Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 Tenable Network Security, Inc.MANDRIVA_MDVSA-2014-050.NASL
HistoryMar 11, 2014 - 12:00 a.m.

Mandriva Linux Security Advisory : wireshark (MDVSA-2014:050)

2014-03-1100:00:00
This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.
www.tenable.com
13
JSON

Multiple vulnerabilities was found and corrected in Wireshark :

  • The NFS dissector could crash. Discovered by Moshe Kaplan (CVE-2014-2281).

  • The RLC dissector could crash (CVE-2014-2283).

  • The MPEG file parser could overflow a buffer. Discovered by Wesley Neelen (CVE-2014-2299).

This advisory provides the latest version of Wireshark (1.8.13) which is not vulnerable to these issues.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandriva Linux Security Advisory MDVSA-2014:050. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(72921);
  script_version("1.18");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2014-2281", "CVE-2014-2283", "CVE-2014-2299");
  script_bugtraq_id(66066, 66068, 66072);
  script_xref(name:"MDVSA", value:"2014:050");

  script_name(english:"Mandriva Linux Security Advisory : wireshark (MDVSA-2014:050)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandriva Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Multiple vulnerabilities was found and corrected in Wireshark :

  - The NFS dissector could crash. Discovered by Moshe
    Kaplan (CVE-2014-2281).

  - The RLC dissector could crash (CVE-2014-2283).

  - The MPEG file parser could overflow a buffer. Discovered
    by Wesley Neelen (CVE-2014-2299).

This advisory provides the latest version of Wireshark (1.8.13) which
is not vulnerable to these issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.wireshark.org/security/wnpa-sec-2014-01.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.wireshark.org/security/wnpa-sec-2014-03.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.wireshark.org/security/wnpa-sec-2014-04.html"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Wireshark wiretap/mpeg.c Stack Buffer Overflow');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:dumpcap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64wireshark-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64wireshark2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rawshark");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tshark");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:wireshark");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:wireshark-tools");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1");

  script_set_attribute(attribute:"patch_publication_date", value:"2014/03/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/03/11");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"dumpcap-1.8.13-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64wireshark-devel-1.8.13-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64wireshark2-1.8.13-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"rawshark-1.8.13-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"tshark-1.8.13-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"wireshark-1.8.13-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"wireshark-tools-1.8.13-1.mbs1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
mandrivalinuxdumpcapp-cpe:/a:mandriva:linux:dumpcap
mandrivalinuxlib64wireshark-develp-cpe:/a:mandriva:linux:lib64wireshark-devel
mandrivalinuxlib64wireshark2p-cpe:/a:mandriva:linux:lib64wireshark2
mandrivalinuxrawsharkp-cpe:/a:mandriva:linux:rawshark
mandrivalinuxtsharkp-cpe:/a:mandriva:linux:tshark
mandrivalinuxwiresharkp-cpe:/a:mandriva:linux:wireshark
mandrivalinuxwireshark-toolsp-cpe:/a:mandriva:linux:wireshark-tools
mandrivabusiness_server1cpe:/o:mandriva:business_server:1

Related

securityvulns 2
openvas 23
nessus 18
mageia 2
osv 1
debian 1
fedora 2
gentoo 1
prion 3
packetstorm 1
debiancve 3
seebug 4
cve 3
checkpoint_advisories 1
zdt 1
kaspersky 1
ubuntucve 3
veracode 9
oraclelinux 2
amazon 1
redhat 2
centos 2
exploitdb 1
securityvulns
securityvulns
[ MDVSA-2014:050 ] wireshark
2014-03-13 00:00:00
Wireshark multiple security vulnerabilities
2014-03-13 00:00:00
openvas
openvas
Wireshark Denial of Service and Code Execution Vulnerabilities-01 (Mar 2014) - Mac OS X
2014-03-14 00:00:00
Mageia: Security Advisory (MGASA-2014-0125)
2022-01-28 00:00:00
Wireshark Denial of Service and Code Execution Vulnerabilities-01 (Mar 2014) - Windows
2014-03-14 00:00:00
nessus
nessus
Debian DSA-2871-1 : wireshark - several vulnerabilities
2014-03-11 00:00:00
Wireshark 1.8.x < 1.8.13 Multiple Vulnerabilities
2014-03-11 00:00:00
Fedora 19 : wireshark-1.10.6-1.fc19 (2014-3696)
2014-03-19 00:00:00
mageia
mageia
Updated wireshark packages fix multiple vulnerabilies
2014-03-09 01:43:28
Updated wireshark packages fix multiple vulnerabilies
2014-03-09 01:44:35
osv
osv
wireshark - several
2014-03-10 00:00:00
debian
debian
[SECURITY] [DSA 2871-1] wireshark security update
2014-03-10 14:55:52
fedora
fedora
[SECURITY] Fedora 19 Update: wireshark-1.10.6-1.fc19
2014-03-18 08:16:20
[SECURITY] Fedora 20 Update: wireshark-1.10.6-1.fc20
2014-03-18 08:13:56
gentoo
gentoo
Wireshark: Multiple vulnerabilities
2014-06-29 00:00:00
prion
prion
Memory corruption
2014-03-11 13:01:00
Buffer overflow
2014-03-11 13:01:00
Design/Logic Flaw
2014-03-11 13:01:00
packetstorm
packetstorm
Wireshark 1.8.12/1.10.5 wiretap/mpeg.c Stack Buffer Overflow
2014-04-25 00:00:00
debiancve
debiancve
CVE-2014-2299
2014-03-11 13:01:00
CVE-2014-2281
2014-03-11 13:01:00
CVE-2014-2283
2014-03-11 13:01:00
seebug
seebug
Wireshark NFS Dissectorζ‹’η»ζœεŠ‘ζΌζ΄ž
2014-03-21 00:00:00
Wireshark <= 1.8.12/1.10.5 wiretap/mpeg.c Stack Buffer Overflow
2014-07-01 00:00:00
Wireshark MPEG File Parser 'wiretap/mpeg.c'ηΌ“ε†²εŒΊζΊ’ε‡ΊζΌζ΄ž
2014-03-21 00:00:00
cve
cve
CVE-2014-2281
2014-03-11 13:01:00
CVE-2014-2299
2014-03-11 13:01:00
CVE-2014-2283
2014-03-11 13:01:00
checkpoint_advisories
checkpoint_advisories
Wireshark MPEG File Parser Stack Buffer Overflow (CVE-2014-2299)
2014-06-02 00:00:00
zdt
zdt
Wireshark 1.8.12/1.10.5 wiretap/mpeg.c Stack Buffer Overflow
2014-04-26 00:00:00
kaspersky
kaspersky
KLA10588 Multiple vulnerabilities in Wireshark
2014-03-07 00:00:00
ubuntucve
ubuntucve
CVE-2014-2299
2014-03-11 00:00:00
CVE-2014-2281
2014-03-11 00:00:00
CVE-2014-2283
2014-03-11 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-16 01:23:07
Denial Of Service (DoS)
2019-05-02 05:02:02
Denial Of Service (DoS)
2019-05-02 05:02:03
oraclelinux
oraclelinux
wireshark security update
2014-03-31 00:00:00
wireshark security update
2014-03-31 00:00:00
amazon
amazon
Medium: wireshark
2014-04-25 15:57:00
redhat
redhat
(RHSA-2014:0342) Moderate: wireshark security update
2014-03-31 00:00:00
(RHSA-2014:0341) Moderate: wireshark security update
2014-03-31 00:00:00
centos
centos
wireshark security update
2014-03-31 18:13:23
wireshark security update
2014-03-31 17:51:37
exploitdb
exploitdb
Wireshark 1.8.12/1.10.5 - wiretap/mpeg.c Stack Buffer Overflow (Metasploit)
2014-04-28 00:00:00
JSON
Related for MANDRIVA_MDVSA-2014-050.NASL
securityvulns2openvas23nessus18mageia2osv1debian1fedora2gentoo1prion3packetstorm1debiancve3seebug4cve3checkpoint_advisories1zdt1kaspersky1ubuntucve3veracode9oraclelinux2amazon1redhat2centos2exploitdb1