MiracleLinux 7 : wireshark-1.10.14-7.el7 (AXSA:2015-660:01)

🗓️ 16 Jan 2026 00:00:00Reported by TenableType

MiracleLinux 7 Wireshark update fixes vulnerabilities 2014-8710 to 2014-8714.

Reporter	Title	Published	Views	Family All 473
IBM Security Bulletins	Security Bulletin: Multiple packages as used in IBM Security QRadar Packet Capture are vulnerable to various security issues.	28 Oct 202017:16	–	ibm
FreeBSD	wireshark -- multiple vulnerabilities	12 Aug 201500:00	–	freebsd
FreeBSD	wireshark -- multiple vulnerabilities	12 May 201500:00	–	freebsd
Amazon	Medium: wireshark	17 Aug 201500:00	–	amazon
Amazon	Medium: wireshark	4 Apr 201700:00	–	amazon
Tenable Nessus	Amazon Linux AMI : wireshark (ALAS-2015-580)	18 Aug 201500:00	–	nessus
Tenable Nessus	Amazon Linux AMI : wireshark (ALAS-2017-813)	5 Apr 201700:00	–	nessus
Tenable Nessus	CentOS 6 : wireshark (CESA-2015:1460)	28 Jul 201500:00	–	nessus
Tenable Nessus	CentOS 7 : wireshark (CESA-2015:2393)	2 Dec 201500:00	–	nessus
Tenable Nessus	CentOS 6 : wireshark (CESA-2017:0631)	27 Mar 201700:00	–	nessus

Source	Link
tsn	www.tsn.miraclelinux.com/en/node/6044
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2015-660:01.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(289991);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/16");

  script_cve_id(
    "CVE-2014-8710",
    "CVE-2014-8711",
    "CVE-2014-8712",
    "CVE-2014-8713",
    "CVE-2014-8714",
    "CVE-2015-0562",
    "CVE-2015-0563",
    "CVE-2015-0564",
    "CVE-2015-2188",
    "CVE-2015-2189",
    "CVE-2015-2191",
    "CVE-2015-3182",
    "CVE-2015-3810",
    "CVE-2015-3811",
    "CVE-2015-3812",
    "CVE-2015-3813",
    "CVE-2015-6243",
    "CVE-2015-6244",
    "CVE-2015-6245",
    "CVE-2015-6246",
    "CVE-2015-6248"
  );

  script_name(english:"MiracleLinux 7 : wireshark-1.10.14-7.el7 (AXSA:2015-660:01)");

  script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the
AXSA:2015-660:01 advisory.

    Wireshark is a network traffic analyzer for Unix-ish operating systems.
    This package lays base for libpcap, a packet capture and filtering
    library, contains command-line utilities, contains plugins and
    documentation for wireshark. A graphical user interface is packaged
    separately to GTK  package.
    Security issues fixed with this release:
    CVE-2014-8710
    The decompress_sigcomp_message function in epan/sigcomp-udvm.c in the
    SigComp UDVM dissector in Wireshark 1.10.x before 1.10.11 allows
    remote attackers to cause a denial of service (buffer over-read and
    application crash) via a crafted packet.
    CVE-2014-8711
    Multiple integer overflows in epan/dissectors/packet-amqp.c in the
    AMQP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before
    1.12.2 allow remote attackers to cause a denial of service
    (application crash) via a crafted amqp_0_10 PDU in a packet.
    CVE-2014-8712
    The build_expert_data function in epan/dissectors/packet-ncp2222.inc
    in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x
    before 1.12.2 does not properly initialize a data structure, which
    allows remote attackers to cause a denial of service (application
    crash) via a crafted packet.
    CVE-2014-8713
    Stack-based buffer overflow in the build_expert_data function in
    epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark
    1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers
    to cause a denial of service (application crash) via a crafted packet.
    CVE-2014-8714
    The dissect_write_structured_field function in
    epan/dissectors/packet-tn5250.c in the TN5250 dissector in Wireshark
    1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers
    to cause a denial of service (infinite loop) via a crafted packet.
    CVE-2015-0562
    Multiple use-after-free vulnerabilities in
    epan/dissectors/packet-dec-dnart.c in the DEC DNA Routing Protocol
    dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3
    allow remote attackers to cause a denial of service (application
    crash) via a crafted packet, related to the use of packet-scope memory
    instead of pinfo-scope memory.
    CVE-2015-0563
    epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark
    1.10.x before 1.10.12 and 1.12.x before 1.12.3 uses an incorrect
    length value for certain string-append operations, which allows remote
    attackers to cause a denial of service (application crash) via a
    crafted packet.
    CVE-2015-0564
    Buffer underflow in the ssl_decrypt_record function in
    epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12
    and 1.12.x before 1.12.3 allows remote attackers to cause a denial of
    service (application crash) via a crafted packet that is improperly
    handled during decryption of an SSL session.
    CVE-2015-2188
    epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x
    before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a
    data structure, which allows remote attackers to cause a denial of
    service (out-of-bounds read and application crash) via a crafted
    packet that is improperly handled during decompression.
    CVE-2015-2189
    Off-by-one error in the pcapng_read function in wiretap/pcapng.c in
    the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x
    before 1.12.4 allows remote attackers to cause a denial of service
    (out-of-bounds read and application crash) via an invalid Interface
    Statistics Block (ISB) interface ID in a crafted packet.
    CVE-2015-2191
    Integer overflow in the dissect_tnef function in
    epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark
    1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers
    to cause a denial of service (infinite loop) via a crafted length
    field in a packet.
    CVE-2015-3182
    ** RESERVED **
    This candidate has been reserved by an organization or individual that
    will use it when announcing a new security problem.  When the
    candidate has been publicized, the details for this candidate will be
    provided.
    CVE-2015-3810
    epan/dissectors/packet-websocket.c in the WebSocket dissector in
    Wireshark 1.12.x before 1.12.5 uses a recursive algorithm, which
    allows remote attackers to cause a denial of service (CPU consumption)
    via a crafted packet.
    CVE-2015-3811
    epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x
    before 1.10.14 and 1.12.x before 1.12.5 improperly refers to
    previously processed bytes, which allows remote attackers to cause a
    denial of service (application crash) via a crafted packet, a
    different vulnerability than CVE-2015-2188.
    CVE-2015-3812
    Multiple memory leaks in the x11_init_protocol function in
    epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x
    before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to
    cause a denial of service (memory consumption) via a crafted packet.
    CVE-2015-3813
    The fragment_add_work function in epan/reassemble.c in the
    packet-reassembly feature in Wireshark 1.12.x before 1.12.5 does not
    properly determine the defragmentation state in a case of an
    insufficient snapshot length, which allows remote attackers to cause a
    denial of service (memory consumption) via a crafted packet.
    CVE-2015-6243
    The dissector-table implementation in epan/packet.c in Wireshark
    1.12.x before 1.12.7 mishandles table searches for empty strings,
    which allows remote attackers to cause a denial of service
    (application crash) via a crafted packet, related to the (1)
    dissector_get_string_handle and (2)
    dissector_get_default_string_handle functions.
    CVE-2015-6244
    The dissect_zbee_secure function in
    epan/dissectors/packet-zbee-security.c in the ZigBee dissector in
    Wireshark 1.12.x before 1.12.7 improperly relies on length fields
    contained in packet data, which allows remote attackers to cause a
    denial of service (application crash) via a crafted packet.
    CVE-2015-6245
    epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC/MAC dissector in
    Wireshark 1.12.x before 1.12.7 uses incorrect integer data types,
    which allows remote attackers to cause a denial of service (infinite
    loop) via a crafted packet.
    CVE-2015-6246
    The dissect_wa_payload function in epan/dissectors/packet-waveagent.c
    in the WaveAgent dissector in Wireshark 1.12.x before 1.12.7
    mishandles large tag values, which allows remote attackers to cause a
    denial of service (application crash) via a crafted packet.
    CVE-2015-6248
    The ptvcursor_add function in the ptvcursor implementation in
    epan/proto.c in Wireshark 1.12.x before 1.12.7 does not check whether
    the expected amount of data is available, which allows remote
    attackers to cause a denial of service (application crash) via a
    crafted packet.
    Fixed bugs:
    * Prior to this update, when using the tshark utility to capture packets over the interface, tshark failed
    to create output files in the .pcap format even if it was specified using the -F option. This bug has
    been fixed, the -F option is now honored, and the result saved in the .pcap format as expected.
    Enhancements:
    * Previously, wireshark included only microseconds in the .pcapng format. With this update, wireshark
    supports nanosecond time stamp precision to allow for more accurate time stamps.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/6044");
  script_set_attribute(attribute:"solution", value:
"Update the affected wireshark and / or wireshark-gnome packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-3812");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2015-3182");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_severity", value:"Moderate");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/11/12");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/11/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/16");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:wireshark");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:wireshark-gnome");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:7");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Miracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^7([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 7.x', 'MIRACLE LINUX ' + os_version);

if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);

var constraints = [
  {
    'release': '7',
    'pkgs': [
      {'reference':'wireshark-1.10.14-7.el7', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'wireshark-1.10.14-7.el7', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'wireshark-gnome-1.10.14-7.el7', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}
if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'wireshark / wireshark-gnome');
}

16 Jan 2026 00:00Current

6.7Medium risk

Vulners AI Score6.7

CVSS 27.8

CVSS 35.5

EPSS0.03569