MiracleLinux 3 : wireshark-1.0.15-6.0.1.AXS3 (AXSA:2014-231:01)

🗓️ 16 Jan 2026 00:00:00Reported by TenableType

MiracleLinux 3 Wireshark fixes CVEs to prevent denial of service.

Reporter	Title	Published	Views	Family All 493
0day.today	Wireshark 1.8.12/1.10.5 wiretap/mpeg.c Stack Buffer Overflow	26 Apr 201400:00	–	zdt
Amazon	Medium: wireshark	2 Dec 201300:00	–	amazon
Amazon	Medium: wireshark	25 Apr 201400:00	–	amazon
Tenable Nessus	Amazon Linux AMI : wireshark (ALAS-2013-251)	10 Dec 201300:00	–	nessus
Tenable Nessus	Amazon Linux AMI : wireshark (ALAS-2014-330)	12 Oct 201400:00	–	nessus
Tenable Nessus	CentOS 6 : wireshark (CESA-2013:1569)	12 Nov 201400:00	–	nessus
Tenable Nessus	CentOS 5 : wireshark (CESA-2014:0341)	1 Apr 201400:00	–	nessus
Tenable Nessus	CentOS 6 : wireshark (CESA-2014:0342)	1 Apr 201400:00	–	nessus
Tenable Nessus	Debian DLA-497-1 : wireshark security update	1 Jun 201600:00	–	nessus
Tenable Nessus	Debian DSA-2700-1 : wireshark - several vulnerabilities	3 Jun 201300:00	–	nessus

Source	Link
tsn	www.tsn.miraclelinux.com/en/node/4667
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2014-231:01.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(289260);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/02/10");

  script_cve_id(
    "CVE-2012-6056",
    "CVE-2012-6060",
    "CVE-2012-6061",
    "CVE-2012-6062",
    "CVE-2013-3557",
    "CVE-2013-3559",
    "CVE-2013-4081",
    "CVE-2013-4083",
    "CVE-2013-4927",
    "CVE-2013-4931",
    "CVE-2013-4932",
    "CVE-2013-4933",
    "CVE-2013-4934",
    "CVE-2013-4935",
    "CVE-2013-5721",
    "CVE-2013-7112",
    "CVE-2014-2281",
    "CVE-2014-2299"
  );

  script_name(english:"MiracleLinux 3 : wireshark-1.0.15-6.0.1.AXS3 (AXSA:2014-231:01)");

  script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the
AXSA:2014-231:01 advisory.

    Wireshark is a network traffic analyzer for Unix-ish operating systems.
    This package lays base for libpcap, a packet capture and filtering library, contains command-line
    utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged
    separately to GTK+ package.
    Security issues fixed with this release:
     CVE-2012-6056
    Integer overflow in the dissect_sack_chunk function in epan/dissectors/packet-sctp.c in the SCTP dissector
    in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a
    crafted Duplicate TSN count.
     CVE-2012-6060
     Integer overflow in the dissect_iscsi_pdu function in epan/dissectors/packet-iscsi.c in the iSCSI
    dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a
    denial of service (infinite loop) via a malformed packet.
     CVE-2012-6061
     The dissect_wtp_common function in epan/dissectors/packet-wtp.c in the WTP dissector in Wireshark 1.6.x
    before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data type for a certain length field, which allows
    remote attackers to cause a denial of service (integer overflow and infinite loop) via a crafted value in
    a packet.
     CVE-2012-6062
     The dissect_rtcp_app function in epan/dissectors/packet-rtcp.c in the RTCP dissector in Wireshark 1.6.x
    before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop)
    via a crafted packet.
     CVE-2013-3557
     The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark
    1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows
    remote attackers to cause a denial of service (application crash) via a malformed packet.
     CVE-2013-3559
     epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses
    incorrect integer data types, which allows remote attackers to cause a denial of service (integer
    overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed
    packet.
     CVE-2013-4081
     The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in
    Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive
    approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted
    packet.
     CVE-2013-4083
    The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x
    before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which
    allows remote attackers to cause a denial of service (application crash) via a crafted packet.
     CVE-2013-4927
    Integer signedness error in the get_type_length function in epan/dissectors/packet-btsdp.c in the
    Bluetooth SDP dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers
    to cause a denial of service (loop and CPU consumption) via a crafted packet.
     CVE-2013-4931
     epan/proto.c in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a
    denial of service (loop) via a crafted packet that is not properly handled by the GSM RR dissector.
     CVE-2013-4932
     Multiple array index errors in epan/dissectors/packet-gsm_a_common.c in the GSM A Common dissector in
    Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allow remote attackers to cause a denial of service
    (application crash) via a crafted packet.
     CVE-2013-4933
     The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9
    and 1.10.x before 1.10.1 does not properly allocate memory, which allows remote attackers to cause a
    denial of service (application crash) via a crafted packet-trace file.
     CVE-2013-4934
     The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9
    and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote attackers to
    cause a denial of service (application crash) via a crafted packet-trace file.
     CVE-2013-4935
    The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in
    Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain
    abnormal situations, which allows remote attackers to cause a denial of service (application crash) via a
    crafted packet.
     CVE-2013-5721
     The dissect_mq_rr function in epan/dissectors/packet-mq.c in the MQ dissector in Wireshark 1.8.x before
    1.8.10 and 1.10.x before 1.10.2 does not properly determine when to enter a certain loop, which allows
    remote attackers to cause a denial of service (application crash) via a crafted packet.
     CVE-2013-7112
    The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x
    before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to
    cause a denial of service (infinite loop) via a crafted packet.
     CVE-2014-2281
     The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark
    1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote
    attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.
     CVE-2014-2299
    Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before
    1.8.13 and 1.10.x before 1.10.6 allows remote attackers to execute arbitrary code or cause a denial of
    service (application crash) via a large record in MPEG data.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/4667");
  script_set_attribute(attribute:"solution", value:
"Update the affected wireshark and / or wireshark-gnome packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-2299");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Wireshark wiretap/mpeg.c Stack Buffer Overflow');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"vendor_severity", value:"High");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/11/28");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/04/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/16");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:wireshark");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:wireshark-gnome");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:3");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Miracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^3([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 3.x', 'MIRACLE LINUX ' + os_version);

if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);

var constraints = [
  {
    'release': '3',
    'pkgs': [
      {'reference':'wireshark-1.0.15-6.0.1.AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'wireshark-gnome-1.0.15-6.0.1.AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}
if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'wireshark / wireshark-gnome');
}

10 Feb 2026 00:00Current

7.2High risk

Vulners AI Score7.2

CVSS 29.3

EPSS0.6692