Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.MANDRIVA_MDVSA-2012-080.NASL
HistorySep 06, 2012 - 12:00 a.m.

Mandriva Linux Security Advisory : wireshark (MDVSA-2012:080)

2012-09-0600:00:00
This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10

3.3 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

0.016 Low

EPSS

Percentile

87.4%

JSON

Multiple vulnerabilities was found and corrected in Wireshark :

It may be possible to make Wireshark hang for long or indefinite periods by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.

It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.

This advisory provides the latest version of Wireshark (1.6.8) which is not vulnerable to these issues.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandriva Linux Security Advisory MDVSA-2012:080. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(61953);
  script_version("1.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2012-2392", "CVE-2012-2393", "CVE-2012-2394");
  script_bugtraq_id(53651, 53652, 53653);
  script_xref(name:"MDVSA", value:"2012:080");

  script_name(english:"Mandriva Linux Security Advisory : wireshark (MDVSA-2012:080)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandriva Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Multiple vulnerabilities was found and corrected in Wireshark :

It may be possible to make Wireshark hang for long or indefinite
periods by injecting a malformed packet onto the wire or by convincing
someone to read a malformed packet trace file.

It may be possible to make Wireshark crash by injecting a malformed
packet onto the wire or by convincing someone to read a malformed
packet trace file.

This advisory provides the latest version of Wireshark (1.6.8) which
is not vulnerable to these issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.wireshark.org/security/wnpa-sec-2012-08.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.wireshark.org/security/wnpa-sec-2012-09.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.wireshark.org/security/wnpa-sec-2012-10.html"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:dumpcap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64wireshark-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64wireshark1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libwireshark-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libwireshark1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rawshark");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tshark");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:wireshark");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:wireshark-tools");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2011");

  script_set_attribute(attribute:"patch_publication_date", value:"2012/05/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/09/06");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK2011", reference:"dumpcap-1.6.8-0.1-mdv2011.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2011", cpu:"x86_64", reference:"lib64wireshark-devel-1.6.8-0.1-mdv2011.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2011", cpu:"x86_64", reference:"lib64wireshark1-1.6.8-0.1-mdv2011.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2011", cpu:"i386", reference:"libwireshark-devel-1.6.8-0.1-mdv2011.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2011", cpu:"i386", reference:"libwireshark1-1.6.8-0.1-mdv2011.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2011", reference:"rawshark-1.6.8-0.1-mdv2011.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2011", reference:"tshark-1.6.8-0.1-mdv2011.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2011", reference:"wireshark-1.6.8-0.1-mdv2011.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2011", reference:"wireshark-tools-1.6.8-0.1-mdv2011.0", yank:"mdv")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());
  else security_note(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
mandrivalinuxdumpcapp-cpe:/a:mandriva:linux:dumpcap
mandrivalinuxlib64wireshark-develp-cpe:/a:mandriva:linux:lib64wireshark-devel
mandrivalinuxlib64wireshark1p-cpe:/a:mandriva:linux:lib64wireshark1
mandrivalinuxlibwireshark-develp-cpe:/a:mandriva:linux:libwireshark-devel
mandrivalinuxlibwireshark1p-cpe:/a:mandriva:linux:libwireshark1
mandrivalinuxrawsharkp-cpe:/a:mandriva:linux:rawshark
mandrivalinuxtsharkp-cpe:/a:mandriva:linux:tshark
mandrivalinuxwiresharkp-cpe:/a:mandriva:linux:wireshark
mandrivalinuxwireshark-toolsp-cpe:/a:mandriva:linux:wireshark-tools
mandrivalinux2011cpe:/o:mandriva:linux:2011

Related

openvas 17
nessus 15
fedora 1
debiancve 5
nvd 5
ubuntucve 5
cve 5
prion 5
cvelist 5
veracode 25
amazon 1
redhat 1
centos 1
oraclelinux 1
openvas
openvas
Mandriva Update for wireshark MDVSA-2012:042 (wireshark)
2012-08-03 00:00:00
Mandriva Update for wireshark MDVSA-2012:042 (wireshark)
2012-08-03 00:00:00
Mandriva Update for wireshark MDVSA-2012:015 (wireshark)
2012-08-03 00:00:00
nessus
nessus
SuSE 10 Security Update : wireshark (ZYPP Patch Number 8168)
2012-06-27 00:00:00
SuSE 11.1 Security Update : wireshark (SAT Patch Number 6381)
2013-01-25 00:00:00
openSUSE Security Update : wireshark (openSUSE-SU-2012:0657-1)
2014-06-13 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: wireshark-1.6.8-1.fc16
2012-07-10 20:56:12
debiancve
debiancve
CVE-2012-2393
2012-06-30 10:15:05
CVE-2012-2394
2012-06-30 10:15:05
CVE-2012-2392
2012-06-30 10:15:04
nvd
nvd
CVE-2012-2393
2012-06-30 10:15:05
CVE-2012-2394
2012-06-30 10:15:05
CVE-2012-2392
2012-06-30 10:15:04
ubuntucve
ubuntucve
CVE-2012-2394
2012-06-30 00:00:00
CVE-2012-2393
2012-06-30 00:00:00
CVE-2012-2392
2012-06-30 00:00:00
cve
cve
CVE-2012-2393
2012-06-30 10:15:05
CVE-2012-2394
2012-06-30 10:15:05
CVE-2012-2392
2012-06-30 10:15:04
prion
prion
Memory corruption
2012-06-30 10:15:00
Design/Logic Flaw
2012-06-30 10:15:00
Design/Logic Flaw
2012-06-30 10:15:00
cvelist
cvelist
CVE-2012-2393
2012-06-30 10:00:00
CVE-2012-2394
2012-06-30 10:00:00
CVE-2012-2392
2012-06-30 10:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:51:32
Denial Of Service (DoS)
2019-05-02 04:58:54
Denial Of Service (DoS)
2019-05-02 04:58:54
amazon
amazon
Medium: wireshark
2013-12-02 20:29:00
redhat
redhat
(RHSA-2013:1569) Moderate: wireshark security, bug fix, and enhancement update
2013-11-21 00:00:00
centos
centos
wireshark security update
2013-11-26 13:33:12
oraclelinux
oraclelinux
wireshark security, bug fix, and enhancement update
2013-11-25 00:00:00

3.3 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

0.016 Low

EPSS

Percentile

87.4%

JSON
Related for MANDRIVA_MDVSA-2012-080.NASL
openvas17nessus15fedora1debiancve5nvd5ubuntucve5cve5prion5cvelist5veracode25amazon1redhat1centos1oraclelinux1