, therefore, affected by a DoS vulnerability as referenced in the wireshark-3.2.4 advisory.\n\n - It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (wireshark-bug-16476)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-05-27T00:00:00", "type": "nessus", "title": "Wireshark 3.2.x < 3.2.4 NFS Dissector DoS Vulnerability (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13164"], "modified": "2021-06-03T00:00:00", "cpe": ["cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*"], "id": "MACOSX_WIRESHARK_3_2_4.NASL", "href": "https://www.tenable.com/plugins/nessus/136923", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136923);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2020-13164\");\n script_xref(name:\"IAVB\", value:\"2020-B-0031-S\");\n\n script_name(english:\"Wireshark 3.2.x < 3.2.4 NFS Dissector DoS Vulnerability (macOS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote macOS / Mac OS X host is affected by a DoS vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote macOS / Mac OS X\nhost is prior to 3.2.4. It is, therefore, affected by a DoS\nvulnerability as referenced in the wireshark-3.2.4 advisory.\n\n - It may be possible to make Wireshark crash by\n injecting a malformed packet onto the wire or by\n convincing someone to read a malformed packet trace\n file. (wireshark-bug-16476)\n\nNote that Nessus has not tested for this issue but has instead\nrelied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.2.4.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16476\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-08\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 3.2.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13164\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_wireshark_installed.nbin\");\n script_require_keys(\"installed_sw/Wireshark\", \"Host/MacOSX/Version\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp_info = vcf::get_app_info(app:'Wireshark');\n\nconstraints = [\n { 'min_version' : '3.2.0', 'max_version' : '3.2.3', 'fixed_version' : '3.2.4' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-19T12:56:55", "description": "This update for wireshark and libmaxminddb fixes the following issues :\n\nUpdate wireshark to new major version 3.2.2 and introduce libmaxminddb for GeoIP support (bsc#1156288).\n\nNew features include :\n\nAdded support for 111 new protocols, including WireGuard, LoRaWAN, TPM 2.0, 802.11ax and QUIC\n\nImproved support for existing protocols, like HTTP/2\n\nImproved analytics and usability functionalities\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-03-16T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2020:0693-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11354", "CVE-2018-11355", "CVE-2018-11356", "CVE-2018-11357", "CVE-2018-11358", "CVE-2018-11359", "CVE-2018-11360", "CVE-2018-11361", "CVE-2018-11362", "CVE-2018-12086", "CVE-2018-14339", "CVE-2018-14340", "CVE-2018-14341", "CVE-2018-14342", "CVE-2018-14343", "CVE-2018-14344", "CVE-2018-14367", "CVE-2018-14368", "CVE-2018-14369", "CVE-2018-14370", "CVE-2018-16056", "CVE-2018-16057", "CVE-2018-16058", "CVE-2018-18225", "CVE-2018-18226", "CVE-2018-18227", "CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-19627", "CVE-2018-19628", "CVE-2019-10894", "CVE-2019-10895", "CVE-2019-10896", "CVE-2019-10897", "CVE-2019-10898", "CVE-2019-10899", "CVE-2019-10900", "CVE-2019-10901", "CVE-2019-10902", "CVE-2019-10903", "CVE-2019-13619", "CVE-2019-16319", "CVE-2019-19553", "CVE-2019-5716", "CVE-2019-5717", "CVE-2019-5718", "CVE-2019-5719", "CVE-2019-5721", "CVE-2019-9208", "CVE-2019-9209", "CVE-2019-9214", "CVE-2020-7044", "CVE-2020-9428", "CVE-2020-9429", "CVE-2020-9430", "CVE-2020-9431"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libmaxminddb-debugsource", "p-cpe:/a:novell:suse_linux:libmaxminddb-devel", "p-cpe:/a:novell:suse_linux:libmaxminddb0", "p-cpe:/a:novell:suse_linux:libmaxminddb0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libmaxminddb0-debuginfo", "p-cpe:/a:novell:suse_linux:libspandsp2", "p-cpe:/a:novell:suse_linux:libspandsp2-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libspandsp2-debuginfo", "p-cpe:/a:novell:suse_linux:libwireshark13", "p-cpe:/a:novell:suse_linux:libwireshark13-debuginfo", "p-cpe:/a:novell:suse_linux:libwiretap10", "p-cpe:/a:novell:suse_linux:libwiretap10-debuginfo", "p-cpe:/a:novell:suse_linux:libwsutil11", "p-cpe:/a:novell:suse_linux:libwsutil11-debuginfo", "p-cpe:/a:novell:suse_linux:mmdblookup", "p-cpe:/a:novell:suse_linux:spandsp-debugsource", "p-cpe:/a:novell:suse_linux:spandsp-devel", "p-cpe:/a:novell:suse_linux:wireshark", "p-cpe:/a:novell:suse_linux:wireshark-debuginfo", "p-cpe:/a:novell:suse_linux:wireshark-debugsource", "p-cpe:/a:novell:suse_linux:wireshark-devel", "p-cpe:/a:novell:suse_linux:wireshark-ui-qt", "p-cpe:/a:novell:suse_linux:wireshark-ui-qt-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-0693-1.NASL", "href": "https://www.tenable.com/plugins/nessus/134625", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:0693-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134625);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-11354\", \"CVE-2018-11355\", \"CVE-2018-11356\", \"CVE-2018-11357\", \"CVE-2018-11358\", \"CVE-2018-11359\", \"CVE-2018-11360\", \"CVE-2018-11361\", \"CVE-2018-11362\", \"CVE-2018-12086\", \"CVE-2018-14339\", \"CVE-2018-14340\", \"CVE-2018-14341\", \"CVE-2018-14342\", \"CVE-2018-14343\", \"CVE-2018-14344\", \"CVE-2018-14367\", \"CVE-2018-14368\", \"CVE-2018-14369\", \"CVE-2018-14370\", \"CVE-2018-16056\", \"CVE-2018-16057\", \"CVE-2018-16058\", \"CVE-2018-18225\", \"CVE-2018-18226\", \"CVE-2018-18227\", \"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\", \"CVE-2018-19628\", \"CVE-2019-10894\", \"CVE-2019-10895\", \"CVE-2019-10896\", \"CVE-2019-10897\", \"CVE-2019-10898\", \"CVE-2019-10899\", \"CVE-2019-10900\", \"CVE-2019-10901\", \"CVE-2019-10902\", \"CVE-2019-10903\", \"CVE-2019-13619\", \"CVE-2019-16319\", \"CVE-2019-19553\", \"CVE-2019-5716\", \"CVE-2019-5717\", \"CVE-2019-5718\", \"CVE-2019-5719\", \"CVE-2019-5721\", \"CVE-2019-9208\", \"CVE-2019-9209\", \"CVE-2019-9214\", \"CVE-2020-7044\", \"CVE-2020-9428\", \"CVE-2020-9429\", \"CVE-2020-9430\", \"CVE-2020-9431\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2020:0693-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for wireshark and libmaxminddb fixes the following \nissues :\n\nUpdate wireshark to new major version 3.2.2 and introduce libmaxminddb\nfor GeoIP support (bsc#1156288).\n\nNew features include :\n\nAdded support for 111 new protocols, including WireGuard, LoRaWAN, TPM\n2.0, 802.11ax and QUIC\n\nImproved support for existing protocols, like HTTP/2\n\nImproved analytics and usability functionalities\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1093733\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1094301\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101776\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101777\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101786\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101791\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101794\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101800\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101802\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101804\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101810\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117740\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121231\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121232\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121233\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121234\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121235\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127367\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127369\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127370\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1131941\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1131945\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141980\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156288\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158505\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161052\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165241\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165710\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957624\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-11354/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-11355/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-11356/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-11357/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-11358/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-11359/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-11360/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-11361/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-11362/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-12086/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14339/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14340/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14341/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14342/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14343/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14344/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14367/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14368/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14369/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14370/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16056/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16057/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16058/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-18225/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-18226/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-18227/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19622/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19623/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19624/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19625/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19626/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19627/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19628/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-10894/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-10895/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-10896/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-10897/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-10898/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-10899/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-10900/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-10901/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-10902/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-10903/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13619/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-16319/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19553/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-5716/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-5717/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-5718/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-5719/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-5721/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9208/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9209/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9214/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-7044/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9428/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9429/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9430/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9431/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20200693-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3a67d1f5\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 15:zypper in -t patch\nSUSE-SLE-Product-SLES_SAP-15-2020-693=1\n\nSUSE Linux Enterprise Server 15-LTSS:zypper in -t patch\nSUSE-SLE-Product-SLES-15-2020-693=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2020-693=1\n\nSUSE Linux Enterprise Module for Desktop Applications 15-SP1:zypper in\n-t patch SUSE-SLE-Module-Desktop-Applications-15-SP1-2020-693=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-SP1-2020-693=1\n\nSUSE Linux Enterprise High Performance Computing 15-LTSS:zypper in -t\npatch SUSE-SLE-Product-HPC-15-2020-693=1\n\nSUSE Linux Enterprise High Performance Computing 15-ESPOS:zypper in -t\npatch SUSE-SLE-Product-HPC-15-2020-693=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libmaxminddb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libmaxminddb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libmaxminddb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libmaxminddb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libmaxminddb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libspandsp2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libspandsp2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libspandsp2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark13-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap10-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mmdblookup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:spandsp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:spandsp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-ui-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libmaxminddb0-32bit-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libmaxminddb0-32bit-debuginfo-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libspandsp2-32bit-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libspandsp2-32bit-debuginfo-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libmaxminddb-debugsource-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libmaxminddb-devel-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libmaxminddb0-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libmaxminddb0-debuginfo-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libspandsp2-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libspandsp2-debuginfo-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwireshark13-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwireshark13-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwiretap10-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwiretap10-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwsutil11-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwsutil11-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"mmdblookup-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"spandsp-debugsource-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"spandsp-devel-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-debugsource-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-devel-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-ui-qt-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-ui-qt-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libmaxminddb-debugsource-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libmaxminddb-devel-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libmaxminddb0-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libmaxminddb0-debuginfo-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libspandsp2-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libspandsp2-debuginfo-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libwireshark13-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libwireshark13-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libwiretap10-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libwiretap10-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libwsutil11-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libwsutil11-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"mmdblookup-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"wireshark-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"wireshark-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"wireshark-debugsource-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libmaxminddb0-32bit-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libmaxminddb0-32bit-debuginfo-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libspandsp2-32bit-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libspandsp2-32bit-debuginfo-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libmaxminddb-debugsource-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libmaxminddb-devel-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libmaxminddb0-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libmaxminddb0-debuginfo-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libspandsp2-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libspandsp2-debuginfo-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwireshark13-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwireshark13-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwiretap10-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwiretap10-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwsutil11-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwsutil11-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"mmdblookup-1.4.2-1.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"spandsp-debugsource-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"spandsp-devel-0.0.6-3.2.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-debuginfo-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-debugsource-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-devel-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-ui-qt-3.2.2-3.35.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-ui-qt-debuginfo-3.2.2-3.35.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-02-19T12:54:40", "description": "This update for wireshark and libmaxminddb fixes the following issues :\n\nUpdate wireshark to new major version 3.2.2 and introduce libmaxminddb for GeoIP support (bsc#1156288).\n\nNew features include :\n\n - Added support for 111 new protocols, including WireGuard, LoRaWAN, TPM 2.0, 802.11ax and QUIC\n\n - Improved support for existing protocols, like HTTP/2\n\n - Improved analytics and usability functionalities\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-03-20T00:00:00", "type": "nessus", "title": "openSUSE Security Update : wireshark (openSUSE-2020-362)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11354", "CVE-2018-11355", "CVE-2018-11356", "CVE-2018-11357", "CVE-2018-11358", "CVE-2018-11359", "CVE-2018-11360", "CVE-2018-11361", "CVE-2018-11362", "CVE-2018-12086", "CVE-2018-14339", "CVE-2018-14340", "CVE-2018-14341", "CVE-2018-14342", "CVE-2018-14343", "CVE-2018-14344", "CVE-2018-14367", "CVE-2018-14368", "CVE-2018-14369", "CVE-2018-14370", "CVE-2018-16056", "CVE-2018-16057", "CVE-2018-16058", "CVE-2018-18225", "CVE-2018-18226", "CVE-2018-18227", "CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-19627", "CVE-2018-19628", "CVE-2019-10894", "CVE-2019-10895", "CVE-2019-10896", "CVE-2019-10897", "CVE-2019-10898", "CVE-2019-10899", "CVE-2019-10900", "CVE-2019-10901", "CVE-2019-10902", "CVE-2019-10903", "CVE-2019-13619", "CVE-2019-16319", "CVE-2019-19553", "CVE-2019-5716", "CVE-2019-5717", "CVE-2019-5718", "CVE-2019-5719", "CVE-2019-5721", "CVE-2019-9208", "CVE-2019-9209", "CVE-2019-9214", "CVE-2020-7044", "CVE-2020-9428", "CVE-2020-9429", "CVE-2020-9430", "CVE-2020-9431"], "modified": "2020-03-24T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libmaxminddb-debugsource", "p-cpe:/a:novell:opensuse:libmaxminddb-devel", "p-cpe:/a:novell:opensuse:libmaxminddb0", "p-cpe:/a:novell:opensuse:libmaxminddb0-32bit", "p-cpe:/a:novell:opensuse:libmaxminddb0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libmaxminddb0-debuginfo", "p-cpe:/a:novell:opensuse:libspandsp2", "p-cpe:/a:novell:opensuse:libspandsp2-32bit", "p-cpe:/a:novell:opensuse:libspandsp2-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libspandsp2-debuginfo", "p-cpe:/a:novell:opensuse:libwireshark13", "p-cpe:/a:novell:opensuse:libwireshark13-debuginfo", "p-cpe:/a:novell:opensuse:libwiretap10", "p-cpe:/a:novell:opensuse:libwiretap10-debuginfo", "p-cpe:/a:novell:opensuse:libwsutil11", "p-cpe:/a:novell:opensuse:libwsutil11-debuginfo", "p-cpe:/a:novell:opensuse:mmdblookup", "p-cpe:/a:novell:opensuse:mmdblookup-debuginfo", "p-cpe:/a:novell:opensuse:spandsp-debugsource", "p-cpe:/a:novell:opensuse:spandsp-devel", "p-cpe:/a:novell:opensuse:wireshark", "p-cpe:/a:novell:opensuse:wireshark-debuginfo", "p-cpe:/a:novell:opensuse:wireshark-debugsource", "p-cpe:/a:novell:opensuse:wireshark-devel", "p-cpe:/a:novell:opensuse:wireshark-ui-qt", "p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-362.NASL", "href": "https://www.tenable.com/plugins/nessus/134755", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-362.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134755);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/24\");\n\n script_cve_id(\"CVE-2018-11354\", \"CVE-2018-11355\", \"CVE-2018-11356\", \"CVE-2018-11357\", \"CVE-2018-11358\", \"CVE-2018-11359\", \"CVE-2018-11360\", \"CVE-2018-11361\", \"CVE-2018-11362\", \"CVE-2018-12086\", \"CVE-2018-14339\", \"CVE-2018-14340\", \"CVE-2018-14341\", \"CVE-2018-14342\", \"CVE-2018-14343\", \"CVE-2018-14344\", \"CVE-2018-14367\", \"CVE-2018-14368\", \"CVE-2018-14369\", \"CVE-2018-14370\", \"CVE-2018-16056\", \"CVE-2018-16057\", \"CVE-2018-16058\", \"CVE-2018-18225\", \"CVE-2018-18226\", \"CVE-2018-18227\", \"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\", \"CVE-2018-19628\", \"CVE-2019-10894\", \"CVE-2019-10895\", \"CVE-2019-10896\", \"CVE-2019-10897\", \"CVE-2019-10898\", \"CVE-2019-10899\", \"CVE-2019-10900\", \"CVE-2019-10901\", \"CVE-2019-10902\", \"CVE-2019-10903\", \"CVE-2019-13619\", \"CVE-2019-16319\", \"CVE-2019-19553\", \"CVE-2019-5716\", \"CVE-2019-5717\", \"CVE-2019-5718\", \"CVE-2019-5719\", \"CVE-2019-5721\", \"CVE-2019-9208\", \"CVE-2019-9209\", \"CVE-2019-9214\", \"CVE-2020-7044\", \"CVE-2020-9428\", \"CVE-2020-9429\", \"CVE-2020-9430\", \"CVE-2020-9431\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-2020-362)\");\n script_summary(english:\"Check for the openSUSE-2020-362 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for wireshark and libmaxminddb fixes the following \nissues :\n\nUpdate wireshark to new major version 3.2.2 and introduce libmaxminddb\nfor GeoIP support (bsc#1156288).\n\nNew features include :\n\n - Added support for 111 new protocols, including\n WireGuard, LoRaWAN, TPM 2.0, 802.11ax and QUIC\n\n - Improved support for existing protocols, like HTTP/2\n\n - Improved analytics and usability functionalities\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1093733\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1094301\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101776\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101777\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101786\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101791\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101794\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101800\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101802\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101804\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101810\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1106514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117740\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121231\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121232\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121233\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121234\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121235\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1127367\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1127369\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1127370\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1131941\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1131945\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1136021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1141980\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1150690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1156288\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1158505\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1161052\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1165241\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1165710\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957624\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmaxminddb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmaxminddb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmaxminddb0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmaxminddb0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmaxminddb0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmaxminddb0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libspandsp2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libspandsp2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libspandsp2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libspandsp2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark13-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap10-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mmdblookup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mmdblookup-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:spandsp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:spandsp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libmaxminddb-debugsource-1.4.2-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libmaxminddb-devel-1.4.2-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libmaxminddb0-1.4.2-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libmaxminddb0-debuginfo-1.4.2-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libspandsp2-0.0.6-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libspandsp2-debuginfo-0.0.6-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwireshark13-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwireshark13-debuginfo-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwiretap10-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwiretap10-debuginfo-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwsutil11-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwsutil11-debuginfo-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"mmdblookup-1.4.2-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"mmdblookup-debuginfo-1.4.2-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"spandsp-debugsource-0.0.6-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"spandsp-devel-0.0.6-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-debuginfo-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-debugsource-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-devel-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-ui-qt-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-ui-qt-debuginfo-3.2.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libmaxminddb0-32bit-1.4.2-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libmaxminddb0-32bit-debuginfo-1.4.2-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libspandsp2-32bit-0.0.6-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libspandsp2-32bit-debuginfo-0.0.6-lp151.3.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmaxminddb-debugsource / libmaxminddb-devel / libmaxminddb0 / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "suse": [{"lastseen": "2022-04-21T22:48:16", "description": "An update that fixes three vulnerabilities is now available.\n\nDescription:\n\n This update for wireshark fixes the following issues:\n\n - Wireshark to 3.2.5:\n * CVE-2020-15466: GVCP dissector infinite loop (bsc#1173606)\n * CVE-2020-13164: NFS dissector crash (bsc#1171899)\n * CVE-2020-11647: The BACapp dissector could crash (bsc#1169063)\n - Further features, bug fixes and updated protocol support as listed in:\n https://www.wireshark.org/docs/relnotes/wireshark-3.2.5.html\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.2:\n\n zypper in -t patch openSUSE-2020-1199=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-08-14T00:00:00", "type": "suse", "title": "Security update for wireshark (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11647", "CVE-2020-13164", "CVE-2020-15466"], "modified": "2020-08-14T00:00:00", "id": "OPENSUSE-SU-2020:1199-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/T3R2OFDTARE6AEGK6YO7JR6IFUUG2Q7G/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-04-18T12:41:10", "description": "An update that fixes three vulnerabilities is now available.\n\nDescription:\n\n This update for wireshark fixes the following issues:\n\n - Wireshark to 3.2.5:\n * CVE-2020-15466: GVCP dissector infinite loop (bsc#1173606)\n * CVE-2020-13164: NFS dissector crash (bsc#1171899)\n * CVE-2020-11647: The BACapp dissector could crash (bsc#1169063)\n - Further features, bug fixes and updated protocol support as listed in:\n https://www.wireshark.org/docs/relnotes/wireshark-3.2.5.html\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-1188=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-08-12T00:00:00", "type": "suse", "title": "Security update for wireshark (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11647", "CVE-2020-13164", "CVE-2020-15466"], "modified": "2020-08-12T00:00:00", "id": "OPENSUSE-SU-2020:1188-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HRX3HS4ABNMJ2CDSTPV7YRYUEDZ7JHXF/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-18T10:07:08", "description": "An update that fixes 59 vulnerabilities is now available.\n\nDescription:\n\n This update for wireshark and libmaxminddb fixes the following issues:\n\n Update wireshark to new major version 3.2.2 and introduce libmaxminddb for\n GeoIP support (bsc#1156288).\n\n New features include:\n\n - Added support for 111 new protocols, including WireGuard, LoRaWAN, TPM\n 2.0, 802.11ax and QUIC\n - Improved support for existing protocols, like HTTP/2\n - Improved analytics and usability functionalities\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-362=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-03-19T00:00:00", "type": "suse", "title": "Security update for wireshark (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11354", "CVE-2018-11355", "CVE-2018-11356", "CVE-2018-11357", "CVE-2018-11358", "CVE-2018-11359", "CVE-2018-11360", "CVE-2018-11361", "CVE-2018-11362", "CVE-2018-12086", "CVE-2018-14339", "CVE-2018-14340", "CVE-2018-14341", "CVE-2018-14342", "CVE-2018-14343", "CVE-2018-14344", "CVE-2018-14367", "CVE-2018-14368", "CVE-2018-14369", "CVE-2018-14370", "CVE-2018-16056", "CVE-2018-16057", "CVE-2018-16058", "CVE-2018-18225", "CVE-2018-18226", "CVE-2018-18227", "CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-19625", "CVE-2018-19626", "CVE-2018-19627", "CVE-2018-19628", "CVE-2019-10894", "CVE-2019-10895", "CVE-2019-10896", "CVE-2019-10897", "CVE-2019-10898", "CVE-2019-10899", "CVE-2019-10900", "CVE-2019-10901", "CVE-2019-10902", "CVE-2019-10903", "CVE-2019-13619", "CVE-2019-16319", "CVE-2019-19553", "CVE-2019-5716", "CVE-2019-5717", "CVE-2019-5718", "CVE-2019-5719", "CVE-2019-5721", "CVE-2019-9208", "CVE-2019-9209", "CVE-2019-9214", "CVE-2020-7044", "CVE-2020-9428", "CVE-2020-9429", "CVE-2020-9430", "CVE-2020-9431"], "modified": "2020-03-19T00:00:00", "id": "OPENSUSE-SU-2020:0362-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5IUFGOOBYOJSD6ELATYP2KAV4TMLYPWB/", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "openvas": [{"lastseen": "2020-03-05T16:34:29", "description": "This host is installed with Wireshark\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2020-03-03T00:00:00", "type": "openvas", "title": "Wireshark Security Updates (wnpa-sec-2020-03_wnpa-sec-2020-04_wnpa-sec-2020-05) Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-9431", "CVE-2020-9428", "CVE-2020-9430"], "modified": "2020-03-03T00:00:00", "id": "OPENVAS:1361412562310815781", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815781", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815781\");\n script_version(\"2020-03-03T12:05:12+0000\");\n script_cve_id(\"CVE-2020-9431\", \"CVE-2020-9430\", \"CVE-2020-9428\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-03 12:05:12 +0000 (Tue, 03 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-03 15:27:26 +0530 (Tue, 03 Mar 2020)\");\n script_name(\"Wireshark Security Updates (wnpa-sec-2020-03_wnpa-sec-2020-04_wnpa-sec-2020-05) Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaws exist due to\n\n - An uncontrolled resource consumption issue in LTE RRC dissector.\n\n - An improper input validation issue in WiMax DLMAP dissector.\n\n - An improper neutralization issue in EAP dissector.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation allows attackers\n to crash Wireshark by injecting a malformed packet onto the wire or by\n convincing someone to read a malformed packet trace file.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 2.6.0 to 2.6.14,\n 3.0.0 to 3.0.8, and 3.2.0 to 3.2.1 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 2.6.15, 3.0.9,\n or 3.2.2. Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-03.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-04.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-05.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\n\nwirversion = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:wirversion, test_version:\"2.6.0\", test_version2:\"2.6.14\")){\n fix = \"2.6.15\";\n}\n\nelse if(version_in_range(version:wirversion, test_version:\"3.0.0\", test_version2:\"3.0.8\")){\n fix = \"3.0.9\";\n}\n\nelse if(version_in_range(version:wirversion, test_version:\"3.2.0\", test_version2:\"3.2.1\")){\n fix = \"3.2.2\";\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:wirversion, fixed_version:fix);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-05T16:34:29", "description": "This host is installed with Wireshark\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2020-03-03T00:00:00", "type": "openvas", "title": "Wireshark Security Updates (wnpa-sec-2020-03_wnpa-sec-2020-04_wnpa-sec-2020-05) Mac OS X", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-9431", "CVE-2020-9428", "CVE-2020-9430"], "modified": "2020-03-03T00:00:00", "id": "OPENVAS:1361412562310815782", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815782", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815782\");\n script_version(\"2020-03-03T12:05:12+0000\");\n script_cve_id(\"CVE-2020-9431\", \"CVE-2020-9430\", \"CVE-2020-9428\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-03 12:05:12 +0000 (Tue, 03 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-03 15:04:47 +0530 (Tue, 03 Mar 2020)\");\n script_name(\"Wireshark Security Updates (wnpa-sec-2020-03_wnpa-sec-2020-04_wnpa-sec-2020-05) Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaws exist due to\n\n - An uncontrolled resource consumption issue in LTE RRC dissector.\n\n - An improper input validation issue in WiMax DLMAP dissector.\n\n - An improper neutralization issue in EAP dissector.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation allows attackers\n to crash Wireshark by injecting a malformed packet onto the wire or by\n convincing someone to read a malformed packet trace file.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 2.6.0 to 2.6.14,\n 3.0.0 to 3.0.8, and 3.2.0 to 3.2.1 on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 2.6.15, 3.0.9,\n or 3.2.2. Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-03.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-04.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-05.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_mandatory_keys(\"Wireshark/MacOSX/Version\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nwirversion = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:wirversion, test_version:\"2.6.0\", test_version2:\"2.6.14\")){\n fix = \"2.6.15\";\n}\n\nelse if(version_in_range(version:wirversion, test_version:\"3.0.0\", test_version2:\"3.0.8\")){\n fix = \"3.0.9\";\n}\n\nelse if(version_in_range(version:wirversion, test_version:\"3.2.0\", test_version2:\"3.2.1\")){\n fix = \"3.2.2\";\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:wirversion, fixed_version:fix);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-05-06T00:57:28", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-30T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for wireshark (FEDORA-2020-da7dcee2ec)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-9431", "CVE-2020-9428", "CVE-2020-7044", "CVE-2020-9430"], "modified": "2020-04-30T00:00:00", "id": "OPENVAS:1361412562310877749", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877749", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877749\");\n script_version(\"2020-04-30T08:51:29+0000\");\n script_cve_id(\"CVE-2020-7044\", \"CVE-2020-9428\", \"CVE-2020-9430\", \"CVE-2020-9431\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-30 08:51:29 +0000 (Thu, 30 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-30 03:15:23 +0000 (Thu, 30 Apr 2020)\");\n script_name(\"Fedora: Security Advisory for wireshark (FEDORA-2020-da7dcee2ec)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2020-da7dcee2ec\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XN2GMGLT5XND7U34WX3O23WKUZ7JHMVN\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the FEDORA-2020-da7dcee2ec advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Wireshark allows you to examine protocol data stored in files or as it is\ncaptured from wired or wireless (WiFi or Bluetooth) networks, USB devices,\nand many other sources. It supports dozens of protocol capture file formats\nand understands more than a thousand protocols.\n\nIt has many powerful features including a rich display filter language\nand the ability to reassemble multiple protocol packets in order to, for\nexample, view a complete TCP stream, save the contents of a file which was\ntransferred over HTTP or CIFS, or play back an RTP audio stream.\");\n\n script_tag(name:\"affected\", value:\"'wireshark' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~3.2.3~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-05-06T00:57:31", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-30T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for wireshark (FEDORA-2020-ef943221ca)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-9431", "CVE-2020-9428", "CVE-2020-7044", "CVE-2020-9430"], "modified": "2020-04-30T00:00:00", "id": "OPENVAS:1361412562310877759", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877759", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877759\");\n script_version(\"2020-04-30T08:51:29+0000\");\n script_cve_id(\"CVE-2020-7044\", \"CVE-2020-9428\", \"CVE-2020-9430\", \"CVE-2020-9431\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-30 08:51:29 +0000 (Thu, 30 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-30 03:15:39 +0000 (Thu, 30 Apr 2020)\");\n script_name(\"Fedora: Security Advisory for wireshark (FEDORA-2020-ef943221ca)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC32\");\n\n script_xref(name:\"FEDORA\", value:\"2020-ef943221ca\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZBICEY2HGSNQ3RPBLMDDYVAHGOGS4E2\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the FEDORA-2020-ef943221ca advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Wireshark allows you to examine protocol data stored in files or as it is\ncaptured from wired or wireless (WiFi or Bluetooth) networks, USB devices,\nand many other sources. It supports dozens of protocol capture file formats\nand understands more than a thousand protocols.\n\nIt has many powerful features including a rich display filter language\nand the ability to reassemble multiple protocol packets in order to, for\nexample, view a complete TCP stream, save the contents of a file which was\ntransferred over HTTP or CIFS, or play back an RTP audio stream.\");\n\n script_tag(name:\"affected\", value:\"'wireshark' package(s) on Fedora 32.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC32\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~3.2.3~1.fc32\", rls:\"FC32\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-05-06T00:58:45", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-30T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for wireshark (FEDORA-2020-87737529a4)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-9431", "CVE-2020-9428", "CVE-2020-7044", "CVE-2020-9430"], "modified": "2020-04-30T00:00:00", "id": "OPENVAS:1361412562310877730", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877730", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877730\");\n script_version(\"2020-04-30T08:51:29+0000\");\n script_cve_id(\"CVE-2020-7044\", \"CVE-2020-9428\", \"CVE-2020-9430\", \"CVE-2020-9431\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-30 08:51:29 +0000 (Thu, 30 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-30 03:14:43 +0000 (Thu, 30 Apr 2020)\");\n script_name(\"Fedora: Security Advisory for wireshark (FEDORA-2020-87737529a4)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2020-87737529a4\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDVMBCADP73TBISYCS6ARKOSNNJOGXXZ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the FEDORA-2020-87737529a4 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Wireshark allows you to examine protocol data stored in files or as it is\ncaptured from wired or wireless (WiFi or Bluetooth) networks, USB devices,\nand many other sources. It supports dozens of protocol capture file formats\nand understands more than a thousand protocols.\n\nIt has many powerful features including a rich display filter language\nand the ability to reassemble multiple protocol packets in order to, for\nexample, view a complete TCP stream, save the contents of a file which was\ntransferred over HTTP or CIFS, or play back an RTP audio stream.\");\n\n script_tag(name:\"affected\", value:\"'wireshark' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~3.2.3~1.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-05T15:22:42", "description": "This host is installed with Wireshark\n and is prone to denial of service vulnerability.", "cvss3": {}, "published": "2020-05-28T00:00:00", "type": "openvas", "title": "Wireshark Security Updates(wnpa-sec-2020-08)-MACOSX", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11647"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310817032", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310817032", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.817032\");\n script_version(\"2020-06-04T07:12:28+0000\");\n script_cve_id(\"CVE-2020-11647\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 07:12:28 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-28 12:46:29 +0530 (Thu, 28 May 2020)\");\n script_name(\"Wireshark Security Updates(wnpa-sec-2020-08)-MACOSX\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to denial of service vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists due to error in handling\n of the 'BACapp' dissector.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this vulnerability\n will allow remote attackers to crash the Wireshark.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, 2.6.0 to 2.6.16 on Macosx.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 3.2.4, 3.0.11, 2.6.17\n Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-08\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_mandatory_keys(\"Wireshark/MacOSX/Version\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nwireVer = infos['version'];\nwirePath = infos['location'];\n\nif(version_in_range(version:wireVer, test_version:\"3.2.0\", test_version2:\"3.2.3\")){\n fix = \"3.2.4\";\n}\n\nelse if(version_in_range(version:wireVer, test_version:\"3.0.0\", test_version2:\"3.0.10\")){\n fix = \"3.0.11\";\n}\n\nelse if(version_in_range(version:wireVer, test_version:\"2.6.0\", test_version2:\"2.6.16\")){\n fix = \"2.6.17\";\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:wireVer, fixed_version:fix, install_path:wirePath);\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-05T15:22:42", "description": "This host is installed with Wireshark\n and is prone to denial of service vulnerability.", "cvss3": {}, "published": "2020-05-28T00:00:00", "type": "openvas", "title": "Wireshark Security Update(wnpa-sec-2020-08)-Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11647"], "modified": "2020-06-04T00:00:00", "id": "OPENVAS:1361412562310817031", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310817031", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.817031\");\n script_version(\"2020-06-04T07:12:28+0000\");\n script_cve_id(\"CVE-2020-11647\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 07:12:28 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-28 12:46:29 +0530 (Thu, 28 May 2020)\");\n script_name(\"Wireshark Security Update(wnpa-sec-2020-08)-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to denial of service vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists due to error in handling\n of the 'BACapp' dissector.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerability will allow remote attackers crash the wireshark\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, 2.6.0 to 2.6.16 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 3.2.4, 3.0.11, 2.6.17\n Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-08\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nwireVer = infos['version'];\nwirePath = infos['location'];\n\nif(version_in_range(version:wireVer, test_version:\"3.2.0\", test_version2:\"3.2.3\")){\n fix = \"3.2.4\";\n}\n\nelse if(version_in_range(version:wireVer, test_version:\"3.0.0\", test_version2:\"3.0.10\")){\n fix = \"3.0.11\";\n}\n\nelse if(version_in_range(version:wireVer, test_version:\"2.6.0\", test_version2:\"2.6.16\")){\n fix = \"2.6.17\";\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:wireVer, fixed_version:fix, install_path:wirePath);\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-05T16:34:29", "description": "This host is installed with Wireshark\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2020-03-03T00:00:00", "type": "openvas", "title": "Wireshark Security Updates (wnpa-sec-2020-06) MACOSX", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-9429"], "modified": "2020-03-03T00:00:00", "id": "OPENVAS:1361412562310815784", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815784", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815784\");\n script_version(\"2020-03-03T12:05:12+0000\");\n script_cve_id(\"CVE-2020-9429\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-03 12:05:12 +0000 (Tue, 03 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-03 15:24:32 +0530 (Tue, 03 Mar 2020)\");\n script_name(\"Wireshark Security Updates (wnpa-sec-2020-06) MACOSX\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists in epan/dissectors/packet-wireguard.c\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation allows remote attackers\n to crash Wireshark by injecting a malformed packet onto the wire or by convincing\n someone to read a malformed packet trace file.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 3.2.0 to 3.2.1 on Macosx.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 3.2.2 or later. Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-06\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_mandatory_keys(\"Wireshark/MacOSX/Version\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\n\nwirversion = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:wirversion, test_version:\"3.2.0\", test_version2:\"3.2.1\"))\n{\n report = report_fixed_ver(installed_version:wirversion, fixed_version:\"3.2.2\");\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-05T16:34:29", "description": "This host is installed with Wireshark\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2020-03-03T00:00:00", "type": "openvas", "title": "Wireshark Security Updates (wnpa-sec-2020-06) Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-9429"], "modified": "2020-03-03T00:00:00", "id": "OPENVAS:1361412562310815783", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815783", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815783\");\n script_version(\"2020-03-03T12:05:12+0000\");\n script_cve_id(\"CVE-2020-9429\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-03 12:05:12 +0000 (Tue, 03 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-03 15:04:41 +0530 (Tue, 03 Mar 2020)\");\n script_name(\"Wireshark Security Updates (wnpa-sec-2020-06) Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists in epan/dissectors/packet-wireguard.c\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation allows remote attackers\n to crash Wireshark by injecting a malformed packet onto the wire or by convincing\n someone to read a malformed packet trace file.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 3.2.0 to 3.2.1\n on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 3.2.2 or later. Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-06\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nwirversion = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:wirversion, test_version:\"3.2.0\", test_version2:\"3.2.1\"))\n{\n report = report_fixed_ver(installed_version:wirversion, fixed_version:\"3.2.2\");\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-10T17:38:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-06-07T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for wireshark (FEDORA-2020-4f5588cf97)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13164"], "modified": "2020-06-09T00:00:00", "id": "OPENVAS:1361412562310877944", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877944", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877944\");\n script_version(\"2020-06-09T07:30:09+0000\");\n script_cve_id(\"CVE-2020-13164\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 07:30:09 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-07 03:28:11 +0000 (Sun, 07 Jun 2020)\");\n script_name(\"Fedora: Security Advisory for wireshark (FEDORA-2020-4f5588cf97)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC32\");\n\n script_xref(name:\"FEDORA\", value:\"2020-4f5588cf97\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5UOISPQTRCZGQLKBVXEDL72AEXEHS425\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the FEDORA-2020-4f5588cf97 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Wireshark allows you to examine protocol data stored in files or as it is\ncaptured from wired or wireless (WiFi or Bluetooth) networks, USB devices,\nand many other sources. It supports dozens of protocol capture file formats\nand understands more than a thousand protocols.\n\nIt has many powerful features including a rich display filter language\nand the ability to reassemble multiple protocol packets in order to, for\nexample, view a complete TCP stream, save the contents of a file which was\ntransferred over HTTP or CIFS, or play back an RTP audio stream.\");\n\n script_tag(name:\"affected\", value:\"'wireshark' package(s) on Fedora 32.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC32\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~3.2.4~1.fc32\", rls:\"FC32\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-10T17:40:05", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-06-07T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for wireshark (FEDORA-2020-ca3d3f15f0)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13164"], "modified": "2020-06-09T00:00:00", "id": "OPENVAS:1361412562310877927", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877927", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877927\");\n script_version(\"2020-06-09T07:30:09+0000\");\n script_cve_id(\"CVE-2020-13164\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 07:30:09 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-07 03:27:58 +0000 (Sun, 07 Jun 2020)\");\n script_name(\"Fedora: Security Advisory for wireshark (FEDORA-2020-ca3d3f15f0)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2020-ca3d3f15f0\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DNV3EYL4JBWCR22TJO3PH7ADUVS5RWSU\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the FEDORA-2020-ca3d3f15f0 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Wireshark allows you to examine protocol data stored in files or as it is\ncaptured from wired or wireless (WiFi or Bluetooth) networks, USB devices,\nand many other sources. It supports dozens of protocol capture file formats\nand understands more than a thousand protocols.\n\nIt has many powerful features including a rich display filter language\nand the ability to reassemble multiple protocol packets in order to, for\nexample, view a complete TCP stream, save the contents of a file which was\ntransferred over HTTP or CIFS, or play back an RTP audio stream.\");\n\n script_tag(name:\"affected\", value:\"'wireshark' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~3.2.4~1.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-23T14:37:53", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-03-20T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for wireshark (openSUSE-SU-2020:0362-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19627", "CVE-2018-11354", "CVE-2019-16319", "CVE-2018-12086", "CVE-2019-9208", "CVE-2018-14339", "CVE-2019-5719", "CVE-2018-19626", "CVE-2018-18227", "CVE-2018-11357", "CVE-2019-10896", "CVE-2019-5718", "CVE-2019-10899", "CVE-2018-14343", "CVE-2018-14367", "CVE-2018-11359", "CVE-2018-11361", "CVE-2020-9431", "CVE-2018-11358", "CVE-2018-19625", "CVE-2018-19622", "CVE-2018-19628", "CVE-2018-18225", "CVE-2018-11362", "CVE-2018-18226", "CVE-2019-19553", "CVE-2020-9428", "CVE-2019-10894", "CVE-2018-14341", "CVE-2019-5717", "CVE-2019-10902", "CVE-2020-9429", "CVE-2018-14344", "CVE-2019-10895", "CVE-2019-9214", "CVE-2018-11360", "CVE-2018-16056", "CVE-2019-10901", "CVE-2018-16057", "CVE-2019-13619", "CVE-2018-14369", "CVE-2018-19623", "CVE-2020-7044", "CVE-2018-19624", "CVE-2018-14370", "CVE-2018-16058", "CVE-2019-10897", "CVE-2018-14342", "CVE-2019-5716", "CVE-2018-14368", "CVE-2018-11356", "CVE-2020-9430", "CVE-2019-10898", "CVE-2019-5721", "CVE-2018-14340", "CVE-2019-10903", "CVE-2019-10900", "CVE-2018-11355", "CVE-2019-9209"], "modified": "2020-03-20T00:00:00", "id": "OPENVAS:1361412562310853075", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310853075", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.853075\");\n script_version(\"2020-03-20T06:19:59+0000\");\n script_cve_id(\"CVE-2018-11354\", \"CVE-2018-11355\", \"CVE-2018-11356\", \"CVE-2018-11357\", \"CVE-2018-11358\", \"CVE-2018-11359\", \"CVE-2018-11360\", \"CVE-2018-11361\", \"CVE-2018-11362\", \"CVE-2018-12086\", \"CVE-2018-14339\", \"CVE-2018-14340\", \"CVE-2018-14341\", \"CVE-2018-14342\", \"CVE-2018-14343\", \"CVE-2018-14344\", \"CVE-2018-14367\", \"CVE-2018-14368\", \"CVE-2018-14369\", \"CVE-2018-14370\", \"CVE-2018-16056\", \"CVE-2018-16057\", \"CVE-2018-16058\", \"CVE-2018-18225\", \"CVE-2018-18226\", \"CVE-2018-18227\", \"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\", \"CVE-2018-19628\", \"CVE-2019-10894\", \"CVE-2019-10895\", \"CVE-2019-10896\", \"CVE-2019-10897\", \"CVE-2019-10898\", \"CVE-2019-10899\", \"CVE-2019-10900\", \"CVE-2019-10901\", \"CVE-2019-10902\", \"CVE-2019-10903\", \"CVE-2019-13619\", \"CVE-2019-16319\", \"CVE-2019-19553\", \"CVE-2019-5716\", \"CVE-2019-5717\", \"CVE-2019-5718\", \"CVE-2019-5719\", \"CVE-2019-5721\", \"CVE-2019-9208\", \"CVE-2019-9209\", \"CVE-2019-9214\", \"CVE-2020-7044\", \"CVE-2020-9428\", \"CVE-2020-9429\", \"CVE-2020-9430\", \"CVE-2020-9431\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-03-20 06:19:59 +0000 (Fri, 20 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-20 04:00:44 +0000 (Fri, 20 Mar 2020)\");\n script_name(\"openSUSE: Security Advisory for wireshark (openSUSE-SU-2020:0362-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2020:0362-1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the openSUSE-SU-2020:0362-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for wireshark and libmaxminddb fixes the following issues:\n\n Update wireshark to new major version 3.2.2 and introduce libmaxminddb for\n GeoIP support (bsc#1156288).\n\n New features include:\n\n - Added support for 111 new protocols, including WireGuard, LoRaWAN, TPM\n 2.0, 802.11ax and QUIC\n\n - Improved support for existing protocols, like HTTP/2\n\n - Improved analytics and usability functionalities\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-362=1\");\n\n script_tag(name:\"affected\", value:\"'wireshark' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libmaxminddb-debugsource\", rpm:\"libmaxminddb-debugsource~1.4.2~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libmaxminddb-devel\", rpm:\"libmaxminddb-devel~1.4.2~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libmaxminddb0\", rpm:\"libmaxminddb0~1.4.2~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libmaxminddb0-debuginfo\", rpm:\"libmaxminddb0-debuginfo~1.4.2~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libspandsp2\", rpm:\"libspandsp2~0.0.6~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libspandsp2-debuginfo\", rpm:\"libspandsp2-debuginfo~0.0.6~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwireshark13\", rpm:\"libwireshark13~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwireshark13-debuginfo\", rpm:\"libwireshark13-debuginfo~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwiretap10\", rpm:\"libwiretap10~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwiretap10-debuginfo\", rpm:\"libwiretap10-debuginfo~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwsutil11\", rpm:\"libwsutil11~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwsutil11-debuginfo\", rpm:\"libwsutil11-debuginfo~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mmdblookup\", rpm:\"mmdblookup~1.4.2~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mmdblookup-debuginfo\", rpm:\"mmdblookup-debuginfo~1.4.2~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"spandsp-debugsource\", rpm:\"spandsp-debugsource~0.0.6~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"spandsp-devel\", rpm:\"spandsp-devel~0.0.6~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-debugsource\", rpm:\"wireshark-debugsource~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-devel\", rpm:\"wireshark-devel~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-ui-qt\", rpm:\"wireshark-ui-qt~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-ui-qt-debuginfo\", rpm:\"wireshark-ui-qt-debuginfo~3.2.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"spandsp-doc\", rpm:\"spandsp-doc~0.0.6~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libmaxminddb0-32bit\", rpm:\"libmaxminddb0-32bit~1.4.2~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libmaxminddb0-32bit-debuginfo\", rpm:\"libmaxminddb0-32bit-debuginfo~1.4.2~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libspandsp2-32bit\", rpm:\"libspandsp2-32bit~0.0.6~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libspandsp2-32bit-debuginfo\", rpm:\"libspandsp2-32bit-debuginfo~0.0.6~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "fedora": [{"lastseen": "2021-07-28T14:46:51", "description": "Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich display filter language and the ability to reassemble multiple protocol packets in order to, for example, view a complete TCP stream, save the contents of a file which was transferred over HTTP or CIFS, or play back an RTP audio stream. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-25T02:36:18", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: wireshark-3.2.3-1.fc32", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-7044", "CVE-2020-9428", "CVE-2020-9430", "CVE-2020-9431"], "modified": "2020-04-25T02:36:18", "id": "FEDORA:5E28360F98E0", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/DZBICEY2HGSNQ3RPBLMDDYVAHGOGS4E2/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich display filter language and the ability to reassemble multiple protocol packets in order to, for example, view a complete TCP stream, save the contents of a file which was transferred over HTTP or CIFS, or play back an RTP audio stream. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-25T02:43:31", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: wireshark-3.2.3-1.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-7044", "CVE-2020-9428", "CVE-2020-9430", "CVE-2020-9431"], "modified": "2020-04-25T02:43:31", "id": "FEDORA:3E30B6331A26", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XN2GMGLT5XND7U34WX3O23WKUZ7JHMVN/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich display filter language and the ability to reassemble multiple protocol packets in order to, for example, view a complete TCP stream, save the contents of a file which was transferred over HTTP or CIFS, or play back an RTP audio stream. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-25T03:02:44", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: wireshark-3.2.3-1.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-7044", "CVE-2020-9428", "CVE-2020-9430", "CVE-2020-9431"], "modified": "2020-04-25T03:02:44", "id": "FEDORA:EC9736361C63", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JDVMBCADP73TBISYCS6ARKOSNNJOGXXZ/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich display filter language and the ability to reassemble multiple protocol packets in order to, for example, view a complete TCP stream, save the contents of a file which was transferred over HTTP or CIFS, or play back an RTP audio stream. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-05-30T01:56:04", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: wireshark-3.2.4-1.fc32", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13164"], "modified": "2020-05-30T01:56:04", "id": "FEDORA:B2B1C63CD072", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/5UOISPQTRCZGQLKBVXEDL72AEXEHS425/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich display filter language and the ability to reassemble multiple protocol packets in order to, for example, view a complete TCP stream, save the contents of a file which was transferred over HTTP or CIFS, or play back an RTP audio stream. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-05-31T03:58:26", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: wireshark-3.2.4-1.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13164"], "modified": "2020-05-31T03:58:26", "id": "FEDORA:A4555604E7EE", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/DNV3EYL4JBWCR22TJO3PH7ADUVS5RWSU/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "altlinux": [{"lastseen": "2022-06-10T03:04:55", "description": "3.0.9-alt1 built March 24, 2020 Anton Farygin in task [#247751](<https://git.altlinux.org/tasks/247751/>) \n--- \nMarch 12, 2020 Anton Farygin \n \n \n - 3.0.9\n - fixes:\n * LTE RRC dissector could leak memory. CVE-2020-9431\n * WiMax DLMAP dissector could crash. CVE-2020-9430\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-03-24T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 9 package wireshark version 3.0.9-alt1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9430", "CVE-2020-9431"], "modified": "2020-03-24T00:00:00", "id": "0E65D26679FEE3D2692DABD466820CDB", "href": "https://packages.altlinux.org/en/p9/srpms/wireshark/2512802536617961175", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-10T03:04:55", "description": "3.2.4-alt1 built May 27, 2020 Anton Farygin in task [#252237](<https://git.altlinux.org/tasks/252237/>) \n--- \nMay 25, 2020 Anton Farygin \n \n \n - 3.2.4\n - fixes:\n * the NFS dissector could crash. CVE-2020-13164\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-05-27T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 9 package wireshark version 3.2.4-alt1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13164"], "modified": "2020-05-27T00:00:00", "id": "EEDCCD69307BBF0C0D9328D2783B5A32", "href": "https://packages.altlinux.org/en/p9/srpms/wireshark/2535763768968968595", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2022-01-05T02:31:15", "description": "- -------------------------------------------------------------------------\nDebian LTS Advisory DLA-2547-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Adrian Bunk\nFebruary 06, 2021 https://wiki.debian.org/LTS\n- -------------------------------------------------------------------------\n\nPackage : wireshark\nVersion : 2.6.20-0+deb9u1\nCVE ID : CVE-2019-13619 CVE-2019-16319 CVE-2019-19553 CVE-2020-7045\n CVE-2020-9428 CVE-2020-9430 CVE-2020-9431 CVE-2020-11647\n CVE-2020-13164 CVE-2020-15466 CVE-2020-25862 CVE-2020-25863\n CVE-2020-26418 CVE-2020-26421 CVE-2020-26575 CVE-2020-28030\nDebian Bug : 958213 974688 974689\n\nSeveral vulnerabilities were fixed in Wireshark, a network sniffer.\n\nCVE-2019-13619\n\n ASN.1 BER and related dissectors crash.\n\nCVE-2019-16319\n\n The Gryphon dissector could go into an infinite loop.\n\nCVE-2019-19553\n\n The CMS dissector could crash.\n\nCVE-2020-7045\n\n The BT ATT dissector could crash.\n\nCVE-2020-9428\n\n The EAP dissector could crash.\n\nCVE-2020-9430\n\n The WiMax DLMAP dissector could crash.\n\nCVE-2020-9431\n\n The LTE RRC dissector could leak memory.\n\nCVE-2020-11647\n\n The BACapp dissector could crash.\n\nCVE-2020-13164\n\n The NFS dissector could crash.\n\nCVE-2020-15466\n\n The GVCP dissector could go into an infinite loop.\n\nCVE-2020-25862\n\n The TCP dissector could crash.\n\nCVE-2020-25863\n\n The MIME Multipart dissector could crash.\n\nCVE-2020-26418\n\n Memory leak in the Kafka protocol dissector.\n\nCVE-2020-26421\n\n Crash in USB HID protocol dissector.\n\nCVE-2020-26575\n\n The Facebook Zero Protocol (aka FBZERO) dissector\n could enter an infinite loop.\n\nCVE-2020-28030\n\n The GQUIC dissector could crash.\n\nFor Debian 9 stretch, these problems have been fixed in version\n2.6.20-0+deb9u1.\n\nWe recommend that you upgrade your wireshark packages.\n\nFor the detailed security status of wireshark please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/wireshark\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-02-06T20:32:39", "type": "debian", "title": "[SECURITY] [DLA 2547-1] wireshark security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13619", "CVE-2019-16319", "CVE-2019-19553", "CVE-2020-11647", "CVE-2020-13164", "CVE-2020-15466", "CVE-2020-25862", "CVE-2020-25863", "CVE-2020-26418", "CVE-2020-26421", "CVE-2020-26575", "CVE-2020-28030", "CVE-2020-7045", "CVE-2020-9428", "CVE-2020-9430", "CVE-2020-9431"], "modified": "2021-02-06T20:32:39", "id": "DEBIAN:DLA-2547-1:C57F2", "href": "https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "osv": [{"lastseen": "2022-08-05T05:19:04", "description": "\nSeveral vulnerabilities were fixed in Wireshark, a network sniffer.\n\n\n* [CVE-2019-13619](https://security-tracker.debian.org/tracker/CVE-2019-13619)\nASN.1 BER and related dissectors crash\n* [CVE-2019-16319](https://security-tracker.debian.org/tracker/CVE-2019-16319)\nThe Gryphon dissector could go into an infinite loop.\n* [CVE-2019-19553](https://security-tracker.debian.org/tracker/CVE-2019-19553)\nThe CMS dissector could crash.\n* [CVE-2020-7045](https://security-tracker.debian.org/tracker/CVE-2020-7045)\nThe BT ATT dissector could crash.\n* [CVE-2020-9428](https://security-tracker.debian.org/tracker/CVE-2020-9428)\nThe EAP dissector could crash.\n* [CVE-2020-9430](https://security-tracker.debian.org/tracker/CVE-2020-9430)\nThe WiMax DLMAP dissector could crash.\n* [CVE-2020-9431](https://security-tracker.debian.org/tracker/CVE-2020-9431)\nThe LTE RRC dissector could leak memory.\n* [CVE-2020-11647](https://security-tracker.debian.org/tracker/CVE-2020-11647)\nThe BACapp dissector could crash.\n* [CVE-2020-13164](https://security-tracker.debian.org/tracker/CVE-2020-13164)\nThe NFS dissector could crash.\n* [CVE-2020-15466](https://security-tracker.debian.org/tracker/CVE-2020-15466)\nThe GVCP dissector could go into an infinite loop.\n* [CVE-2020-25862](https://security-tracker.debian.org/tracker/CVE-2020-25862)\nThe TCP dissector could crash.\n* [CVE-2020-25863](https://security-tracker.debian.org/tracker/CVE-2020-25863)\nThe MIME Multipart dissector could crash.\n* [CVE-2020-26418](https://security-tracker.debian.org/tracker/CVE-2020-26418)\nMemory leak in the Kafka protocol dissector.\n* [CVE-2020-26421](https://security-tracker.debian.org/tracker/CVE-2020-26421)\nCrash in USB HID protocol dissector.\n* [CVE-2020-26575](https://security-tracker.debian.org/tracker/CVE-2020-26575)\nThe Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop.\n* [CVE-2020-28030](https://security-tracker.debian.org/tracker/CVE-2020-28030)\nThe GQUIC dissector could crash.\n\n\nFor Debian 9 stretch, these problems have been fixed in version\n2.6.20-0+deb9u1.\n\n\nWe recommend that you upgrade your wireshark packages.\n\n\nFor the detailed security status of wireshark please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/wireshark>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-02-06T00:00:00", "type": "osv", "title": "wireshark - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12295", "CVE-2019-13619", "CVE-2019-16319", "CVE-2019-19553", "CVE-2020-11647", "CVE-2020-13164", "CVE-2020-15466", "CVE-2020-25862", "CVE-2020-25863", "CVE-2020-26418", "CVE-2020-26421", "CVE-2020-26575", "CVE-2020-28030", "CVE-2020-7045", "CVE-2020-9428", "CVE-2020-9430", "CVE-2020-9431"], "modified": "2022-08-05T05:19:01", "id": "OSV:DLA-2547-1", "href": "https://osv.dev/vulnerability/DLA-2547-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "veracode": [{"lastseen": "2022-07-26T16:41:08", "description": "Wireshark is vulnerable to denial of service (DoS). The BACapp dissector could crash due to a flaw in the epan/dissectors/packet-bacapp.c since it does not limit the amount of recursion.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-08-06T21:27:54", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11647"], "modified": "2021-02-07T01:40:18", "id": "VERACODE:26064", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-26064/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-26T16:40:24", "description": "wireshark is vulnerable to denial of service. An infinite loop in the GVCP dissector results in an denial of service condition.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-09-07T02:58:12", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15466"], "modified": "2021-02-07T01:40:32", "id": "VERACODE:26644", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-26644/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-26T16:40:05", "description": "wireshark is vulnerable to denial of service (DoS). The vulnerability exists as the LTE RRC dissector could leak memory through append operations.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-09-24T10:28:58", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9431"], "modified": "2021-02-07T01:41:54", "id": "VERACODE:27204", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-27204/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-26T16:41:16", "description": "Wireshark is vulnerable to denial of service. An attacker is able to crash the NFS dissector by causing excessive recursion.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-08-06T21:40:38", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13164"], "modified": "2021-02-07T01:40:20", "id": "VERACODE:26280", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-26280/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-26T16:39:51", "description": "Wireshark is vulnerable to denial of service. The WiMax DLMAP dissector could crash due to a flaw in plugins/epan/wimax/msg_dlmap.c which misses validation of a length field.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-09-24T10:28:57", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9430"], "modified": "2021-02-07T01:41:53", "id": "VERACODE:27203", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-27203/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-26T16:39:57", "description": "Wireshark is vulnerable to denial of service. An attacker is able to crash the EAP dissector due to insecure `sscanf` parsing.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-09-24T10:29:39", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9428"], "modified": "2021-02-07T01:41:53", "id": "VERACODE:27211", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-27211/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "Updated wireshark packages fix security vulnerability: The BACapp dissector could crash (CVE-2020-11647). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-15T10:12:14", "type": "mageia", "title": "Updated wireshark packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11647"], "modified": "2020-04-15T10:12:14", "id": "MGASA-2020-0172", "href": "https://advisories.mageia.org/MGASA-2020-0172.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "archlinux": [{"lastseen": "2021-07-28T14:33:58", "description": "Arch Linux Security Advisory ASA-202004-10\n==========================================\n\nSeverity: Critical\nDate : 2020-04-09\nCVE-ID : CVE-2020-11647\nPackage : wireshark-cli\nType : arbitrary code execution\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1129\n\nSummary\n=======\n\nThe package wireshark-cli before version 3.2.3-1 is vulnerable to\narbitrary code execution.\n\nResolution\n==========\n\nUpgrade to 3.2.3-1.\n\n# pacman -Syu \"wireshark-cli>=3.2.3-1\"\n\nThe problem has been fixed upstream in version 3.2.3.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\nA stack overflow has been found in the fAbstractSyntaxNType function of\nthe BACApp dissector of Wireshark versions prior to 3.2.3, which could\nbe triggered by injecting a malformed packet onto the wire or by\nconvincing someone to read a malformed packet trace file.\n\nImpact\n======\n\nA remote attacker might be able to execute arbitrary code or crash\nwireshark via a crafted network packet or a capture file.\n\nReferences\n==========\n\nhttps://www.wireshark.org/security/wnpa-sec-2020-07\nhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16474\nhttps://security.archlinux.org/CVE-2020-11647", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-09T00:00:00", "type": "archlinux", "title": "[ASA-202004-10] wireshark-cli: arbitrary code execution", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11647"], "modified": "2020-04-09T00:00:00", "id": "ASA-202004-10", "href": "https://security.archlinux.org/ASA-202004-10", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:33:58", "description": "Arch Linux Security Advisory ASA-202007-2\n=========================================\n\nSeverity: Low\nDate : 2020-07-18\nCVE-ID : CVE-2020-15466\nPackage : wireshark-cli\nType : denial of service\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1198\n\nSummary\n=======\n\nThe package wireshark-cli before version 3.2.5-1 is vulnerable to\ndenial of service.\n\nResolution\n==========\n\nUpgrade to 3.2.5-1.\n\n# pacman -Syu \"wireshark-cli>=3.2.5-1\"\n\nThe problem has been fixed upstream in version 3.2.5.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\nAn infinite loop has been found in the GVCP dissector of Wireshark\nbefore 3.2.5. It may be possible to make Wireshark consume excessive\nCPU resources by injecting a malformed packet onto the wire or by\nconvincing someone to read a malformed packet trace file.\n\nImpact\n======\n\nA remote attacker is able use specially crafted packets to perform a\ndenial of service attack.\n\nReferences\n==========\n\nhttps://www.wireshark.org/security/wnpa-sec-2020-09\nhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16029\nhttps://code.wireshark.org/review/#/c/37618/\nhttps://security.archlinux.org/CVE-2020-15466", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-07-18T00:00:00", "type": "archlinux", "title": "[ASA-202007-2] wireshark-cli: denial of service", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15466"], "modified": "2020-07-18T00:00:00", "id": "ASA-202007-2", "href": "https://security.archlinux.org/ASA-202007-2", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntucve": [{"lastseen": "2022-08-04T13:30:22", "description": "In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the\nBACapp dissector could crash. This was addressed in\nepan/dissectors/packet-bacapp.c by limiting the amount of recursion.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-10T00:00:00", "type": "ubuntucve", "title": "CVE-2020-11647", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11647"], "modified": "2020-04-10T00:00:00", "id": "UB:CVE-2020-11647", "href": "https://ubuntu.com/security/CVE-2020-11647", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T13:27:57", "description": "In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite\nloop. This was addressed in epan/dissectors/packet-gvcp.c by ensuring that\nan offset increases in all situations.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-07-05T00:00:00", "type": "ubuntucve", "title": "CVE-2020-15466", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15466"], "modified": "2020-07-05T00:00:00", "id": "UB:CVE-2020-15466", "href": "https://ubuntu.com/security/CVE-2020-15466", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T13:31:20", "description": "In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was\naddressed in epan/dissectors/packet-wireguard.c by handling the situation\nwhere a certain data structure intentionally has a NULL value.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-02-27T00:00:00", "type": "ubuntucve", "title": "CVE-2020-9429", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9429"], "modified": "2020-02-27T00:00:00", "id": "UB:CVE-2020-9429", "href": "https://ubuntu.com/security/CVE-2020-9429", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T13:31:19", "description": "In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE\nRRC dissector could leak memory. This was addressed in\nepan/dissectors/packet-lte-rrc.c by adjusting certain append operations.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-02-27T00:00:00", "type": "ubuntucve", "title": "CVE-2020-9431", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9431"], "modified": "2020-02-27T00:00:00", "id": "UB:CVE-2020-9431", "href": "https://ubuntu.com/security/CVE-2020-9431", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T13:29:13", "description": "In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS\ndissector could crash. This was addressed in epan/dissectors/packet-nfs.c\nby preventing excessive recursion, such as for a cycle in the directory\ngraph on a filesystem.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-05-19T00:00:00", "type": "ubuntucve", "title": "CVE-2020-13164", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13164"], "modified": "2020-05-19T00:00:00", "id": "UB:CVE-2020-13164", "href": "https://ubuntu.com/security/CVE-2020-13164", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T13:31:20", "description": "In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax\nDLMAP dissector could crash. This was addressed in\nplugins/epan/wimax/msg_dlmap.c by validating a length field.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-02-27T00:00:00", "type": "ubuntucve", "title": "CVE-2020-9430", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9430"], "modified": "2020-02-27T00:00:00", "id": "UB:CVE-2020-9430", "href": "https://ubuntu.com/security/CVE-2020-9430", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T13:31:20", "description": "In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP\ndissector could crash. This was addressed in epan/dissectors/packet-eap.c\nby using more careful sscanf parsing.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-02-27T00:00:00", "type": "ubuntucve", "title": "CVE-2020-9428", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9428"], "modified": "2020-02-27T00:00:00", "id": "UB:CVE-2020-9428", "href": "https://ubuntu.com/security/CVE-2020-9428", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2022-03-23T12:20:11", "description": "In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was addressed in epan/dissectors/packet-bacapp.c by limiting the amount of recursion.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-10T21:15:00", "type": "cve", "title": "CVE-2020-11647", "cwe": ["CWE-674"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11647"], "modified": "2021-07-21T11:39:00", "cpe": ["cpe:/a:wireshark:wireshark:2.6.15", "cpe:/o:opensuse:leap:15.1", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:opensuse:leap:15.2", "cpe:/a:wireshark:wireshark:3.2.2", "cpe:/a:wireshark:wireshark:3.0.9"], "id": "CVE-2020-11647", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-11647", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.6.15:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T13:48:23", "description": "In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gvcp.c by ensuring that an offset increases in all situations.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-07-05T11:15:00", "type": "cve", "title": "CVE-2020-15466", "cwe": ["CWE-835"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15466"], "modified": "2021-02-10T20:16:00", "cpe": ["cpe:/o:opensuse:leap:15.1", "cpe:/o:opensuse:leap:15.2", "cpe:/a:wireshark:wireshark:3.2.4", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2020-15466", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15466", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T19:07:23", "description": "In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-02-27T23:15:00", "type": "cve", "title": "CVE-2020-9429", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9429"], "modified": "2021-12-30T21:08:00", "cpe": ["cpe:/o:opensuse:leap:15.1", "cpe:/a:wireshark:wireshark:3.2.1"], "id": "CVE-2020-9429", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9429", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:3.2.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T19:07:25", "description": "In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operations.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-02-27T23:15:00", "type": "cve", "title": "CVE-2020-9431", "cwe": ["CWE-401"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9431"], "modified": "2021-07-21T11:39:00", "cpe": ["cpe:/a:wireshark:wireshark:3.2.1", "cpe:/a:wireshark:wireshark:2.6.14", "cpe:/o:fedoraproject:fedora:32", "cpe:/o:opensuse:leap:15.1", "cpe:/a:wireshark:wireshark:3.0.8", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:fedoraproject:fedora:30", "cpe:/o:fedoraproject:fedora:31"], "id": "CVE-2020-9431", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9431", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.6.14:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:3.2.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:43:57", "description": "In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory graph on a filesystem.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-05-19T22:15:00", "type": "cve", "title": "CVE-2020-13164", "cwe": ["CWE-674"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13164"], "modified": "2021-07-21T11:39:00", "cpe": ["cpe:/o:fedoraproject:fedora:32", "cpe:/a:wireshark:wireshark:3.2.3", "cpe:/o:opensuse:leap:15.1", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:opensuse:leap:15.2", "cpe:/o:fedoraproject:fedora:31", "cpe:/a:wireshark:wireshark:2.6.16", "cpe:/a:wireshark:wireshark:3.0.10"], "id": "CVE-2020-13164", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-13164", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.6.16:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:3.2.3:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T19:07:23", "description": "In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msg_dlmap.c by validating a length field.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-02-27T23:15:00", "type": "cve", "title": "CVE-2020-9430", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9430"], "modified": "2021-02-09T18:47:00", "cpe": ["cpe:/a:wireshark:wireshark:3.2.1", "cpe:/a:wireshark:wireshark:2.6.14", "cpe:/o:fedoraproject:fedora:32", "cpe:/o:opensuse:leap:15.1", "cpe:/a:wireshark:wireshark:3.0.8", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:fedoraproject:fedora:30", "cpe:/o:fedoraproject:fedora:31"], "id": "CVE-2020-9430", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9430", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.6.14:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:3.2.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T19:07:23", "description": "In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-02-27T23:15:00", "type": "cve", "title": "CVE-2020-9428", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9428"], "modified": "2021-07-21T11:39:00", "cpe": ["cpe:/a:wireshark:wireshark:3.2.1", "cpe:/a:wireshark:wireshark:2.6.14", "cpe:/o:fedoraproject:fedora:32", "cpe:/o:opensuse:leap:15.1", "cpe:/a:wireshark:wireshark:3.0.8", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:fedoraproject:fedora:30", "cpe:/o:fedoraproject:fedora:31"], "id": "CVE-2020-9428", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9428", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.6.14:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:3.2.1:*:*:*:*:*:*:*"]}], "redhatcve": [{"lastseen": "2022-07-07T17:41:26", "description": "In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was addressed in epan/dissectors/packet-bacapp.c by limiting the amount of recursion.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-15T13:33:39", "type": "redhatcve", "title": "CVE-2020-11647", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11647"], "modified": "2022-07-07T12:30:26", "id": "RH:CVE-2020-11647", "href": "https://access.redhat.com/security/cve/cve-2020-11647", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-07T17:38:54", "description": "In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gvcp.c by ensuring that an offset increases in all situations.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-07-14T18:45:00", "type": "redhatcve", "title": "CVE-2020-15466", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15466"], "modified": "2022-07-07T12:48:35", "id": "RH:CVE-2020-15466", "href": "https://access.redhat.com/security/cve/cve-2020-15466", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-07T17:41:55", "description": "In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-28T11:09:52", "type": "redhatcve", "title": "CVE-2020-9429", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9429"], "modified": "2022-07-07T14:54:48", "id": "RH:CVE-2020-9429", "href": "https://access.redhat.com/security/cve/cve-2020-9429", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-07T17:41:57", "description": "A memory leak was discovered in Wireshark in the LTE RRC dissector. This issue allows an attacker to trigger the flaw by injecting special packets onto the wire or by convincing a victim user into opening a malformed packet trace file.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-03-24T17:01:24", "type": "redhatcve", "title": "CVE-2020-9431", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9431"], "modified": "2022-07-07T14:54:52", "id": "RH:CVE-2020-9431", "href": "https://access.redhat.com/security/cve/cve-2020-9431", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-07T17:41:23", "description": "In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory graph on a filesystem.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-05-25T19:56:31", "type": "redhatcve", "title": "CVE-2020-13164", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13164"], "modified": "2022-07-07T12:35:56", "id": "RH:CVE-2020-13164", "href": "https://access.redhat.com/security/cve/cve-2020-13164", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-07T17:41:57", "description": "An out-of-bounds read was discovered in Wireshark when processing WiMax packets. An attacker can trigger the flaw by injecting special packets onto the wire or by convincing a victim user into opening a malformed packet trace file.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-03-24T17:01:32", "type": "redhatcve", "title": "CVE-2020-9430", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9430"], "modified": "2022-07-07T14:54:48", "id": "RH:CVE-2020-9430", "href": "https://access.redhat.com/security/cve/cve-2020-9430", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-07T17:41:57", "description": "An out-of-bounds read was discovered in Wireshark in the EAP dissector. An attacker can trigger the flaw by injecting special packets onto the wire or by convincing a victim user into opening a malformed packet trace file.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-03-24T17:01:23", "type": "redhatcve", "title": "CVE-2020-9428", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9428"], "modified": "2022-07-07T14:54:46", "id": "RH:CVE-2020-9428", "href": "https://access.redhat.com/security/cve/cve-2020-9428", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2022-07-31T06:02:29", "description": "In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was addressed in epan/dissectors/packet-bacapp.c by limiting the amount of recursion.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-10T21:15:00", "type": "debiancve", "title": "CVE-2020-11647", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11647"], "modified": "2020-04-10T21:15:00", "id": "DEBIANCVE:CVE-2020-11647", "href": "https://security-tracker.debian.org/tracker/CVE-2020-11647", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-31T06:02:29", "description": "In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gvcp.c by ensuring that an offset increases in all situations.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-07-05T11:15:00", "type": "debiancve", "title": "CVE-2020-15466", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15466"], "modified": "2020-07-05T11:15:00", "id": "DEBIANCVE:CVE-2020-15466", "href": "https://security-tracker.debian.org/tracker/CVE-2020-15466", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-31T06:02:29", "description": "In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-02-27T23:15:00", "type": "debiancve", "title": "CVE-2020-9429", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9429"], "modified": "2020-02-27T23:15:00", "id": "DEBIANCVE:CVE-2020-9429", "href": "https://security-tracker.debian.org/tracker/CVE-2020-9429", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-31T06:02:29", "description": "In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operations.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-02-27T23:15:00", "type": "debiancve", "title": "CVE-2020-9431", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9431"], "modified": "2020-02-27T23:15:00", "id": "DEBIANCVE:CVE-2020-9431", "href": "https://security-tracker.debian.org/tracker/CVE-2020-9431", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-31T06:02:29", "description": "In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory graph on a filesystem.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-05-19T22:15:00", "type": "debiancve", "title": "CVE-2020-13164", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13164"], "modified": "2020-05-19T22:15:00", "id": "DEBIANCVE:CVE-2020-13164", "href": "https://security-tracker.debian.org/tracker/CVE-2020-13164", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-31T06:02:29", "description": "In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msg_dlmap.c by validating a length field.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-02-27T23:15:00", "type": "debiancve", "title": "CVE-2020-9430", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9430"], "modified": "2020-02-27T23:15:00", "id": "DEBIANCVE:CVE-2020-9430", "href": "https://security-tracker.debian.org/tracker/CVE-2020-9430", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-31T06:02:29", "description": "In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-02-27T23:15:00", "type": "debiancve", "title": "CVE-2020-9428", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9428"], "modified": "2020-02-27T23:15:00", "id": "DEBIANCVE:CVE-2020-9428", "href": "https://security-tracker.debian.org/tracker/CVE-2020-9428", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "attackerkb": [{"lastseen": "2021-07-20T20:15:06", "description": "In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gvcp.c by ensuring that an offset increases in all situations.\n\n \n**Recent assessments:** \n \n**M4ximuss** at July 12, 2020 1:32am UTC reported:\n\nThis is a denial of service condition against unpatched Wireshark clients for Windows. From Wireshark website \u201cIt may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\u201d In other words, the worst case scenario is you crash Wireshark, and the user simply has to restart the client.\n\nSolution is to upgrade to Wireshark 3.2.5 or later.\n\nAssessed Attacker Value: 1 \nAssessed Attacker Value: 1Assessed Attacker Value: 2\n", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-07-05T00:00:00", "type": "attackerkb", "title": "CVE-2020-15466", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15466"], "modified": "2020-08-28T00:00:00", "id": "AKB:0F7C99DD-A482-4BC0-980E-6B103DECD87D", "href": "https://attackerkb.com/topics/0Mp7dRDEwp/cve-2020-15466", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}]}
GLSA-202007-13 : Wireshark: Multiple vulnerabilities
