Lucene search
This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SL_20071107_WIRESHARK_ON_SL5_X.NASLHistoryAug 01, 2012 - 12:00 a.m.
Scientific Linux Security Update : wireshark on SL5.x i386/x86_64
2012-08-0100:00:00
This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
Several denial of service bugs were found in Wireshark’s HTTP, iSeries, DCP ETSI, SSL, MMS, DHCP and BOOTP protocol dissectors. It was possible for Wireshark to crash or stop responding if it read a malformed packet off the network. (CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392, CVE-2007-3393)
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(60291);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2007-3389", "CVE-2007-3390", "CVE-2007-3391", "CVE-2007-3392", "CVE-2007-3393");
script_name(english:"Scientific Linux Security Update : wireshark on SL5.x i386/x86_64");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Scientific Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"Several denial of service bugs were found in Wireshark's HTTP,
iSeries, DCP ETSI, SSL, MMS, DHCP and BOOTP protocol dissectors. It
was possible for Wireshark to crash or stop responding if it read a
malformed packet off the network. (CVE-2007-3389, CVE-2007-3390,
CVE-2007-3391, CVE-2007-3392, CVE-2007-3393)"
);
# https://listserv.fnal.gov/scripts/wa.exe?A2=ind0711&L=scientific-linux-errata&T=0&P=1643
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?6ce8b00c"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected wireshark and / or wireshark-gnome packages."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_cwe_id(20);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
script_set_attribute(attribute:"patch_publication_date", value:"2007/11/07");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Scientific Linux Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
flag = 0;
if (rpm_check(release:"SL5", reference:"wireshark-0.99.6-1.el5")) flag++;
if (rpm_check(release:"SL5", reference:"wireshark-gnome-0.99.6-1.el5")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fermilab | scientific_linux | x-cpe:/o:fermilab:scientific_linux |
Related
openvas
openvas
Mandriva Update for wireshark MDKSA-2007:145 (wireshark)
2009-04-09 00:00:00
Gentoo Security Advisory GLSA 200708-12 (wireshark)
2008-09-24 00:00:00
Oracle: Security Advisory (ELSA-2007-0710)
2015-10-08 00:00:00
nessus
nessus
CentOS 4 : wireshark (CESA-2007:0709)
2013-06-29 00:00:00
SuSE 10 Security Update : ethereal (ZYPP Patch Number 3888)
2007-12-13 00:00:00
openSUSE 10 Security Update : ethereal (ethereal-3885)
2007-10-17 00:00:00
seebug
seebug
Wireshark多个协议处理模块远程拒绝服务漏洞
2007-06-29 00:00:00
centos
centos
wireshark security update
2007-11-15 17:20:39
libsmi, wireshark security update
2008-01-21 15:05:11
securityvulns
securityvulns
Wireshark DoS
2007-08-17 00:00:00
oraclelinux
oraclelinux
wireshark security and bug fix update
2007-11-27 00:00:00
wireshark security update
2007-11-19 00:00:00
redhat
redhat
(RHSA-2007:0709) Low: wireshark security and bug fix update
2007-11-15 00:00:00
(RHSA-2007:0710) Low: wireshark security update
2007-11-07 00:00:00
(RHSA-2008:0059) Moderate: wireshark security update
2008-01-21 00:00:00
gentoo
gentoo
Wireshark: Multiple vulnerabilities
2007-08-16 00:00:00
freebsd
freebsd
wireshark -- Multiple problems
2007-06-29 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package wireshark version 0.99.6-alt1
2007-07-06 00:00:00
osv
osv
wireshark
2007-06-27 00:00:00
debian
debian
[SECURITY] [DSA 1322-1] New wireshark packages fix denial of service
2007-06-27 20:57:25
debiancve
debiancve
prion
prion
Design/Logic Flaw
2007-06-26 00:30:00
Code injection
2007-06-26 00:30:00
Code injection
2007-06-26 00:30:00
ubuntucve
ubuntucve
cve
cve
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:15:04
Denial Of Service (DoS)
2020-04-10 00:15:04
Denial Of Service (DoS)
2020-04-10 00:15:04
Related for SL_20071107_WIRESHARK_ON_SL5_X.NASL