A number of vulnerabilities in the Wireshark program were found that could cause crashes, excessive looping, or arbitrary code execution.
This update provides Wireshark 0.99.7 which is not vulnerable to these issues.
An updated version of libsmi is also being provided, not because of security issues, but because this version of wireshark uses it instead of net-snmp for SNMP support.
Update :
This update is being reissued without libcap (kernel capabilities) support, as that is not required by the original released packages, and thus gave trouble for a number of users.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Mandriva Linux Security Advisory MDVSA-2008:001.
# The text itself is copyright (C) Mandriva S.A.
#
if (NASL_LEVEL < 3000) exit(0);
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(36583);
script_version("1.14");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2007-6111", "CVE-2007-6112", "CVE-2007-6113", "CVE-2007-6114", "CVE-2007-6115", "CVE-2007-6116", "CVE-2007-6117", "CVE-2007-6118", "CVE-2007-6119", "CVE-2007-6120", "CVE-2007-6121", "CVE-2007-6438", "CVE-2007-6439", "CVE-2007-6441", "CVE-2007-6450", "CVE-2007-6451");
script_xref(name:"MDVSA", value:"2008:001-1");
script_name(english:"Mandriva Linux Security Advisory : wireshark (MDVSA-2008:001-1)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Mandriva Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"A number of vulnerabilities in the Wireshark program were found that
could cause crashes, excessive looping, or arbitrary code execution.
This update provides Wireshark 0.99.7 which is not vulnerable to these
issues.
An updated version of libsmi is also being provided, not because of
security issues, but because this version of wireshark uses it instead
of net-snmp for SNMP support.
Update :
This update is being reissued without libcap (kernel capabilities)
support, as that is not required by the original released packages,
and thus gave trouble for a number of users."
);
script_set_attribute(
attribute:"see_also",
value:"http://www.wireshark.org/security/wnpa-sec-2007-03.html"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_cwe_id(20, 119, 189, 264, 399);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64wireshark-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64wireshark0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libwireshark-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libwireshark0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tshark");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:wireshark");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:wireshark-tools");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007.1");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0");
script_set_attribute(attribute:"patch_publication_date", value:"2008/01/08");
script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/23");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.");
script_family(english:"Mandriva Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
flag = 0;
if (rpm_check(release:"MDK2007.0", cpu:"x86_64", reference:"lib64wireshark0-0.99.7-0.2mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.0", cpu:"i386", reference:"libwireshark0-0.99.7-0.2mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.0", reference:"tshark-0.99.7-0.2mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.0", reference:"wireshark-0.99.7-0.2mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.0", reference:"wireshark-tools-0.99.7-0.2mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.1", cpu:"x86_64", reference:"lib64wireshark0-0.99.7-0.2mdv2007.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"libwireshark0-0.99.7-0.2mdv2007.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.1", reference:"tshark-0.99.7-0.2mdv2007.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.1", reference:"wireshark-0.99.7-0.2mdv2007.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.1", reference:"wireshark-tools-0.99.7-0.2mdv2007.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64wireshark-devel-0.99.7-0.2mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64wireshark0-0.99.7-0.2mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libwireshark-devel-0.99.7-0.2mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libwireshark0-0.99.7-0.2mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"tshark-0.99.7-0.2mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"wireshark-0.99.7-0.2mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"wireshark-tools-0.99.7-0.2mdv2008.0", yank:"mdv")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Vendor | Product | Version | CPE |
---|---|---|---|
mandriva | linux | lib64wireshark-devel | p-cpe:/a:mandriva:linux:lib64wireshark-devel |
mandriva | linux | lib64wireshark0 | p-cpe:/a:mandriva:linux:lib64wireshark0 |
mandriva | linux | libwireshark-devel | p-cpe:/a:mandriva:linux:libwireshark-devel |
mandriva | linux | libwireshark0 | p-cpe:/a:mandriva:linux:libwireshark0 |
mandriva | linux | tshark | p-cpe:/a:mandriva:linux:tshark |
mandriva | linux | wireshark | p-cpe:/a:mandriva:linux:wireshark |
mandriva | linux | wireshark-tools | p-cpe:/a:mandriva:linux:wireshark-tools |
mandriva | linux | 2007 | cpe:/o:mandriva:linux:2007 |
mandriva | linux | 2007.1 | cpe:/o:mandriva:linux:2007.1 |
mandriva | linux | 2008.0 | cpe:/o:mandriva:linux:2008.0 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6111
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6112
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6113
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6114
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6115
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6116
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6117
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6118
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6119
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6120
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6121
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6438
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6439
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6441
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6450
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6451
www.wireshark.org/security/wnpa-sec-2007-03.html