MiracleLinux 3 : wireshark-1.0.6-2.1AXS3 (AXSA:2009-26:01)

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2009-26:01.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(283888);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/14");

  script_cve_id(
    "CVE-2008-4680",
    "CVE-2008-4681",
    "CVE-2008-4682",
    "CVE-2008-4683",
    "CVE-2008-4684",
    "CVE-2008-4685",
    "CVE-2008-5285",
    "CVE-2009-0599",
    "CVE-2009-0600"
  );

  script_name(english:"MiracleLinux 3 : wireshark-1.0.6-2.1AXS3 (AXSA:2009-26:01)");

  script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the
AXSA:2009-26:01 advisory.

    Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for
    libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and
    documentation for wireshark. A graphical user interface is packaged separately to GTK+ package.
    Fixed bugs:
    CVE-2008-4680
    packet-usb.c in the USB dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a
    denial of service (application crash or abort) via a malformed USB Request Block (URB).
    CVE-2008-4681
    Unspecified vulnerability in the Bluetooth RFCOMM dissector in Wireshark 0.99.7 through 1.0.3 allows
    remote attackers to cause a denial of service (application crash or abort) via unknown packets.
    CVE-2008-4682
    wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application
    abort) via a malformed Tamos CommView capture file (aka .ncf file) with an unknown/unexpected packet type
    that triggers a failed assertion.
    CVE-2008-4683
    The dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL dissector in Wireshark 0.99.2
    through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a
    packet with an invalid length, related to an erroneous tvb_memcpy call.
    CVE-2008-4684
    packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post
    dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain
    series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post dissector.
    CVE-2008-4685
    Use-after-free vulnerability in the dissect_q931_cause_ie function in packet-q931.c in the Q.931 dissector
    in Wireshark 0.10.3 through 1.0.3 allows remote attackers to cause a denial of service (application crash
    or abort) via certain packets that trigger an exception.
    CVE-2008-5285
    Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request,
    which triggers an infinite loop.
    CVE-2009-0599
    Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote
    attackers to cause a denial of service (application crash) via a malformed NetScreen snoop file.
    CVE-2009-0600
    Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service
    (application crash) via a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly
    one frame.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/663");
  script_set_attribute(attribute:"solution", value:
"Update the affected wireshark and / or wireshark-gnome packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2009-0599");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2008-5285");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"vendor_severity", value:"High");

  script_set_attribute(attribute:"vuln_publication_date", value:"2008/09/29");
  script_set_attribute(attribute:"patch_publication_date", value:"2009/03/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/14");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:wireshark");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:wireshark-gnome");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:3");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Miracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^3([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 3.x', 'MIRACLE LINUX ' + os_version);

if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);

var constraints = [
  {
    'release': '3',
    'pkgs': [
      {'reference':'wireshark-1.0.6-2.1AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'wireshark-gnome-1.0.6-2.1AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}
if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'wireshark / wireshark-gnome');
}