DATABASE RESOURCES PRICING ABOUT US

{"id": "SUSE_11_1_WIRESHARK-101222.NASL", "type": "nessus", "bulletinFamily": "scanner", "title": "openSUSE Security Update : wireshark (openSUSE-SU-2011:0010-1)", "description": "Wireshark version 1.4.2 fixes several security issues that allowed attackers to crash wireshark or potentially even execute arbitrary code\n\n(CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2285, CVE-2010-2286, CVE-2010-2287, CVE-2010-2992, CVE-2010-2993, CVE-2010-2994, CVE-2010-2995, CVE-2010-3445, CVE-2010-4300, CVE-2010-4301)", "published": "2011-05-05T00:00:00", "modified": "2021-01-14T00:00:00", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {}, "cvss3": {"score": null, "vector": null}, "href": "https://www.tenable.com/plugins/nessus/53689", "reporter": "This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=655448", "https://lists.opensuse.org/opensuse-updates/2011-01/msg00004.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2284", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2287", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2992", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4300", "https://bugzilla.novell.com/show_bug.cgi?id=613487", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2285", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2993", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4301", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1455", "https://bugzilla.novell.com/show_bug.cgi?id=630599", "https://bugzilla.novell.com/show_bug.cgi?id=643078", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2283", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3445", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2994", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2286", "https://bugzilla.novell.com/show_bug.cgi?id=603251", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2995"], "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2994", "CVE-2010-2995", "CVE-2010-3445", "CVE-2010-4300", "CVE-2010-4301"], "immutableFields": [], "lastseen": "2021-08-19T13:00:57", "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "centos", "idList": ["CESA-2010:0625", "CESA-2011:0370"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2015-0163", "CPAI-2015-0388"]}, {"type": "cve", "idList": ["CVE-2010-1455", "CVE-2010-1456", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2994", "CVE-2010-2995", "CVE-2010-3445", "CVE-2010-4300", "CVE-2010-4301"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2066-1:00B62", "DEBIAN:DSA-2101-1:B5D47", "DEBIAN:DSA-2127-1:52FA2", "DEBIAN:DSA-2127-1:875BB"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2010-1455", "DEBIANCVE:CVE-2010-2283", "DEBIANCVE:CVE-2010-2284", "DEBIANCVE:CVE-2010-2285", "DEBIANCVE:CVE-2010-2286", "DEBIANCVE:CVE-2010-2287", "DEBIANCVE:CVE-2010-2992", "DEBIANCVE:CVE-2010-2993", "DEBIANCVE:CVE-2010-2994", "DEBIANCVE:CVE-2010-2995", "DEBIANCVE:CVE-2010-3445", "DEBIANCVE:CVE-2010-4300", "DEBIANCVE:CVE-2010-4301"]}, {"type": "fedora", "idList": ["FEDORA:22127110B4B", "FEDORA:5ED55110E1C", "FEDORA:77FD910F9EE", "FEDORA:88AEB110B78", "FEDORA:A487811127C", "FEDORA:B6CC8110BFF", "FEDORA:C0E72110A4E", "FEDORA:C7FE910F926", "FEDORA:CBB2B1106B3"]}, {"type": "freebsd", "idList": ["28022228-5A0E-11DF-942D-0015587E2CC1", "B2EAA7C2-E64A-11DF-BC65-0022156E8794"]}, {"type": "gentoo", "idList": ["GLSA-201006-05", "GLSA-201110-02"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2010-0625.NASL", "CENTOS_RHSA-2011-0370.NASL", "DEBIAN_DSA-2066.NASL", "DEBIAN_DSA-2101.NASL", "DEBIAN_DSA-2127.NASL", "FEDORA_2010-13416.NASL", "FEDORA_2010-13427.NASL", "FEDORA_2011-0167.NASL", "FEDORA_2011-0460.NASL", "FEDORA_2011-2620.NASL", "FEDORA_2011-2632.NASL", "FEDORA_2011-2648.NASL", "FREEBSD_PKG_280222285A0E11DF942D0015587E2CC1.NASL", "FREEBSD_PKG_B2EAA7C2E64A11DFBC650022156E8794.NASL", "GENTOO_GLSA-201006-05.NASL", "GENTOO_GLSA-201110-02.NASL", "MANDRIVA_MDVSA-2010-099.NASL", "MANDRIVA_MDVSA-2010-113.NASL", "MANDRIVA_MDVSA-2010-144.NASL", "MANDRIVA_MDVSA-2010-200.NASL", "MANDRIVA_MDVSA-2010-242.NASL", "ORACLELINUX_ELSA-2010-0625.NASL", "ORACLELINUX_ELSA-2011-0370.NASL", "REDHAT-RHSA-2010-0625.NASL", "REDHAT-RHSA-2010-0924.NASL", "REDHAT-RHSA-2011-0370.NASL", "SL_20100811_WIRESHARK_ON_SL3_X.NASL", "SL_20101130_WIRESHARK_ON_SL6_X.NASL", "SL_20110321_WIRESHARK_ON_SL4_X.NASL", "SUSE_11_2_WIRESHARK-101222.NASL", "SUSE_11_3_WIRESHARK-101222.NASL", "SUSE_11_WIRESHARK-110331.NASL", "SUSE_WIRESHARK-7438.NASL", "SUSE_WIRESHARK-7439.NASL", "WIRESHARK_1_2_10.NASL", "WIRESHARK_1_2_9.NASL", "WIRESHARK_1_4_1.NASL", "WIRESHARK_1_4_2.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122214", "OPENVAS:1361412562310122284", "OPENVAS:1361412562310122329", "OPENVAS:136141256231067389", "OPENVAS:136141256231067638", "OPENVAS:136141256231067988", "OPENVAS:136141256231068494", "OPENVAS:136141256231069008", "OPENVAS:136141256231070765", "OPENVAS:1361412562310801208", "OPENVAS:1361412562310801432", "OPENVAS:1361412562310801433", "OPENVAS:1361412562310801434", "OPENVAS:1361412562310801435", "OPENVAS:1361412562310801553", "OPENVAS:1361412562310801554", "OPENVAS:1361412562310801555", "OPENVAS:1361412562310802845", "OPENVAS:1361412562310802846", "OPENVAS:1361412562310802847", "OPENVAS:1361412562310830942", "OPENVAS:1361412562310830968", "OPENVAS:1361412562310831046", "OPENVAS:1361412562310831071", "OPENVAS:1361412562310831120", "OPENVAS:1361412562310831205", "OPENVAS:1361412562310831267", "OPENVAS:1361412562310862360", "OPENVAS:1361412562310862371", "OPENVAS:1361412562310862791", "OPENVAS:1361412562310862831", "OPENVAS:1361412562310862897", "OPENVAS:1361412562310862907", "OPENVAS:1361412562310863056", "OPENVAS:1361412562310863282", "OPENVAS:1361412562310870307", "OPENVAS:1361412562310870411", "OPENVAS:1361412562310880413", "OPENVAS:1361412562310880481", "OPENVAS:1361412562310880531", "OPENVAS:1361412562310881353", "OPENVAS:1361412562310902195", "OPENVAS:1361412562310902196", "OPENVAS:1361412562310902197", "OPENVAS:1361412562310902198", "OPENVAS:1361412562310902199", "OPENVAS:67389", "OPENVAS:67638", "OPENVAS:67988", "OPENVAS:68494", "OPENVAS:69008", "OPENVAS:70765", "OPENVAS:801208", "OPENVAS:801432", "OPENVAS:801433", "OPENVAS:801434", "OPENVAS:801435", "OPENVAS:801553", "OPENVAS:801554", "OPENVAS:801555", "OPENVAS:802845", "OPENVAS:802846", "OPENVAS:802847", "OPENVAS:830942", "OPENVAS:830968", "OPENVAS:831046", "OPENVAS:831071", "OPENVAS:831120", "OPENVAS:831205", "OPENVAS:831267", "OPENVAS:862360", "OPENVAS:862371", "OPENVAS:862791", "OPENVAS:862831", "OPENVAS:862897", "OPENVAS:862907", "OPENVAS:863056", "OPENVAS:863282", "OPENVAS:870307", "OPENVAS:870411", "OPENVAS:880413", "OPENVAS:880481", "OPENVAS:880531", "OPENVAS:881353", "OPENVAS:902195", "OPENVAS:902196", "OPENVAS:902197", "OPENVAS:902198", "OPENVAS:902199"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0625", "ELSA-2011-0013", "ELSA-2011-0370"]}, {"type": "osv", "idList": ["OSV:DSA-2066-1", "OSV:DSA-2101-1", "OSV:DSA-2127-1"]}, {"type": "redhat", "idList": ["RHSA-2010:0625", "RHSA-2010:0924", "RHSA-2011:0370"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:23902", "SECURITYVULNS:DOC:24664", "SECURITYVULNS:DOC:24912", "SECURITYVULNS:VULN:10860", "SECURITYVULNS:VULN:10928", "SECURITYVULNS:VULN:11201"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2010-1455", "UB:CVE-2010-2283", "UB:CVE-2010-2284", "UB:CVE-2010-2285", "UB:CVE-2010-2286", "UB:CVE-2010-2287", "UB:CVE-2010-2992", "UB:CVE-2010-2993", "UB:CVE-2010-2994", "UB:CVE-2010-2995", "UB:CVE-2010-3445", "UB:CVE-2010-4300", "UB:CVE-2010-4301"]}, {"type": "veracode", "idList": ["VERACODE:24233", "VERACODE:24234", "VERACODE:24235", "VERACODE:24236", "VERACODE:24237", "VERACODE:24238", "VERACODE:24277", "VERACODE:24278"]}]}, "score": {"value": 0.9, "vector": "NONE"}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2010:0625", "CESA-2011:0370"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2015-0388"]}, {"type": "cve", "idList": ["CVE-2010-1455"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2101-1:B5D47"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2010-2992", "DEBIANCVE:CVE-2010-2993"]}, {"type": "fedora", "idList": ["FEDORA:C0E72110A4E"]}, {"type": "freebsd", "idList": ["28022228-5A0E-11DF-942D-0015587E2CC1", "B2EAA7C2-E64A-11DF-BC65-0022156E8794"]}, {"type": "gentoo", "idList": ["GLSA-201006-05"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/GENTOO-LINUX-CVE-2010-2992/", "MSF:ILITIES/GENTOO-LINUX-CVE-2010-2993/", "MSF:ILITIES/SUSE-CVE-2010-2992/", "MSF:ILITIES/SUSE-CVE-2010-2993/"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-2066.NASL", "DEBIAN_DSA-2101.NASL", "ORACLELINUX_ELSA-2010-0625.NASL", "SL_20110321_WIRESHARK_ON_SL4_X.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310902198", "OPENVAS:801433", "OPENVAS:801435"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-0013"]}, {"type": "redhat", "idList": ["RHSA-2010:0924"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:23902", "SECURITYVULNS:DOC:24664"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2010-2992", "UB:CVE-2010-2993"]}]}, "exploitation": null, "vulnersScore": 0.9}, "pluginID": "53689", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update wireshark-3731.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53689);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2992\", \"CVE-2010-2993\", \"CVE-2010-2994\", \"CVE-2010-2995\", \"CVE-2010-3445\", \"CVE-2010-4300\", \"CVE-2010-4301\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-SU-2011:0010-1)\");\n script_summary(english:\"Check for the wireshark-3731 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Wireshark version 1.4.2 fixes several security issues that allowed\nattackers to crash wireshark or potentially even execute arbitrary\ncode\n\n(CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2285,\nCVE-2010-2286, CVE-2010-2287, CVE-2010-2992, CVE-2010-2993,\nCVE-2010-2994, CVE-2010-2995, CVE-2010-3445, CVE-2010-4300,\nCVE-2010-4301)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=603251\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=613487\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=630599\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=643078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=655448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-01/msg00004.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/05/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"wireshark-1.4.2-1.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"wireshark-devel-1.4.2-1.1.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-devel\");\n}\n", "naslFamily": "SuSE Local Security Checks", "cpe": ["p-cpe:/a:novell:opensuse:wireshark", "p-cpe:/a:novell:opensuse:wireshark-devel", "cpe:/o:novell:opensuse:11.1"], "solution": "Update the affected wireshark packages.", "nessusSeverity": "Critical", "cvssScoreSource": "", "vpr": {"risk factor": "High", "score": "8.9"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2010-12-22T00:00:00", "vulnerabilityPublicationDate": "2010-05-12T00:00:00", "exploitableWith": [], "_state": {"dependencies": 1660004461, "score": 1659821240}, "_internal": {"score_hash": "4f9ff7e6ea772c9dd97334c8e84078e7"}}

{"nessus": [{"lastseen": "2021-08-19T13:01:00", "description": "Wireshark version 1.4.2 fixes several security issues that allowed attackers to crash wireshark or potentially even execute arbitrary code\n\n(CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2285, CVE-2010-2286, CVE-2010-2287, CVE-2010-2992, CVE-2010-2993, CVE-2010-2994, CVE-2010-2995, CVE-2010-3445, CVE-2010-4300, CVE-2010-4301)", "cvss3": {"score": null, "vector": null}, "published": "2011-05-05T00:00:00", "type": "nessus", "title": "openSUSE Security Update : wireshark (openSUSE-SU-2011:0010-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2994", "CVE-2010-2995", "CVE-2010-3445", "CVE-2010-4300", "CVE-2010-4301"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:wireshark", "p-cpe:/a:novell:opensuse:wireshark-devel", "cpe:/o:novell:opensuse:11.2"], "id": "SUSE_11_2_WIRESHARK-101222.NASL", "href": "https://www.tenable.com/plugins/nessus/53808", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update wireshark-3738.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53808);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2992\", \"CVE-2010-2993\", \"CVE-2010-2994\", \"CVE-2010-2995\", \"CVE-2010-3445\", \"CVE-2010-4300\", \"CVE-2010-4301\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-SU-2011:0010-2)\");\n script_summary(english:\"Check for the wireshark-3738 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Wireshark version 1.4.2 fixes several security issues that allowed\nattackers to crash wireshark or potentially even execute arbitrary\ncode\n\n(CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2285,\nCVE-2010-2286, CVE-2010-2287, CVE-2010-2992, CVE-2010-2993,\nCVE-2010-2994, CVE-2010-2995, CVE-2010-3445, CVE-2010-4300,\nCVE-2010-4301)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=603251\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=613487\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=630599\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=643078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=655448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-01/msg00012.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/05/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"wireshark-1.4.2-1.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"wireshark-devel-1.4.2-1.1.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-devel\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:50:09", "description": "Wireshark version 1.4.2 fixes several security issues that allowed attackers to crash wireshark or potentially even execute arbitrary code\n\n(CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2285, CVE-2010-2286, CVE-2010-2287, CVE-2010-2992, CVE-2010-2993, CVE-2010-2994, CVE-2010-2995, CVE-2010-3445, CVE-2010-4300, CVE-2010-4301)", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : wireshark (openSUSE-SU-2011:0010-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2994", "CVE-2010-2995", "CVE-2010-3445", "CVE-2010-4300", "CVE-2010-4301"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:wireshark", "p-cpe:/a:novell:opensuse:wireshark-devel", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_WIRESHARK-101222.NASL", "href": "https://www.tenable.com/plugins/nessus/75771", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update wireshark-3738.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75771);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2992\", \"CVE-2010-2993\", \"CVE-2010-2994\", \"CVE-2010-2995\", \"CVE-2010-3445\", \"CVE-2010-4300\", \"CVE-2010-4301\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-SU-2011:0010-2)\");\n script_summary(english:\"Check for the wireshark-3738 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Wireshark version 1.4.2 fixes several security issues that allowed\nattackers to crash wireshark or potentially even execute arbitrary\ncode\n\n(CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2285,\nCVE-2010-2286, CVE-2010-2287, CVE-2010-2992, CVE-2010-2993,\nCVE-2010-2994, CVE-2010-2995, CVE-2010-3445, CVE-2010-4300,\nCVE-2010-4301)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=603251\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=613487\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=630599\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=643078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=655448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-01/msg00012.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/05/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"wireshark-1.4.2-1.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"wireshark-devel-1.4.2-1.1.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-devel\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:03:10", "description": "Update to upstream version 1.2.10: * http://www.wireshark.org/docs/relnotes/wireshark-1.2.7.html * http://www.wireshark.org/docs/relnotes/wireshark-1.2.8.html * http://www.wireshark.org/docs/relnotes/wireshark-1.2.9.html * http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html fixing multiple security issues: * http://www.wireshark.org/security/wnpa-sec-2010-04.html * http://www.wireshark.org/security/wnpa-sec-2010-06.html * http://www.wireshark.org/security/wnpa-sec-2010-08.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-09-03T00:00:00", "type": "nessus", "title": "Fedora 12 : wireshark-1.2.10-1.fc12 (2010-13427)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2995"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:wireshark", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2010-13427.NASL", "href": "https://www.tenable.com/plugins/nessus/49093", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-13427.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49093);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2992\", \"CVE-2010-2993\", \"CVE-2010-2995\");\n script_xref(name:\"FEDORA\", value:\"2010-13427\");\n\n script_name(english:\"Fedora 12 : wireshark-1.2.10-1.fc12 (2010-13427)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to upstream version 1.2.10: *\nhttp://www.wireshark.org/docs/relnotes/wireshark-1.2.7.html *\nhttp://www.wireshark.org/docs/relnotes/wireshark-1.2.8.html *\nhttp://www.wireshark.org/docs/relnotes/wireshark-1.2.9.html *\nhttp://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html fixing\nmultiple security issues: *\nhttp://www.wireshark.org/security/wnpa-sec-2010-04.html *\nhttp://www.wireshark.org/security/wnpa-sec-2010-06.html *\nhttp://www.wireshark.org/security/wnpa-sec-2010-08.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.7.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.7.html\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.8.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.8.html\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.9.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.9.html\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2010-04.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2010-04.html\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2010-06.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2010-06.html\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2010-08.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2010-08.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=590613\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=604290\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=604292\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=604302\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=604308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=623843\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-September/046962.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?94fdf596\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/09/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"wireshark-1.2.10-1.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:03:31", "description": "Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nWireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal.\n\nMultiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2010-2287, CVE-2010-2995)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2286)\n\nUsers of Wireshark should upgrade to these updated packages, which contain Wireshark version 1.0.15, and resolve these issues. All running instances of Wireshark must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2010-08-24T00:00:00", "type": "nessus", "title": "CentOS 4 / 5 : wireshark (CESA-2010:0625)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2994", "CVE-2010-2995"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:wireshark", "p-cpe:/a:centos:centos:wireshark-gnome", "cpe:/o:centos:centos:4", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2010-0625.NASL", "href": "https://www.tenable.com/plugins/nessus/48409", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0625 and \n# CentOS Errata and Security Advisory 2010:0625 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48409);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2994\", \"CVE-2010-2995\");\n script_bugtraq_id(39950, 40728);\n script_xref(name:\"RHSA\", value:\"2010:0625\");\n\n script_name(english:\"CentOS 4 / 5 : wireshark (CESA-2010:0625)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated wireshark packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3, 4, and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in the Wireshark SigComp\nUniversal Decompressor Virtual Machine (UDVM) dissector. If Wireshark\nread a malformed packet off a network or opened a malicious dump file,\nit could crash or, possibly, execute arbitrary code as the user\nrunning Wireshark. (CVE-2010-2287, CVE-2010-2995)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off a\nnetwork, or opened a malicious dump file. (CVE-2010-1455,\nCVE-2010-2283, CVE-2010-2284, CVE-2010-2286)\n\nUsers of Wireshark should upgrade to these updated packages, which\ncontain Wireshark version 1.0.15, and resolve these issues. All\nrunning instances of Wireshark must be restarted for the update to\ntake effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-August/016932.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4ea3370a\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-August/016933.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?17af990f\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-August/016956.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?18b151ef\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-August/016957.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0687cae5\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/05/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"wireshark-1.0.15-1.el4_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"wireshark-1.0.15-1.el4_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"wireshark-gnome-1.0.15-1.el4_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"wireshark-gnome-1.0.15-1.el4_8.1\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"wireshark-1.0.15-1.el5_5.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"wireshark-gnome-1.0.15-1.el5_5.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-gnome\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:54:31", "description": "From Red Hat Security Advisory 2010:0625 :\n\nUpdated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nWireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal.\n\nMultiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2010-2287, CVE-2010-2995)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2286)\n\nUsers of Wireshark should upgrade to these updated packages, which contain Wireshark version 1.0.15, and resolve these issues. All running instances of Wireshark must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 3 / 4 / 5 : wireshark (ELSA-2010-0625)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2994", "CVE-2010-2995"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:wireshark", "p-cpe:/a:oracle:linux:wireshark-gnome", "cpe:/o:oracle:linux:3", "cpe:/o:oracle:linux:4", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2010-0625.NASL", "href": "https://www.tenable.com/plugins/nessus/68084", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2010:0625 and \n# Oracle Linux Security Advisory ELSA-2010-0625 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68084);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2994\", \"CVE-2010-2995\");\n script_bugtraq_id(39950, 40728);\n script_xref(name:\"RHSA\", value:\"2010:0625\");\n\n script_name(english:\"Oracle Linux 3 / 4 / 5 : wireshark (ELSA-2010-0625)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2010:0625 :\n\nUpdated wireshark packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3, 4, and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in the Wireshark SigComp\nUniversal Decompressor Virtual Machine (UDVM) dissector. If Wireshark\nread a malformed packet off a network or opened a malicious dump file,\nit could crash or, possibly, execute arbitrary code as the user\nrunning Wireshark. (CVE-2010-2287, CVE-2010-2995)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off a\nnetwork, or opened a malicious dump file. (CVE-2010-1455,\nCVE-2010-2283, CVE-2010-2284, CVE-2010-2286)\n\nUsers of Wireshark should upgrade to these updated packages, which\ncontain Wireshark version 1.0.15, and resolve these issues. All\nrunning instances of Wireshark must be restarted for the update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-August/001600.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-August/001601.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-August/001602.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/05/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3 / 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"wireshark-1.0.15-0.1.EL3.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"wireshark-1.0.15-0.1.EL3.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"wireshark-gnome-1.0.15-0.1.EL3.1\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"wireshark-gnome-1.0.15-0.1.EL3.1\")) flag++;\n\nif (rpm_check(release:\"EL4\", reference:\"wireshark-1.0.15-1.0.1.el4_8.1\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"wireshark-gnome-1.0.15-1.0.1.el4_8.1\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"wireshark-1.0.15-1.0.1.el5_5.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"wireshark-gnome-1.0.15-1.0.1.el5_5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-gnome\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:03:10", "description": "Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nWireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal.\n\nMultiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2010-2287, CVE-2010-2995)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2286)\n\nUsers of Wireshark should upgrade to these updated packages, which contain Wireshark version 1.0.15, and resolve these issues. All running instances of Wireshark must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2010-08-12T00:00:00", "type": "nessus", "title": "RHEL 3 / 4 / 5 : wireshark (RHSA-2010:0625)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2994", "CVE-2010-2995"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:wireshark", "p-cpe:/a:redhat:enterprise_linux:wireshark-gnome", "cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.8", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2010-0625.NASL", "href": "https://www.tenable.com/plugins/nessus/48314", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0625. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48314);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2994\", \"CVE-2010-2995\");\n script_bugtraq_id(39950, 40728);\n script_xref(name:\"RHSA\", value:\"2010:0625\");\n\n script_name(english:\"RHEL 3 / 4 / 5 : wireshark (RHSA-2010:0625)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated wireshark packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3, 4, and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in the Wireshark SigComp\nUniversal Decompressor Virtual Machine (UDVM) dissector. If Wireshark\nread a malformed packet off a network or opened a malicious dump file,\nit could crash or, possibly, execute arbitrary code as the user\nrunning Wireshark. (CVE-2010-2287, CVE-2010-2995)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off a\nnetwork, or opened a malicious dump file. (CVE-2010-1455,\nCVE-2010-2283, CVE-2010-2284, CVE-2010-2286)\n\nUsers of Wireshark should upgrade to these updated packages, which\ncontain Wireshark version 1.0.15, and resolve these issues. All\nrunning instances of Wireshark must be restarted for the update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1455\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-2283\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-2284\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-2286\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-2287\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-2995\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2010-03.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2010-03.html\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2010-05.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2010-05.html\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2010-07.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2010-07.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2010:0625\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark and / or wireshark-gnome packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/05/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2010:0625\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"wireshark-1.0.15-EL3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"wireshark-gnome-1.0.15-EL3.1\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", reference:\"wireshark-1.0.15-1.el4_8.1\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"wireshark-gnome-1.0.15-1.el4_8.1\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"wireshark-1.0.15-1.el5_5.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"wireshark-1.0.15-1.el5_5.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"wireshark-1.0.15-1.el5_5.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"wireshark-gnome-1.0.15-1.el5_5.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"wireshark-gnome-1.0.15-1.el5_5.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"wireshark-gnome-1.0.15-1.el5_5.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-gnome\");\n }\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:03:21", "description": "Update to upstream version 1.2.10: * http://www.wireshark.org/docs/relnotes/wireshark-1.2.9.html * http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html fixing multiple security issues: * http://www.wireshark.org/security/wnpa-sec-2010-06.html * http://www.wireshark.org/security/wnpa-sec-2010-08.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-09-03T00:00:00", "type": "nessus", "title": "Fedora 13 : wireshark-1.2.10-1.fc13 (2010-13416)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2995"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:wireshark", "cpe:/o:fedoraproject:fedora:13"], "id": "FEDORA_2010-13416.NASL", "href": "https://www.tenable.com/plugins/nessus/49092", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-13416.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49092);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2992\", \"CVE-2010-2993\", \"CVE-2010-2995\");\n script_bugtraq_id(40728, 42618);\n script_xref(name:\"FEDORA\", value:\"2010-13416\");\n\n script_name(english:\"Fedora 13 : wireshark-1.2.10-1.fc13 (2010-13416)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to upstream version 1.2.10: *\nhttp://www.wireshark.org/docs/relnotes/wireshark-1.2.9.html *\nhttp://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html fixing\nmultiple security issues: *\nhttp://www.wireshark.org/security/wnpa-sec-2010-06.html *\nhttp://www.wireshark.org/security/wnpa-sec-2010-08.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.9.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.9.html\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2010-06.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2010-06.html\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2010-08.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2010-08.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=604290\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=604292\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=604302\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=604308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=623843\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-September/046957.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3fa9b949\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/09/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"wireshark-1.2.10-1.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:57:54", "description": "Multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2010-2287, CVE-2010-2995)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2286)\n\nNOTE: This errata updates Wireshark to version 1.0.15 to resolve these issues.\n\nAll running instances of Wireshark must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : wireshark on SL3.x, SL4.x, SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2995"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20100811_WIRESHARK_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60836", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60836);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2995\");\n\n script_name(english:\"Scientific Linux Security Update : wireshark on SL3.x, SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple buffer overflow flaws were found in the Wireshark SigComp\nUniversal Decompressor Virtual Machine (UDVM) dissector. If Wireshark\nread a malformed packet off a network or opened a malicious dump file,\nit could crash or, possibly, execute arbitrary code as the user\nrunning Wireshark. (CVE-2010-2287, CVE-2010-2995)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off a\nnetwork, or opened a malicious dump file. (CVE-2010-1455,\nCVE-2010-2283, CVE-2010-2284, CVE-2010-2286)\n\nNOTE: This errata updates Wireshark to version 1.0.15 to resolve these\nissues.\n\nAll running instances of Wireshark must be restarted for the update to\ntake effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1008&L=scientific-linux-errata&T=0&P=1172\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6cee74b9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark and / or wireshark-gnome packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/05/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"wireshark-1.0.15-EL3.1\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"wireshark-gnome-1.0.15-EL3.1\")) flag++;\n\nif (rpm_check(release:\"SL4\", reference:\"wireshark-1.0.15-1.el4_8.1\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"wireshark-gnome-1.0.15-1.el4_8.1\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"wireshark-1.0.15-1.el5_5.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"wireshark-gnome-1.0.15-1.el5_5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:03:34", "description": "This advisory updates wireshark to the latest version(s), fixing several security issues :\n\nThe SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors (CVE-2010-2283).\n\nBuffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors (CVE-2010-2284).\n\nThe SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors (CVE-2010-2285).\n\nThe SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors (CVE-2010-2286).\n\nBuffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors (CVE-2010-2287).", "cvss3": {"score": null, "vector": null}, "published": "2010-07-30T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : wireshark (MDVSA-2010:113)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2994"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:dumpcap", "p-cpe:/a:mandriva:linux:lib64wireshark-devel", "p-cpe:/a:mandriva:linux:lib64wireshark0", "p-cpe:/a:mandriva:linux:libwireshark-devel", "p-cpe:/a:mandriva:linux:libwireshark0", "p-cpe:/a:mandriva:linux:rawshark", "p-cpe:/a:mandriva:linux:tshark", "p-cpe:/a:mandriva:linux:wireshark", "p-cpe:/a:mandriva:linux:wireshark-tools", "cpe:/o:mandriva:linux:2009.1", "cpe:/o:mandriva:linux:2010.0"], "id": "MANDRIVA_MDVSA-2010-113.NASL", "href": "https://www.tenable.com/plugins/nessus/48186", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:113. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48186);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2994\");\n script_bugtraq_id(40728);\n script_xref(name:\"MDVSA\", value:\"2010:113\");\n\n script_name(english:\"Mandriva Linux Security Advisory : wireshark (MDVSA-2010:113)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This advisory updates wireshark to the latest version(s), fixing\nseveral security issues :\n\nThe SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0\nthrough 1.2.8 allows remote attackers to cause a denial of service\n(NULL pointer dereference) via unknown vectors (CVE-2010-2283).\n\nBuffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13\nthrough 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote\nattack vectors (CVE-2010-2284).\n\nThe SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0\nthrough 1.2.8 allows remote attackers to cause a denial of service\n(NULL pointer dereference) via unknown vectors (CVE-2010-2285).\n\nThe SigComp Universal Decompressor Virtual Machine dissector in\nWireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote\nattackers to cause a denial of service (infinite loop) via unknown\nvectors (CVE-2010-2286).\n\nBuffer overflow in the SigComp Universal Decompressor Virtual Machine\ndissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8\nhas unknown impact and remote attack vectors (CVE-2010-2287).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.wireshark.org/security/wnpa-sec-2010-05.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.wireshark.org/security/wnpa-sec-2010-06.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dumpcap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rawshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.1\", reference:\"dumpcap-1.0.14-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-1.0.14-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64wireshark0-1.0.14-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libwireshark-devel-1.0.14-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libwireshark0-1.0.14-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"rawshark-1.0.14-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tshark-1.0.14-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"wireshark-1.0.14-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"wireshark-tools-1.0.14-0.1mdv2009.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.0\", reference:\"dumpcap-1.2.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-1.2.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64wireshark0-1.2.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libwireshark-devel-1.2.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libwireshark0-1.2.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"rawshark-1.2.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"tshark-1.2.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"wireshark-1.2.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"wireshark-tools-1.2.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:03:53", "description": "Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer. It was discovered that NULL pointer dereferences, buffer overflows and infinite loops in the SMB, SMB PIPE, ASN1.1 and SigComp dissectors could lead to denial of service or the execution of arbitrary code.", "cvss3": {"score": null, "vector": null}, "published": "2010-07-02T00:00:00", "type": "nessus", "title": "Debian DSA-2066-1 : wireshark - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:wireshark", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2066.NASL", "href": "https://www.tenable.com/plugins/nessus/47584", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2066. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47584);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\");\n script_bugtraq_id(40728);\n script_xref(name:\"DSA\", value:\"2066\");\n\n script_name(english:\"Debian DSA-2066-1 : wireshark - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in the Wireshark\nnetwork traffic analyzer. It was discovered that NULL pointer\ndereferences, buffer overflows and infinite loops in the SMB, SMB\nPIPE, ASN1.1 and SigComp dissectors could lead to denial of service or\nthe execution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2066\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the wireshark packages.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.0.2-3+lenny9.\n\nFor the upcoming stable distribution (squeeze) and the unstable\ndistribution (sid), these problems have been fixed in version 1.2.9-1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"tshark\", reference:\"1.0.2-3+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"wireshark\", reference:\"1.0.2-3+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"wireshark-common\", reference:\"1.0.2-3+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"wireshark-dev\", reference:\"1.0.2-3+lenny9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:04:03", "description": "The installed version of Wireshark or Ethereal is potentially affected by multiple vulnerabilities. \n\n - The SMB dissector can be affected by a NULL pointer dereference. (Bug 4734)\n\n - The ANS.1 BER dissector can be affected by a buffer overflow.\n\n - The SMB PIPE dissector can be affected by a NULL pointer dereference on some platforms.\n\n - The SigComp Universal Decompressor Virtual Machine can be affected by an infinite loop or a buffer overflow.\n (Bug 4826, 4837)", "cvss3": {"score": null, "vector": null}, "published": "2010-06-11T00:00:00", "type": "nessus", "title": "Wireshark / Ethereal < 1.0.14 / 1.2.9 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287"], "modified": "2018-08-07T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_1_2_9.NASL", "href": "https://www.tenable.com/plugins/nessus/46864", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(46864);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2018/08/07 11:56:12\");\n\n script_cve_id(\n \"CVE-2010-2283\",\n \"CVE-2010-2284\",\n \"CVE-2010-2285\",\n \"CVE-2010-2286\",\n \"CVE-2010-2287\"\n );\n script_bugtraq_id(40728, 42618);\n script_xref(name:\"Secunia\", value:\"40112\");\n\n script_name(english:\"Wireshark / Ethereal < 1.0.14 / 1.2.9 Multiple Vulnerabilities\");\n script_summary(english:\"Does a version check\");\n\n script_set_attribute(attribute:\"synopsis\",value:\n\"The remote host has an application that is affected by multiple\nvulnerabilities.\"\n );\n script_set_attribute(attribute:\"description\",value:\n\"The installed version of Wireshark or Ethereal is potentially\naffected by multiple vulnerabilities. \n\n - The SMB dissector can be affected by a NULL pointer\n dereference. (Bug 4734)\n\n - The ANS.1 BER dissector can be affected by a buffer\n overflow.\n\n - The SMB PIPE dissector can be affected by a NULL pointer\n dereference on some platforms.\n\n - The SigComp Universal Decompressor Virtual Machine can\n be affected by an infinite loop or a buffer overflow.\n (Bug 4826, 4837)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.wireshark.org/security/wnpa-sec-2010-05.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.wireshark.org/security/wnpa-sec-2010-06.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Upgrade to Wireshark version 1.0.14 / 1.2.9 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/11\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"SMB/Wireshark/Installed\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\n\n# Check each install.\ninstalls = get_kb_list(\"SMB/Wireshark/*\");\nif (isnull(installs)) exit(0, \"The 'SMB/Wireshark/*' KB items are missing.\");\n\ninfo = \"\";\ninfo2 = \"\";\nforeach install(keys(installs))\n{\n if (\"/Installed\" >< install) continue;\n\n version = install - \"SMB/Wireshark/\";\n ver = split(version, sep:\".\", keep:FALSE);\n for (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n # Affects 0.8.20 to 1.0.13 AND 1.2.0 to 1.2.8\n if (\n (\n (ver[0] == 0 && ((ver[1] == 8 && ver[2] >= 20) || ver[1] >= 9 ))\n ||\n (ver[0] == 1 && ver[1] ==0 && ver[2] < 14)\n )\n ||\n (\n ver[0] == 1 && ver[1] == 2 && ver[2] <= 8\n ) \n )\n info +=\n '\\n Path : ' + installs[install] +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 1.2.9 / 1.0.14\\n';\n else\n info2 += ' - Version ' + version + ', under ' + installs[install] +'\\n';\n}\n\n# Report if any were found to be vulnerable\nif (info)\n{\n if (report_verbosity > 0)\n {\n if (max_index(split(info)) > 4) s = \"s of Wireshark / Ethereal are\";\n else s = \" of Wireshark / Ethereal is\";\n\n report = \n '\\n' +\n 'The following vulnerable instance' + s + ' installed :\\n' +\n '\\n' + info;\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n}\nif (info2)\n exit(0, \"The following instance(s) of Wireshark / Ethereal are installed and are not vulnerable : \"+info2);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:01:22", "description": "Wireshark was updated to version 1.4.4 to fix several security issues", "cvss3": {"score": null, "vector": null}, "published": "2011-04-07T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : wireshark (SAT Patch Number 4267)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2994", "CVE-2010-2995", "CVE-2010-3445", "CVE-2010-4300", "CVE-2010-4301", "CVE-2010-4538", "CVE-2011-0444", "CVE-2011-0445", "CVE-2011-0538", "CVE-2011-0713", "CVE-2011-1138", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-1143"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:wireshark", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_WIRESHARK-110331.NASL", "href": "https://www.tenable.com/plugins/nessus/53315", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53315);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2992\", \"CVE-2010-2993\", \"CVE-2010-2994\", \"CVE-2010-2995\", \"CVE-2010-3445\", \"CVE-2010-4300\", \"CVE-2010-4301\", \"CVE-2010-4538\", \"CVE-2011-0444\", \"CVE-2011-0445\", \"CVE-2011-0538\", \"CVE-2011-0713\", \"CVE-2011-1138\", \"CVE-2011-1139\", \"CVE-2011-1140\", \"CVE-2011-1143\");\n\n script_name(english:\"SuSE 11.1 Security Update : wireshark (SAT Patch Number 4267)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\"Wireshark was updated to version 1.4.4 to fix several security issues\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=603251\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=613487\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=630599\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=643078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=655448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=662029\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=669908\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=672916\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=678567\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=678568\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=678569\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=678571\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1455.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2283.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2284.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2285.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2286.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2287.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2992.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2993.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2994.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2995.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3445.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-4300.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-4301.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-4538.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0444.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0445.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0538.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0713.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1138.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1139.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1140.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1143.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 4267.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'White_Phosphorus');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/04/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"wireshark-1.4.4-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"wireshark-1.4.4-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"wireshark-1.4.4-0.2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:01:14", "description": "Wireshark was updated to version 1.4.4 to fix several security issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-04-07T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : wireshark (ZYPP Patch Number 7439)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2994", "CVE-2010-2995", "CVE-2010-3445", "CVE-2010-4300", "CVE-2010-4301", "CVE-2010-4538", "CVE-2011-0444", "CVE-2011-0445", "CVE-2011-0538", "CVE-2011-0713", "CVE-2011-1138", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-1143"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_WIRESHARK-7439.NASL", "href": "https://www.tenable.com/plugins/nessus/53319", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53319);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2992\", \"CVE-2010-2993\", \"CVE-2010-2994\", \"CVE-2010-2995\", \"CVE-2010-3445\", \"CVE-2010-4300\", \"CVE-2010-4301\", \"CVE-2010-4538\", \"CVE-2011-0444\", \"CVE-2011-0445\", \"CVE-2011-0538\", \"CVE-2011-0713\", \"CVE-2011-1138\", \"CVE-2011-1139\", \"CVE-2011-1140\", \"CVE-2011-1143\");\n\n script_name(english:\"SuSE 10 Security Update : wireshark (ZYPP Patch Number 7439)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\"Wireshark was updated to version 1.4.4 to fix several security issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1455.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2283.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2284.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2285.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2286.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2287.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2992.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2993.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2994.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2995.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3445.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-4300.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-4301.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-4538.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0444.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0445.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0538.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0713.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1138.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1139.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1140.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1143.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7439.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'White_Phosphorus');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/05/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/04/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"wireshark-1.4.4-0.37.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"wireshark-1.4.4-0.37.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"wireshark-devel-1.4.4-0.37.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:59:24", "description": "Wireshark was updated to version 1.4.4 to fix several security issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : wireshark (ZYPP Patch Number 7438)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2994", "CVE-2010-2995", "CVE-2010-3445", "CVE-2010-4300", "CVE-2010-4301", "CVE-2010-4538", "CVE-2011-0444", "CVE-2011-0445", "CVE-2011-0538", "CVE-2011-0713", "CVE-2011-1138", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-1143"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_WIRESHARK-7438.NASL", "href": "https://www.tenable.com/plugins/nessus/57261", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57261);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2992\", \"CVE-2010-2993\", \"CVE-2010-2994\", \"CVE-2010-2995\", \"CVE-2010-3445\", \"CVE-2010-4300\", \"CVE-2010-4301\", \"CVE-2010-4538\", \"CVE-2011-0444\", \"CVE-2011-0445\", \"CVE-2011-0538\", \"CVE-2011-0713\", \"CVE-2011-1138\", \"CVE-2011-1139\", \"CVE-2011-1140\", \"CVE-2011-1143\");\n\n script_name(english:\"SuSE 10 Security Update : wireshark (ZYPP Patch Number 7438)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\"Wireshark was updated to version 1.4.4 to fix several security issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1455.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2283.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2284.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2285.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2286.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2287.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2992.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2993.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2994.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2995.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3445.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-4300.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-4301.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-4538.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0444.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0445.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0538.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0713.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1138.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1139.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1140.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1143.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7438.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'White_Phosphorus');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/05/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"wireshark-1.4.4-0.37.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"wireshark-1.4.4-0.37.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"wireshark-devel-1.4.4-0.37.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:03:34", "description": "The installed version of Wireshark or Ethereal is potentially affected by multiple vulnerabilities. \n\n - The SigComp Universal Decompressor Virtual Machine could potentially overflow a buffer. (Bug 4867)\n\n - The ANS.1 BER dissector could potentially exhaust the stack memory. (Bug 4984)\n\n - The GSM A RR dissector is affected by denial of service issue. (Bug 4897)\n\n - The IPMI dissector could get stuck in an infinite loop. (Bug 5053)", "cvss3": {"score": null, "vector": null}, "published": "2010-08-02T00:00:00", "type": "nessus", "title": "Wireshark / Ethereal < 1.0.15 / 1.2.10 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2994", "CVE-2010-2995"], "modified": "2018-08-06T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_1_2_10.NASL", "href": "https://www.tenable.com/plugins/nessus/48213", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(48213);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/08/06 14:03:17\");\n\n script_cve_id(\"CVE-2010-2992\", \"CVE-2010-2993\", \"CVE-2010-2994\", \"CVE-2010-2995\");\n script_bugtraq_id(42618);\n script_xref(name:\"Secunia\", value:\"40783\");\n\n script_name(english:\"Wireshark / Ethereal < 1.0.15 / 1.2.10 Multiple Vulnerabilities\");\n script_summary(english:\"Does a version check\");\n\n script_set_attribute(attribute:\"synopsis\",value:\n\"The remote host has an application that is affected by multiple\nvulnerabilities.\"\n );\n script_set_attribute(attribute:\"description\",value:\n\"The installed version of Wireshark or Ethereal is potentially\naffected by multiple vulnerabilities. \n\n - The SigComp Universal Decompressor Virtual Machine could\n potentially overflow a buffer. (Bug 4867)\n\n - The ANS.1 BER dissector could potentially exhaust the \n stack memory. (Bug 4984)\n\n - The GSM A RR dissector is affected by denial of service\n issue. (Bug 4897)\n\n - The IPMI dissector could get stuck in an infinite loop. \n (Bug 5053)\"\n );\n script_set_attribute(attribute:\"see_also\",value:\"http://www.wireshark.org/security/wnpa-sec-2010-08.html\");\n script_set_attribute(attribute:\"see_also\",value:\"http://www.wireshark.org/security/wnpa-sec-2010-07.html\");\n script_set_attribute(attribute:\"solution\",value:\"Upgrade to Wireshark version 1.0.15 / 1.2.10 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/02\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"SMB/Wireshark/Installed\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\n\n# Check each install.\ninstalls = get_kb_list(\"SMB/Wireshark/*\");\nif (isnull(installs)) exit(0, \"The 'SMB/Wireshark/*' KB items are missing.\");\n\ninfo = '';\ninfo2 = '';\n\nforeach install(keys(installs))\n{\n if (\"/Installed\" >< install) continue;\n\n version = install - \"SMB/Wireshark/\";\n ver = split(version, sep:\".\", keep:FALSE);\n for (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n # Affects 0.10.8 to 1.0.14 AND 1.2.0 to 1.2.9\n if ((ver[0] == 0 && ((ver[1] == 10 && ver[2] >= 8) || (ver[1] >= 11))) ||\n (ver[0] == 1 && ver[1] == 0 && ver[2] < 15 ) ||\n (ver[0] == 1 && ver[1] == 2 && ver[2] < 10 ) \n ) info +=\n '\\n Path : ' + installs[install] +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 1.0.15 / 1.2.10\\n';\n else\n info2 += 'Version '+ version + ', under '+ installs[install] + '. ';\n}\n\n# Report if any were found to be vulnerable\nif (info)\n{\n if (report_verbosity > 0)\n {\n if (max_index(split(info)) > 1) s = \"s of Wireshark / Ethereal are\";\n else s = \" of Wireshark / Ethereal is\";\n\n report = \n '\\n' +\n 'The following vulnerable instance' + s + ' installed :\\n' +\n '\\n' + info;\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n exit(0);\n}\nif (info2)\n exit(0, \"The following instance(s) of Wireshark / Ethereal are installed and are not vulnerable : \"+info2);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T14:32:44", "description": "- Wed Jan 5 2011 Jan Safranek <jsafrane at redhat.com> - 1.2.13-2\n\n - fixed buffer overflow in ENTTEC dissector (#666897)\n\n - Mon Nov 22 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.13-1\n\n - upgrade to 1.2.13\n\n - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.1 3.html\n\n - Mon Sep 13 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.11-1\n\n - upgrade to 1.2.11\n\n - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.1 1.html\n\n - Resolves: #632539\n\n - Tue Aug 24 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.10-1\n\n - upgrade to 1.2.10\n\n - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.1 0.html\n\n - Resolves: #625940 CVE-2010-2287 CVE-2010-2286 CVE-2010-2284 CVE-2010-2283\n\n - Mon May 17 2010 Radek Vokal <rvokal at redhat.com> - 1.2.8-3\n\n - removing traling bracket from python_sitearch (#592391)\n\n - Fri May 7 2010 Radek Vokal <rvokal at redhat.com> - 1.2.8-2\n\n - add libtool patch\n\n - Fri May 7 2010 Radek Vokal <rvokal at redhat.com> - 1.2.8-1\n\n - use sitearch instead of sitelib to avoid pyo and pyc conflicts\n\n - upgrade to 1.2.8\n\n - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.8 .html\n\n - rebuild with GeoIP support (needs to be turned on in IP protocol preferences)\n\n - bring back -pie\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-01-14T00:00:00", "type": "nessus", "title": "Fedora 13 : wireshark-1.2.13-2.fc13 (2011-0167)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-4538"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:wireshark", "cpe:/o:fedoraproject:fedora:13"], "id": "FEDORA_2011-0167.NASL", "href": "https://www.tenable.com/plugins/nessus/51519", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-0167.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51519);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-4538\");\n script_xref(name:\"FEDORA\", value:\"2011-0167\");\n\n script_name(english:\"Fedora 13 : wireshark-1.2.13-2.fc13 (2011-0167)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Wed Jan 5 2011 Jan Safranek <jsafrane at redhat.com> -\n 1.2.13-2\n\n - fixed buffer overflow in ENTTEC dissector (#666897)\n\n - Mon Nov 22 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.13-1\n\n - upgrade to 1.2.13\n\n - see\n http://www.wireshark.org/docs/relnotes/wireshark-1.2.1\n 3.html\n\n - Mon Sep 13 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.11-1\n\n - upgrade to 1.2.11\n\n - see\n http://www.wireshark.org/docs/relnotes/wireshark-1.2.1\n 1.html\n\n - Resolves: #632539\n\n - Tue Aug 24 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.10-1\n\n - upgrade to 1.2.10\n\n - see\n http://www.wireshark.org/docs/relnotes/wireshark-1.2.1\n 0.html\n\n - Resolves: #625940 CVE-2010-2287 CVE-2010-2286\n CVE-2010-2284 CVE-2010-2283\n\n - Mon May 17 2010 Radek Vokal <rvokal at redhat.com> -\n 1.2.8-3\n\n - removing traling bracket from python_sitearch\n (#592391)\n\n - Fri May 7 2010 Radek Vokal <rvokal at redhat.com> -\n 1.2.8-2\n\n - add libtool patch\n\n - Fri May 7 2010 Radek Vokal <rvokal at redhat.com> -\n 1.2.8-1\n\n - use sitearch instead of sitelib to avoid pyo and pyc\n conflicts\n\n - upgrade to 1.2.8\n\n - see\n http://www.wireshark.org/docs/relnotes/wireshark-1.2.8\n .html\n\n - rebuild with GeoIP support (needs to be turned on in\n IP protocol preferences)\n\n - bring back -pie\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.11.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.11.html\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.13.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.13.html\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.8.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.8.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=666894\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-January/053061.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b7bb23f3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'White_Phosphorus');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"wireshark-1.2.13-2.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T14:34:56", "description": "- Mon Jan 17 2011 Jan Safranek <jsafrane at redhat.com> - 1.2.14-1\n\n - upgrade to 1.2.14\n\n - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.1 4.html\n\n - Wed Jan 5 2011 Jan Safranek <jsafrane at redhat.com> - 1.2.13-2\n\n - fixed buffer overflow in ENTTEC dissector (#666897)\n\n - Mon Nov 22 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.13-1\n\n - upgrade to 1.2.13\n\n - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.1 3.html\n\n - Mon Sep 13 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.11-1\n\n - upgrade to 1.2.11\n\n - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.1 1.html\n\n - Resolves: #632539\n\n - Tue Aug 24 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.10-1\n\n - upgrade to 1.2.10\n\n - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.1 0.html\n\n - Resolves: #625940 CVE-2010-2287 CVE-2010-2286 CVE-2010-2284 CVE-2010-2283\n\n - Mon May 17 2010 Radek Vokal <rvokal at redhat.com> - 1.2.8-3\n\n - removing traling bracket from python_sitearch (#592391)\n\n - Fri May 7 2010 Radek Vokal <rvokal at redhat.com> - 1.2.8-2\n\n - add libtool patch\n\n - Fri May 7 2010 Radek Vokal <rvokal at redhat.com> - 1.2.8-1\n\n - use sitearch instead of sitelib to avoid pyo and pyc conflicts\n\n - upgrade to 1.2.8\n\n - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.8 .html\n\n - rebuild with GeoIP support (needs to be turned on in IP protocol preferences)\n\n - bring back -pie\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-02-03T00:00:00", "type": "nessus", "title": "Fedora 13 : wireshark-1.2.14-1.fc13 (2011-0460)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2011-0444", "CVE-2011-0445"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:wireshark", "cpe:/o:fedoraproject:fedora:13"], "id": "FEDORA_2011-0460.NASL", "href": "https://www.tenable.com/plugins/nessus/51854", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-0460.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51854);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-0444\", \"CVE-2011-0445\");\n script_xref(name:\"FEDORA\", value:\"2011-0460\");\n\n script_name(english:\"Fedora 13 : wireshark-1.2.14-1.fc13 (2011-0460)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Mon Jan 17 2011 Jan Safranek <jsafrane at redhat.com> -\n 1.2.14-1\n\n - upgrade to 1.2.14\n\n - see\n http://www.wireshark.org/docs/relnotes/wireshark-1.2.1\n 4.html\n\n - Wed Jan 5 2011 Jan Safranek <jsafrane at redhat.com> -\n 1.2.13-2\n\n - fixed buffer overflow in ENTTEC dissector (#666897)\n\n - Mon Nov 22 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.13-1\n\n - upgrade to 1.2.13\n\n - see\n http://www.wireshark.org/docs/relnotes/wireshark-1.2.1\n 3.html\n\n - Mon Sep 13 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.11-1\n\n - upgrade to 1.2.11\n\n - see\n http://www.wireshark.org/docs/relnotes/wireshark-1.2.1\n 1.html\n\n - Resolves: #632539\n\n - Tue Aug 24 2010 Jan Safranek <jsafrane at redhat.com>\n - 1.2.10-1\n\n - upgrade to 1.2.10\n\n - see\n http://www.wireshark.org/docs/relnotes/wireshark-1.2.1\n 0.html\n\n - Resolves: #625940 CVE-2010-2287 CVE-2010-2286\n CVE-2010-2284 CVE-2010-2283\n\n - Mon May 17 2010 Radek Vokal <rvokal at redhat.com> -\n 1.2.8-3\n\n - removing traling bracket from python_sitearch\n (#592391)\n\n - Fri May 7 2010 Radek Vokal <rvokal at redhat.com> -\n 1.2.8-2\n\n - add libtool patch\n\n - Fri May 7 2010 Radek Vokal <rvokal at redhat.com> -\n 1.2.8-1\n\n - use sitearch instead of sitelib to avoid pyo and pyc\n conflicts\n\n - upgrade to 1.2.8\n\n - see\n http://www.wireshark.org/docs/relnotes/wireshark-1.2.8\n .html\n\n - rebuild with GeoIP support (needs to be turned on in\n IP protocol preferences)\n\n - bring back -pie\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.11.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.11.html\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.13.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.13.html\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.14.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.14.html\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.2.8.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.2.8.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=669441\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=669443\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-February/053669.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?72817804\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/02/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"wireshark-1.2.14-1.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:02:19", "description": "The installed version of Wireshark is 1.2.x less than 1.2.13 or 1.4.x less than 1.4.2. Such versions are affected by the following vulnerabilities:\n\n - An error exists in the LDSS dissector that allows a series of malformed packets to cause a buffer overflow. (5318)\n\n - An error exists in the ZigBee ZCL dissector that allows a series of malformed packets to cause the dissector to enter an infinite loop. (5303)", "cvss3": {"score": null, "vector": null}, "published": "2010-11-22T00:00:00", "type": "nessus", "title": "Wireshark < 1.2.13 / 1.4.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4300", "CVE-2010-4301"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_1_4_2.NASL", "href": "https://www.tenable.com/plugins/nessus/50678", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(50678);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/11/15 20:50:29\");\n\n script_cve_id(\"CVE-2010-4300\", \"CVE-2010-4301\");\n script_bugtraq_id(44986, 44987);\n script_xref(name:\"EDB-ID\", value:\"15973\");\n script_xref(name:\"Secunia\", value:\"42290\");\n\n script_name(english:\"Wireshark < 1.2.13 / 1.4.2 Multiple Vulnerabilities\");\n script_summary(english:\"Does a version check\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains an application that is affected by\nmultiple vulnerabilities.\"\n );\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Wireshark is 1.2.x less than 1.2.13 or 1.4.x\nless than 1.4.2. Such versions are affected by the following\nvulnerabilities:\n\n - An error exists in the LDSS dissector that allows \n a series of malformed packets to cause a buffer\n overflow. (5318)\n\n - An error exists in the ZigBee ZCL dissector that allows\n a series of malformed packets to cause the dissector to\n enter an infinite loop. (5303)\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://www.wireshark.org/security/wnpa-sec-2010-13.html\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"https://www.wireshark.org/security/wnpa-sec-2010-14.html\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://www.wireshark.org/docs/relnotes/wireshark-1.2.13.html\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://www.wireshark.org/docs/relnotes/wireshark-1.4.2.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Upgrade to Wireshark version 1.2.13 / 1.4.2 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/11/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/22\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"SMB/Wireshark/Installed\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Check each install.\ninstalls = get_kb_list(\"SMB/Wireshark/*\");\nif (isnull(installs)) exit(0, \"The 'SMB/Wireshark/*' KB items are missing.\");\n\ninfo = '';\ninfo2 = '';\n\nforeach install(keys(installs))\n{\n if (\"/Installed\" >< install) continue;\n\n version = install - \"SMB/Wireshark/\";\n\n if (\n version =~ \"^1\\.2($|\\.[0-9]|\\.1[012])($|[^0-9])\" || \n version =~ \"^1\\.4($|\\.[01])($|[^0-9])\"\n ) \n info +=\n '\\n Path : ' + installs[install] +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 1.2.13 / 1.4.2\\n';\n else\n info2 += 'Version '+ version + ', under '+ installs[install] + '. ';\n}\n\n# Report if any were found to be vulnerable\nif (info)\n{\n if (report_verbosity > 0)\n {\n if (max_index(split(info)) > 4) s = \"s of Wireshark are\";\n else s = \" of Wireshark is\";\n\n report = \n '\\n' +\n 'The following vulnerable instance' + s + ' installed :\\n' +\n '\\n' + info;\n security_warning(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_warning(get_kb_item(\"SMB/transport\"));\n exit(0);\n}\nif (info2)\n exit(0, \"The following instance(s) of Wireshark are installed and are not vulnerable : \"+info2);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T13:02:29", "description": "Updated wireshark packages that fix two security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nWireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal.\n\nA heap-based buffer overflow flaw was found in the Wireshark Local Download Sharing Service (LDSS) dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2010-4300)\n\nA denial of service flaw was found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2010-3445)\n\nUsers of Wireshark should upgrade to these updated packages, which contain Wireshark version 1.2.13, and resolve these issues. All running instances of Wireshark must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2010-12-01T00:00:00", "type": "nessus", "title": "RHEL 6 : wireshark (RHSA-2010:0924)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3445", "CVE-2010-4300"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:wireshark", "p-cpe:/a:redhat:enterprise_linux:wireshark-debuginfo", "p-cpe:/a:redhat:enterprise_linux:wireshark-devel", "p-cpe:/a:redhat:enterprise_linux:wireshark-gnome", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.0"], "id": "REDHAT-RHSA-2010-0924.NASL", "href": "https://www.tenable.com/plugins/nessus/50851", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0924. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50851);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3445\", \"CVE-2010-4300\");\n script_bugtraq_id(43197, 44987);\n script_xref(name:\"RHSA\", value:\"2010:0924\");\n\n script_name(english:\"RHEL 6 : wireshark (RHSA-2010:0924)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated wireshark packages that fix two security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nA heap-based buffer overflow flaw was found in the Wireshark Local\nDownload Sharing Service (LDSS) dissector. If Wireshark read a\nmalformed packet off a network or opened a malicious dump file, it\ncould crash or, possibly, execute arbitrary code as the user running\nWireshark. (CVE-2010-4300)\n\nA denial of service flaw was found in Wireshark. Wireshark could crash\nor stop responding if it read a malformed packet off a network, or\nopened a malicious dump file. (CVE-2010-3445)\n\nUsers of Wireshark should upgrade to these updated packages, which\ncontain Wireshark version 1.2.13, and resolve these issues. All\nrunning instances of Wireshark must be restarted for the update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3445\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-4300\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2010-13.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2010-13.html\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2010-12.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2010-12.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2010:0924\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/11/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2010:0924\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"wireshark-1.2.13-1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"wireshark-debuginfo-1.2.13-1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"wireshark-devel-1.2.13-1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"wireshark-gnome-1.2.13-1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"wireshark-gnome-1.2.13-1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"wireshark-gnome-1.2.13-1.el6_0.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-debuginfo / wireshark-devel / wireshark-gnome\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:57:59", "description": "A heap-based buffer overflow flaw was found in the Wireshark Local Download Sharing Service (LDSS) dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2010-4300)\n\nA denial of service flaw was found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2010-3445)\n\nAll running instances of Wireshark must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : wireshark on SL6.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3445", "CVE-2010-4300"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20101130_WIRESHARK_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60911", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60911);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3445\", \"CVE-2010-4300\");\n\n script_name(english:\"Scientific Linux Security Update : wireshark on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A heap-based buffer overflow flaw was found in the Wireshark Local\nDownload Sharing Service (LDSS) dissector. If Wireshark read a\nmalformed packet off a network or opened a malicious dump file, it\ncould crash or, possibly, execute arbitrary code as the user running\nWireshark. (CVE-2010-4300)\n\nA denial of service flaw was found in Wireshark. Wireshark could crash\nor stop responding if it read a malformed packet off a network, or\nopened a malicious dump file. (CVE-2010-3445)\n\nAll running instances of Wireshark must be restarted for the update to\ntake effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1103&L=scientific-linux-errata&T=0&P=3570\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?844ea77d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected wireshark, wireshark-devel and / or\nwireshark-gnome packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"wireshark-1.2.13-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"wireshark-devel-1.2.13-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"wireshark-gnome-1.2.13-1.el6_0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:03:35", "description": "This advisory updates wireshark to the latest version(s), fixing several security issues :\n\nBuffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors (CVE-2010-2284).\n\nBuffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors (CVE-2010-2287).", "cvss3": {"score": null, "vector": null}, "published": "2010-08-05T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : wireshark (MDVSA-2010:144)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:dumpcap", "p-cpe:/a:mandriva:linux:lib64wireshark-devel", "p-cpe:/a:mandriva:linux:lib64wireshark0", "p-cpe:/a:mandriva:linux:libwireshark-devel", "p-cpe:/a:mandriva:linux:libwireshark0", "p-cpe:/a:mandriva:linux:rawshark", "p-cpe:/a:mandriva:linux:tshark", "p-cpe:/a:mandriva:linux:wireshark", "p-cpe:/a:mandriva:linux:wireshark-tools", "cpe:/o:mandriva:linux:2009.1", "cpe:/o:mandriva:linux:2010.0", "cpe:/o:mandriva:linux:2010.1"], "id": "MANDRIVA_MDVSA-2010-144.NASL", "href": "https://www.tenable.com/plugins/nessus/48251", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:144. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48251);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-2284\", \"CVE-2010-2287\");\n script_bugtraq_id(40728);\n script_xref(name:\"MDVSA\", value:\"2010:144\");\n\n script_name(english:\"Mandriva Linux Security Advisory : wireshark (MDVSA-2010:144)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This advisory updates wireshark to the latest version(s), fixing\nseveral security issues :\n\nBuffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13\nthrough 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote\nattack vectors (CVE-2010-2284).\n\nBuffer overflow in the SigComp Universal Decompressor Virtual Machine\ndissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8\nhas unknown impact and remote attack vectors (CVE-2010-2287).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.0.15.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dumpcap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rawshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.1\", reference:\"dumpcap-1.0.15-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-1.0.15-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64wireshark0-1.0.15-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libwireshark-devel-1.0.15-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libwireshark0-1.0.15-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"rawshark-1.0.15-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tshark-1.0.15-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"wireshark-1.0.15-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"wireshark-tools-1.0.15-0.1mdv2009.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.0\", reference:\"dumpcap-1.2.10-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-1.2.10-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64wireshark0-1.2.10-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libwireshark-devel-1.2.10-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libwireshark0-1.2.10-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"rawshark-1.2.10-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"tshark-1.2.10-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"wireshark-1.2.10-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"wireshark-tools-1.2.10-0.1mdv2010.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.1\", reference:\"dumpcap-1.2.10-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-1.2.10-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64wireshark0-1.2.10-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libwireshark-devel-1.2.10-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libwireshark0-1.2.10-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"rawshark-1.2.10-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"tshark-1.2.10-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"wireshark-1.2.10-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"wireshark-tools-1.2.10-0.1mdv2010.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:03:13", "description": "Several implementation errors in the dissector of the Wireshark network traffic analyzer for the ASN.1 BER protocol and in the SigComp Universal Decompressor Virtual Machine may lead to the execution of arbitrary code.", "cvss3": {"score": null, "vector": null}, "published": "2010-09-01T00:00:00", "type": "nessus", "title": "Debian DSA-2101-1 : wireshark - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2994", "CVE-2010-2995"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:wireshark", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2101.NASL", "href": "https://www.tenable.com/plugins/nessus/49058", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2101. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49058);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-2994\", \"CVE-2010-2995\");\n script_bugtraq_id(42618);\n script_xref(name:\"DSA\", value:\"2101\");\n\n script_name(english:\"Debian DSA-2101-1 : wireshark - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several implementation errors in the dissector of the Wireshark\nnetwork traffic analyzer for the ASN.1 BER protocol and in the SigComp\nUniversal Decompressor Virtual Machine may lead to the execution of\narbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2101\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the wireshark packages.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.0.2-3+lenny10.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/09/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"tshark\", reference:\"1.0.2-3+lenny10\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"wireshark\", reference:\"1.0.2-3+lenny10\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"wireshark-common\", reference:\"1.0.2-3+lenny10\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"wireshark-dev\", reference:\"1.0.2-3+lenny10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-10T16:12:03", "description": "The remote host is affected by the vulnerability described in GLSA-201110-02 (Wireshark: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could send specially crafted packets on a network being monitored by Wireshark, entice a user to open a malformed packet trace file using Wireshark, or deploy a specially crafted Lua script for use by Wireshark, possibly resulting in the execution of arbitrary code, or a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2011-10-10T00:00:00", "type": "nessus", "title": "GLSA-201110-02 : Wireshark: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2285", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2994", "CVE-2010-2995", "CVE-2010-3133", "CVE-2010-3445", "CVE-2010-4300", "CVE-2010-4301", "CVE-2010-4538", "CVE-2011-0024", "CVE-2011-0444", "CVE-2011-0445", "CVE-2011-0538", "CVE-2011-0713", "CVE-2011-1138", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-1141", "CVE-2011-1142", "CVE-2011-1143", "CVE-2011-1590", "CVE-2011-1591", "CVE-2011-1592", "CVE-2011-1956", "CVE-2011-1957", "CVE-2011-1958", "CVE-2011-1959", "CVE-2011-2174", "CVE-2011-2175", "CVE-2011-2597", "CVE-2011-2698", "CVE-2011-3266", "CVE-2011-3360", "CVE-2011-3482", "CVE-2011-3483"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:wireshark", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201110-02.NASL", "href": "https://www.tenable.com/plugins/nessus/56426", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201110-02.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56426);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2992\", \"CVE-2010-2993\", \"CVE-2010-2994\", \"CVE-2010-2995\", \"CVE-2010-3133\", \"CVE-2010-3445\", \"CVE-2010-4300\", \"CVE-2010-4301\", \"CVE-2010-4538\", \"CVE-2011-0024\", \"CVE-2011-0444\", \"CVE-2011-0445\", \"CVE-2011-0538\", \"CVE-2011-0713\", \"CVE-2011-1138\", \"CVE-2011-1139\", \"CVE-2011-1140\", \"CVE-2011-1141\", \"CVE-2011-1142\", \"CVE-2011-1143\", \"CVE-2011-1590\", \"CVE-2011-1591\", \"CVE-2011-1592\", \"CVE-2011-1956\", \"CVE-2011-1957\", \"CVE-2011-1958\", \"CVE-2011-1959\", \"CVE-2011-2174\", \"CVE-2011-2175\", \"CVE-2011-2597\", \"CVE-2011-2698\", \"CVE-2011-3266\", \"CVE-2011-3360\", \"CVE-2011-3482\", \"CVE-2011-3483\");\n script_xref(name:\"GLSA\", value:\"201110-02\");\n\n script_name(english:\"GLSA-201110-02 : Wireshark: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201110-02\n(Wireshark: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Wireshark. Please\n review the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could send specially crafted packets on a network\n being monitored by Wireshark, entice a user to open a malformed packet\n trace file using Wireshark, or deploy a specially crafted Lua script for\n use by Wireshark, possibly resulting in the execution of arbitrary code,\n or a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201110-02\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Wireshark users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/wireshark-1.4.9'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Wireshark console.lua Pre-Loading Script Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'White_Phosphorus');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-analyzer/wireshark\", unaffected:make_list(\"ge 1.4.9\"), vulnerable:make_list(\"lt 1.4.9\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Wireshark\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:03:38", "description": "This advisory updates wireshark to the latest version(s), fixing several bugs and one security issue :\n\nThe DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file (CVE-2010-1455).", "cvss3": {"score": null, "vector": null}, "published": "2010-07-30T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : wireshark (MDVSA-2010:099)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:dumpcap", "p-cpe:/a:mandriva:linux:lib64wireshark-devel", "p-cpe:/a:mandriva:linux:lib64wireshark0", "p-cpe:/a:mandriva:linux:libwireshark-devel", "p-cpe:/a:mandriva:linux:libwireshark0", "p-cpe:/a:mandriva:linux:rawshark", "p-cpe:/a:mandriva:linux:tshark", "p-cpe:/a:mandriva:linux:wireshark", "p-cpe:/a:mandriva:linux:wireshark-tools", "cpe:/o:mandriva:linux:2009.1", "cpe:/o:mandriva:linux:2010.0"], "id": "MANDRIVA_MDVSA-2010-099.NASL", "href": "https://www.tenable.com/plugins/nessus/48183", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:099. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48183);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-1455\");\n script_bugtraq_id(39950);\n script_xref(name:\"MDVSA\", value:\"2010:099\");\n\n script_name(english:\"Mandriva Linux Security Advisory : wireshark (MDVSA-2010:099)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This advisory updates wireshark to the latest version(s), fixing\nseveral bugs and one security issue :\n\nThe DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0\nthrough 1.2.7 allows user-assisted remote attackers to cause a denial\nof service (application crash) via a malformed packet trace file\n(CVE-2010-1455).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.wireshark.org/security/wnpa-sec-2010-03.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.wireshark.org/security/wnpa-sec-2010-04.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dumpcap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rawshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.1\", reference:\"dumpcap-1.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-1.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64wireshark0-1.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libwireshark-devel-1.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libwireshark0-1.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"rawshark-1.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tshark-1.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"wireshark-1.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"wireshark-tools-1.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.0\", reference:\"dumpcap-1.2.8-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-1.2.8-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64wireshark0-1.2.8-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libwireshark-devel-1.2.8-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libwireshark0-1.2.8-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"rawshark-1.2.8-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"tshark-1.2.8-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"wireshark-1.2.8-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"wireshark-tools-1.2.8-0.1mdv2010.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T13:04:22", "description": "A vulnerability found in the DOCSIS dissector can cause Wireshark to crash when a malformed packet trace file is opened. This means that an attacker will have to trick a victim into opening such a trace file before being able to crash the application", "cvss3": {"score": null, "vector": null}, "published": "2010-05-10T00:00:00", "type": "nessus", "title": "FreeBSD : wireshark -- DOCSIS dissector denial of service (28022228-5a0e-11df-942d-0015587e2cc1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:wireshark", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_280222285A0E11DF942D0015587E2CC1.NASL", "href": "https://www.tenable.com/plugins/nessus/46259", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46259);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-1455\");\n\n script_name(english:\"FreeBSD : wireshark -- DOCSIS dissector denial of service (28022228-5a0e-11df-942d-0015587e2cc1)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability found in the DOCSIS dissector can cause Wireshark to\ncrash when a malformed packet trace file is opened. This means that an\nattacker will have to trick a victim into opening such a trace file\nbefore being able to crash the application\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2010-03.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2010-03.html\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2010-04.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2010-04.html\"\n );\n # https://vuxml.freebsd.org/freebsd/28022228-5a0e-11df-942d-0015587e2cc1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?72bc3068\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/05/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"wireshark<=1.2.6_1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T13:02:22", "description": "This advisory updates wireshark to the latest version (1.2.13), fixing one security issue :\n\nHeap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption (CVE-2010-4300).", "cvss3": {"score": null, "vector": null}, "published": "2010-11-29T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : wireshark (MDVSA-2010:242)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4300"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:dumpcap", "p-cpe:/a:mandriva:linux:lib64wireshark-devel", "p-cpe:/a:mandriva:linux:lib64wireshark0", "p-cpe:/a:mandriva:linux:libwireshark-devel", "p-cpe:/a:mandriva:linux:libwireshark0", "p-cpe:/a:mandriva:linux:rawshark", "p-cpe:/a:mandriva:linux:tshark", "p-cpe:/a:mandriva:linux:wireshark", "p-cpe:/a:mandriva:linux:wireshark-tools", "cpe:/o:mandriva:linux:2010.0", "cpe:/o:mandriva:linux:2010.1"], "id": "MANDRIVA_MDVSA-2010-242.NASL", "href": "https://www.tenable.com/plugins/nessus/50827", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:242. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50827);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-4300\");\n script_bugtraq_id(44987);\n script_xref(name:\"MDVSA\", value:\"2010:242\");\n\n script_name(english:\"Mandriva Linux Security Advisory : wireshark (MDVSA-2010:242)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This advisory updates wireshark to the latest version (1.2.13), fixing\none security issue :\n\nHeap-based buffer overflow in the dissect_ldss_transfer function\n(epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark\n1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers\nto cause a denial of service (crash) and possibly execute arbitrary\ncode via an LDSS packet with a long digest line that triggers memory\ncorruption (CVE-2010-4300).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.wireshark.org/docs/relnotes/wireshark-1.2.13.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2010-14.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5318\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dumpcap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rawshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.0\", reference:\"dumpcap-1.2.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-1.2.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64wireshark0-1.2.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libwireshark-devel-1.2.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libwireshark0-1.2.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"rawshark-1.2.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"tshark-1.2.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"wireshark-1.2.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"wireshark-tools-1.2.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.1\", reference:\"dumpcap-1.2.13-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-1.2.13-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64wireshark0-1.2.13-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libwireshark-devel-1.2.13-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libwireshark0-1.2.13-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"rawshark-1.2.13-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"tshark-1.2.13-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"wireshark-1.2.13-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"wireshark-tools-1.2.13-0.1mdv2010.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:02:29", "description": "A flaw has been found in wireshark, a network protocol analyzer.\n\nIt was found that the ASN.1 BER dissector was susceptible to a stack overflow, causing the application to crash.", "cvss3": {"score": null, "vector": null}, "published": "2010-11-29T00:00:00", "type": "nessus", "title": "Debian DSA-2127-1 : wireshark - denial of service", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3445"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:wireshark", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2127.NASL", "href": "https://www.tenable.com/plugins/nessus/50826", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2127. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50826);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-3445\");\n script_bugtraq_id(43197);\n script_xref(name:\"DSA\", value:\"2127\");\n\n script_name(english:\"Debian DSA-2127-1 : wireshark - denial of service\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw has been found in wireshark, a network protocol analyzer.\n\nIt was found that the ASN.1 BER dissector was susceptible to a stack\noverflow, causing the application to crash.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2127\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the wireshark packages.\n\nFor the stable distribution (lenny), the problem has been fixed in\nversion 1.0.2-3+lenny11.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"tshark\", reference:\"1.0.2-3+lenny11\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"wireshark\", reference:\"1.0.2-3+lenny11\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"wireshark-common\", reference:\"1.0.2-3+lenny11\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"wireshark-dev\", reference:\"1.0.2-3+lenny11\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T13:02:32", "description": "It was discovered that the ASN.1 BER dissector in wireshark was susceptible to a stack overflow (CVE-2010-3445).\n\nFor 2010.0 and 2010.1 wireshark was upgraded to v1.2.12 which is not vulnerable to this issue and was patched for CS4 and MES5 to resolve the vulnerability.", "cvss3": {"score": null, "vector": null}, "published": "2010-10-14T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : wireshark (MDVSA-2010:200)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3445"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:dumpcap", "p-cpe:/a:mandriva:linux:lib64wireshark-devel", "p-cpe:/a:mandriva:linux:lib64wireshark0", "p-cpe:/a:mandriva:linux:libwireshark-devel", "p-cpe:/a:mandriva:linux:libwireshark0", "p-cpe:/a:mandriva:linux:rawshark", "p-cpe:/a:mandriva:linux:tshark", "p-cpe:/a:mandriva:linux:wireshark", "p-cpe:/a:mandriva:linux:wireshark-tools", "cpe:/o:mandriva:linux:2010.0", "cpe:/o:mandriva:linux:2010.1"], "id": "MANDRIVA_MDVSA-2010-200.NASL", "href": "https://www.tenable.com/plugins/nessus/49970", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:200. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49970);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-3445\");\n script_bugtraq_id(43923);\n script_xref(name:\"MDVSA\", value:\"2010:200\");\n\n script_name(english:\"Mandriva Linux Security Advisory : wireshark (MDVSA-2010:200)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the ASN.1 BER dissector in wireshark was\nsusceptible to a stack overflow (CVE-2010-3445).\n\nFor 2010.0 and 2010.1 wireshark was upgraded to v1.2.12 which is not\nvulnerable to this issue and was patched for CS4 and MES5 to resolve\nthe vulnerability.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2010-11.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.wireshark.org/security/wnpa-sec-2010-12.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5230\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dumpcap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rawshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/10/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.0\", reference:\"dumpcap-1.2.12-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-1.2.12-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64wireshark0-1.2.12-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libwireshark-devel-1.2.12-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libwireshark0-1.2.12-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"rawshark-1.2.12-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"tshark-1.2.12-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"wireshark-1.2.12-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"wireshark-tools-1.2.12-0.1mdv2010.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.1\", reference:\"dumpcap-1.2.12-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-1.2.12-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64wireshark0-1.2.12-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libwireshark-devel-1.2.12-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libwireshark0-1.2.12-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"rawshark-1.2.12-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"tshark-1.2.12-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"wireshark-1.2.12-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"wireshark-tools-1.2.12-0.1mdv2010.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T13:02:39", "description": "The installed version of Wireshark is 1.2.x less than 1.2.12 or 1.4.x less than 1.4.1. Such versions are affected by a denial of service vulnerability. The ASN.1 BER dissector contains a flaw that can allow a stack overflow that in turn can cause the application to crash.", "cvss3": {"score": null, "vector": null}, "published": "2010-10-14T00:00:00", "type": "nessus", "title": "Wireshark < 1.2.12 / 1.4.1 ASN.1 BER Dissector Denial of Service", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3445"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_1_4_1.NASL", "href": "https://www.tenable.com/plugins/nessus/49978", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(49978);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/15 20:50:29\");\n\n script_cve_id(\"CVE-2010-3445\");\n script_bugtraq_id(43197);\n script_xref(name:\"Secunia\", value:\"41535\");\n\n script_name(english:\"Wireshark < 1.2.12 / 1.4.1 ASN.1 BER Dissector Denial of Service\");\n script_summary(english:\"Does a version check\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains an application that is vulnerable to\na denial of service attack.\"\n );\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Wireshark is 1.2.x less than 1.2.12 or 1.4.x\nless than 1.4.1. Such versions are affected by a denial of service\nvulnerability. The ASN.1 BER dissector contains a flaw that can allow\na stack overflow that in turn can cause the application to crash.\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"https://seclists.org/bugtraq/2010/Sep/87\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"https://www.wireshark.org/security/wnpa-sec-2010-11.html\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://www.wireshark.org/security/wnpa-sec-2010-12.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Upgrade to Wireshark version 1.2.12 / 1.4.1 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/14\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"SMB/Wireshark/Installed\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Check each install.\ninstalls = get_kb_list(\"SMB/Wireshark/*\");\nif (isnull(installs)) exit(0, \"The 'SMB/Wireshark/*' KB items are missing.\");\n\ninfo = '';\ninfo2 = '';\n\nforeach install(keys(installs))\n{\n if (\"/Installed\" >< install) continue;\n\n version = install - \"SMB/Wireshark/\";\n\n if (\n version =~ \"^1\\.2($|\\.[0-9]|\\.1[01])($|[^0-9])\" || \n version =~ \"^1\\.4($|\\.0)($|[^0-9])\"\n ) \n info +=\n '\\n Path : ' + installs[install] +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 1.2.12 / 1.4.1\\n';\n else\n info2 += 'Version '+ version + ', under '+ installs[install] + '. ';\n}\n\n# Report if any were found to be vulnerable\nif (info)\n{\n if (report_verbosity > 0)\n {\n if (max_index(split(info)) > 4) s = \"s of Wireshark are\";\n else s = \" of Wireshark is\";\n\n report = \n '\\n' +\n 'The following vulnerable instance' + s + ' installed :\\n' +\n '\\n' + info;\n security_warning(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_warning(get_kb_item(\"SMB/transport\"));\n exit(0);\n}\nif (info2)\n exit(0, \"The following instance(s) of Wireshark are installed and are not vulnerable : \"+info2);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T13:02:38", "description": "Secunia reports :\n\nA vulnerability has been discovered in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service).\n\nThe vulnerability is caused due to an infinite recursion error in the 'dissect_unknown_ber()' function in epan/dissectors/packet-ber.c and can be exploited to cause a stack overflow e.g. via a specially crafted SNMP packet.\n\nThe vulnerability is confirmed in version 1.4.0 and reported in version 1.2.11 and prior and version 1.4.0 and prior.", "cvss3": {"score": null, "vector": null}, "published": "2010-11-07T00:00:00", "type": "nessus", "title": "FreeBSD : Wireshark -- DoS in the BER-based dissectors (b2eaa7c2-e64a-11df-bc65-0022156e8794)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3445"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:tshark", "p-cpe:/a:freebsd:freebsd:tshark-lite", "p-cpe:/a:freebsd:freebsd:wireshark", "p-cpe:/a:freebsd:freebsd:wireshark-lite", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_B2EAA7C2E64A11DFBC650022156E8794.NASL", "href": "https://www.tenable.com/plugins/nessus/50500", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50500);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-3445\");\n\n script_name(english:\"FreeBSD : Wireshark -- DoS in the BER-based dissectors (b2eaa7c2-e64a-11df-bc65-0022156e8794)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Secunia reports :\n\nA vulnerability has been discovered in Wireshark, which can be\nexploited by malicious people to cause a DoS (Denial of Service).\n\nThe vulnerability is caused due to an infinite recursion error in the\n'dissect_unknown_ber()' function in epan/dissectors/packet-ber.c and\ncan be exploited to cause a stack overflow e.g. via a specially\ncrafted SNMP packet.\n\nThe vulnerability is confirmed in version 1.4.0 and reported in\nversion 1.2.11 and prior and version 1.4.0 and prior.\"\n );\n # http://www.wireshark.org/lists/wireshark-announce/201010/msg00002.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ce80e611\"\n );\n # http://www.wireshark.org/lists/wireshark-announce/201010/msg00001.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?24bba47b\"\n );\n # https://vuxml.freebsd.org/freebsd/b2eaa7c2-e64a-11df-bc65-0022156e8794.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?614155b0\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:tshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:tshark-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:wireshark-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/09/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"wireshark>=1.3<1.4.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"wireshark>=1.0<1.2.12\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"wireshark-lite>=1.3<1.4.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"wireshark-lite>=1.0<1.2.12\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"tshark>=1.3<1.4.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"tshark>=1.0<1.2.12\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"tshark-lite>=1.3<1.4.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"tshark-lite>=1.0<1.2.12\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T13:04:22", "description": "The remote host is affected by the vulnerability described in GLSA-201006-05 (Wireshark: Multiple vulnerabilities)\n\n Multiple vulnerabilities were found in the Daintree SNA file parser, the SMB, SMB2, IPMI, and DOCSIS dissectors. For further information please consult the CVE entries referenced below.\n Impact :\n\n A remote attacker could cause a Denial of Service and possibly execute arbitrary code via crafted packets or malformed packet trace files.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2010-06-02T00:00:00", "type": "nessus", "title": "GLSA-201006-05 : Wireshark: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4376", "CVE-2009-4377", "CVE-2009-4378", "CVE-2010-1455"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:wireshark", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201006-05.NASL", "href": "https://www.tenable.com/plugins/nessus/46772", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201006-05.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46772);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-4376\", \"CVE-2009-4377\", \"CVE-2009-4378\", \"CVE-2010-1455\");\n script_bugtraq_id(37407, 39950);\n script_xref(name:\"GLSA\", value:\"201006-05\");\n\n script_name(english:\"GLSA-201006-05 : Wireshark: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201006-05\n(Wireshark: Multiple vulnerabilities)\n\n Multiple vulnerabilities were found in the Daintree SNA file parser,\n the SMB, SMB2, IPMI, and DOCSIS dissectors. For further information\n please consult the CVE entries referenced below.\n \nImpact :\n\n A remote attacker could cause a Denial of Service and possibly execute\n arbitrary code via crafted packets or malformed packet trace files.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201006-05\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Wireshark users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/wireshark-1.2.8-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-analyzer/wireshark\", unaffected:make_list(\"ge 1.2.8-r1\"), vulnerable:make_list(\"lt 1.2.8-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Wireshark\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:57:40", "description": "A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2011-0024)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2010-3445, CVE-2011-0538, CVE-2011-1139, CVE-2011-1140, CVE-2011-1141, CVE-2011-1143)\n\nAll running instances of Wireshark must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : wireshark on SL4.x, SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3445", "CVE-2011-0024", "CVE-2011-0538", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-1141", "CVE-2011-1143"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20110321_WIRESHARK_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60991", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60991);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3445\", \"CVE-2011-0024\", \"CVE-2011-0538\", \"CVE-2011-1139\", \"CVE-2011-1140\", \"CVE-2011-1141\", \"CVE-2011-1143\");\n\n script_name(english:\"Scientific Linux Security Update : wireshark on SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A heap-based buffer overflow flaw was found in Wireshark. If Wireshark\nopened a specially crafted capture file, it could crash or, possibly,\nexecute arbitrary code as the user running Wireshark. (CVE-2011-0024)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off a\nnetwork, or opened a malicious dump file. (CVE-2010-3445,\nCVE-2011-0538, CVE-2011-1139, CVE-2011-1140, CVE-2011-1141,\nCVE-2011-1143)\n\nAll running instances of Wireshark must be restarted for the update to\ntake effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1103&L=scientific-linux-errata&T=0&P=9264\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4d5c02c6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark and / or wireshark-gnome packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"wireshark-1.0.15-2.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"wireshark-gnome-1.0.15-2.el4\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"wireshark-1.0.15-1.el5_6.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"wireshark-gnome-1.0.15-1.el5_6.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:01:34", "description": "Several security bugs were fixed in this release :\n\n - CVE-2011-0538: memory corruption when reading a malformed pcap file\n\n - CVE-2010-3445: stack overflow in BER dissector\n\n - CVE-2011-1143: NULL pointer dereference causing application crash when reading malformed pcap file\n\n - CVE-2011-1140: Multiple stack consumption vulnerabilities caused DoS via crafted SMB or CLDAP packet\n\n - CVE-2011-1138: Off-by-one error in the dissect_6lowpan_iphc function causes application crash (Denial Of Service)\n\n - CVE-2011-1139: Denial Of Service (application crash) via a pcap-ng file that contains a large packet-length field\n\n - CVE-2011-0713: heap-based buffer overflow when reading malformed Nokia DCT3 phone signaling traces\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-03-09T00:00:00", "type": "nessus", "title": "Fedora 15 : wireshark-1.4.4-1.fc15 (2011-2648)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3445", "CVE-2011-0538", "CVE-2011-0713", "CVE-2011-1138", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-1143"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:wireshark", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2011-2648.NASL", "href": "https://www.tenable.com/plugins/nessus/52590", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-2648.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(52590);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-3445\", \"CVE-2011-0538\", \"CVE-2011-0713\", \"CVE-2011-1138\", \"CVE-2011-1139\", \"CVE-2011-1140\", \"CVE-2011-1143\");\n script_bugtraq_id(43197, 46167, 46416, 46626, 46636);\n script_xref(name:\"FEDORA\", value:\"2011-2648\");\n\n script_name(english:\"Fedora 15 : wireshark-1.4.4-1.fc15 (2011-2648)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several security bugs were fixed in this release :\n\n - CVE-2011-0538: memory corruption when reading a\n malformed pcap file\n\n - CVE-2010-3445: stack overflow in BER dissector\n\n - CVE-2011-1143: NULL pointer dereference causing\n application crash when reading malformed pcap file\n\n - CVE-2011-1140: Multiple stack consumption\n vulnerabilities caused DoS via crafted SMB or CLDAP\n packet\n\n - CVE-2011-1138: Off-by-one error in the\n dissect_6lowpan_iphc function causes application crash\n (Denial Of Service)\n\n - CVE-2011-1139: Denial Of Service (application crash)\n via a pcap-ng file that contains a large packet-length\n field\n\n - CVE-2011-0713: heap-based buffer overflow when reading\n malformed Nokia DCT3 phone signaling traces\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=639486\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=676232\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=678198\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=681748\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=681753\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=681754\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=681760\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d209584c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"wireshark-1.4.4-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2018-01-02T10:54:30", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-09-07T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2010-13427", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-1455", "CVE-2010-2992", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286", "CVE-2010-2993"], "modified": "2017-12-22T00:00:00", "id": "OPENVAS:862360", "href": "http://plugins.openvas.org/nasl.php?oid=862360", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2010-13427\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a network traffic analyzer for Unix-ish operating systems.\n\n This package lays base for libpcap, a packet capture and filtering\n library, contains command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface is packaged\n separately to GTK+ package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Fedora 12\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-September/046962.html\");\n script_id(862360);\n script_version(\"$Revision: 8226 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 07:30:26 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-07 07:38:40 +0200 (Tue, 07 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-13427\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2010-2995\", \"CVE-2010-1455\", \"CVE-2010-2992\", \"CVE-2010-2993\");\n script_name(\"Fedora Update for wireshark FEDORA-2010-13427\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.10~1.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-22T13:05:53", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-09-07T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2010-13427", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-1455", "CVE-2010-2992", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286", "CVE-2010-2993"], "modified": "2018-01-22T00:00:00", "id": "OPENVAS:1361412562310862360", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862360", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2010-13427\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a network traffic analyzer for Unix-ish operating systems.\n\n This package lays base for libpcap, a packet capture and filtering\n library, contains command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface is packaged\n separately to GTK+ package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Fedora 12\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-September/046962.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862360\");\n script_version(\"$Revision: 8485 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 08:57:57 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-07 07:38:40 +0200 (Tue, 07 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-13427\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2010-2995\", \"CVE-2010-1455\", \"CVE-2010-2992\", \"CVE-2010-2993\");\n script_name(\"Fedora Update for wireshark FEDORA-2010-13427\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.10~1.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-14T11:48:22", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-09-07T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2010-13416", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286", "CVE-2010-2993"], "modified": "2017-12-14T00:00:00", "id": "OPENVAS:862371", "href": "http://plugins.openvas.org/nasl.php?oid=862371", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2010-13416\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a network traffic analyzer for Unix-ish operating systems.\n\n This package lays base for libpcap, a packet capture and filtering\n library, contains command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface is packaged\n separately to GTK+ package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Fedora 13\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-September/046957.html\");\n script_id(862371);\n script_version(\"$Revision: 8109 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-14 07:31:15 +0100 (Thu, 14 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-07 07:38:40 +0200 (Tue, 07 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-13416\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2010-2995\", \"CVE-2010-2992\", \"CVE-2010-2993\");\n script_name(\"Fedora Update for wireshark FEDORA-2010-13416\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.10~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:53:59", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-09-07T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2010-13416", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286", "CVE-2010-2993"], "modified": "2017-12-27T00:00:00", "id": "OPENVAS:1361412562310862371", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862371", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2010-13416\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a network traffic analyzer for Unix-ish operating systems.\n\n This package lays base for libpcap, a packet capture and filtering\n library, contains command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface is packaged\n separately to GTK+ package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Fedora 13\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-September/046957.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862371\");\n script_version(\"$Revision: 8250 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 08:29:15 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-07 07:38:40 +0200 (Tue, 07 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-13416\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2010-2995\", \"CVE-2010-2992\", \"CVE-2010-2993\");\n script_name(\"Fedora Update for wireshark FEDORA-2010-13416\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.10~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:34", "description": "Oracle Linux Local Security Checks ELSA-2010-0625", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2010-0625", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122329", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122329", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2010-0625.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122329\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:16:55 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2010-0625\");\n script_tag(name:\"insight\", value:\"ELSA-2010-0625 - wireshark security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2010-0625\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2010-0625.html\");\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2995\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.0.1.el5_5.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.0.1.el5_5.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-18T10:57:48", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-08-13T00:00:00", "type": "openvas", "title": "RedHat Update for wireshark RHSA-2010:0625-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286"], "modified": "2017-12-18T00:00:00", "id": "OPENVAS:870307", "href": "http://plugins.openvas.org/nasl.php?oid=870307", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for wireshark RHSA-2010:0625-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Multiple buffer overflow flaws were found in the Wireshark SigComp\n Universal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read\n a malformed packet off a network or opened a malicious dump file, it could\n crash or, possibly, execute arbitrary code as the user running Wireshark.\n (CVE-2010-2287, CVE-2010-2995)\n\n Several denial of service flaws were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off a network, or\n opened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284,\n CVE-2010-2286)\n\n Users of Wireshark should upgrade to these updated packages, which contain\n Wireshark version 1.0.15, and resolve these issues. All running instances\n of Wireshark must be restarted for the update to take effect.\";\n\ntag_affected = \"wireshark on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 3,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-August/msg00017.html\");\n script_id(870307);\n script_version(\"$Revision: 8153 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-18 07:30:39 +0100 (Mon, 18 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-13 14:24:53 +0200 (Fri, 13 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2010:0625-01\");\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2995\");\n script_name(\"RedHat Update for wireshark RHSA-2010:0625-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.15~1.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.15~1.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~EL3.1\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.15~EL3.1\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~EL3.1\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:09", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "CentOS Update for wireshark CESA-2010:0625 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286"], "modified": "2017-12-22T00:00:00", "id": "OPENVAS:880413", "href": "http://plugins.openvas.org/nasl.php?oid=880413", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for wireshark CESA-2010:0625 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Multiple buffer overflow flaws were found in the Wireshark SigComp\n Universal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read\n a malformed packet off a network or opened a malicious dump file, it could\n crash or, possibly, execute arbitrary code as the user running Wireshark.\n (CVE-2010-2287, CVE-2010-2995)\n\n Several denial of service flaws were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off a network, or\n opened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284,\n CVE-2010-2286)\n\n Users of Wireshark should upgrade to these updated packages, which contain\n Wireshark version 1.0.15, and resolve these issues. All running instances\n of Wireshark must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-August/016932.html\");\n script_id(880413);\n script_version(\"$Revision: 8226 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 07:30:26 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2010:0625\");\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2995\");\n script_name(\"CentOS Update for wireshark CESA-2010:0625 centos4 i386\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.el4_8.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.el4_8.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-08T12:53:34", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-08-13T00:00:00", "type": "openvas", "title": "RedHat Update for wireshark RHSA-2010:0625-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286"], "modified": "2018-01-05T00:00:00", "id": "OPENVAS:1361412562310870307", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870307", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for wireshark RHSA-2010:0625-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Multiple buffer overflow flaws were found in the Wireshark SigComp\n Universal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read\n a malformed packet off a network or opened a malicious dump file, it could\n crash or, possibly, execute arbitrary code as the user running Wireshark.\n (CVE-2010-2287, CVE-2010-2995)\n\n Several denial of service flaws were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off a network, or\n opened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284,\n CVE-2010-2286)\n\n Users of Wireshark should upgrade to these updated packages, which contain\n Wireshark version 1.0.15, and resolve these issues. All running instances\n of Wireshark must be restarted for the update to take effect.\";\n\ntag_affected = \"wireshark on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 3,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-August/msg00017.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870307\");\n script_version(\"$Revision: 8296 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 08:28:01 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-13 14:24:53 +0200 (Fri, 13 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2010:0625-01\");\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2995\");\n script_name(\"RedHat Update for wireshark RHSA-2010:0625-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.15~1.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.15~1.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~EL3.1\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.15~EL3.1\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~EL3.1\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-22T13:05:36", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "CentOS Update for wireshark CESA-2010:0625 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286"], "modified": "2018-01-22T00:00:00", "id": "OPENVAS:1361412562310880413", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880413", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for wireshark CESA-2010:0625 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Multiple buffer overflow flaws were found in the Wireshark SigComp\n Universal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read\n a malformed packet off a network or opened a malicious dump file, it could\n crash or, possibly, execute arbitrary code as the user running Wireshark.\n (CVE-2010-2287, CVE-2010-2995)\n\n Several denial of service flaws were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off a network, or\n opened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284,\n CVE-2010-2286)\n\n Users of Wireshark should upgrade to these updated packages, which contain\n Wireshark version 1.0.15, and resolve these issues. All running instances\n of Wireshark must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-August/016932.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880413\");\n script_version(\"$Revision: 8485 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 08:57:57 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2010:0625\");\n script_cve_id(\"CVE-2010-1455\", \"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2995\");\n script_name(\"CentOS Update for wireshark CESA-2010:0625 centos4 i386\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.el4_8.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.el4_8.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-18T11:05:20", "description": "Check for the Version of rpmdrake", "cvss3": {}, "published": "2010-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for rpmdrake MDVA-2010:113 (rpmdrake)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2285", "CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2283", "CVE-2010-2286"], "modified": "2018-01-17T00:00:00", "id": "OPENVAS:1361412562310830968", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830968", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for rpmdrake MDVA-2010:113 (rpmdrake)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"rpmdrake on Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64\";\ntag_insight = \"This update fixes rpmdrake behavior when suggesting packages from\n disabled backports media (#40556).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-04/msg00001.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830968\");\n script_version(\"$Revision: 8440 $\");\n script_cve_id(\"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\",\n \"CVE-2010-2287\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 08:58:46 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-09 11:11:25 +0200 (Fri, 09 Apr 2010)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVA\", value: \"2010:113\");\n script_name(\"Mandriva Update for rpmdrake MDVA-2010:113 (rpmdrake)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rpmdrake\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"rpmdrake\", rpm:\"rpmdrake~5.23.1~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:17", "description": "The remote host is missing an update to wireshark\nannounced via advisory DSA 2066-1.", "cvss3": {}, "published": "2010-07-06T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2066-1 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2285", "CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2283", "CVE-2010-2286"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:67638", "href": "http://plugins.openvas.org/nasl.php?oid=67638", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2066_1.nasl 6614 2017-07-07 12:09:12Z cfischer $\n# Description: Auto-generated from advisory DSA 2066-1 (wireshark)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in the Wireshark\nnetwork traffic analyzer. It was discovered that null pointer\ndereferences, buffer overflows and infinite loops in the SMB, SMB\nPIPE, ASN1.1 and SigComp dissectors could lead to denial of service\nor the execution of arbitrary code.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.0.2-3+lenny9.\n\nFor the upcoming stable distribution (squeeze) and the unstable\ndistribution (sid), these problems have been fixed in version\n1.2.9-1.\n\nWe recommend that you upgrade your wireshark packages.\";\ntag_summary = \"The remote host is missing an update to wireshark\nannounced via advisory DSA 2066-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202066-1\";\n\n\nif(description)\n{\n script_id(67638);\n script_version(\"$Revision: 6614 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:12 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-06 02:35:12 +0200 (Tue, 06 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\");\n script_name(\"Debian Security Advisory DSA 2066-1 (wireshark)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.0.2-3+lenny9\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.0.2-3+lenny9\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.0.2-3+lenny9\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tshark\", ver:\"1.0.2-3+lenny9\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-20T13:18:49", "description": "Check for the Version of rpmdrake", "cvss3": {}, "published": "2010-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for rpmdrake MDVA-2010:113 (rpmdrake)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2285", "CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2283", "CVE-2010-2286"], "modified": "2017-12-19T00:00:00", "id": "OPENVAS:830968", "href": "http://plugins.openvas.org/nasl.php?oid=830968", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for rpmdrake MDVA-2010:113 (rpmdrake)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"rpmdrake on Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64\";\ntag_insight = \"This update fixes rpmdrake behavior when suggesting packages from\n disabled backports media (#40556).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-04/msg00001.php\");\n script_id(830968);\n script_version(\"$Revision: 8164 $\");\n script_cve_id(\"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\",\n \"CVE-2010-2287\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 07:30:41 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-09 11:11:25 +0200 (Fri, 09 Apr 2010)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVA\", value: \"2010:113\");\n script_name(\"Mandriva Update for rpmdrake MDVA-2010:113 (rpmdrake)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rpmdrake\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"rpmdrake\", rpm:\"rpmdrake~5.23.1~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-18T10:58:25", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-06-11T00:00:00", "type": "openvas", "title": "Mandriva Update for wireshark MDVSA-2010:113 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2285", "CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2283", "CVE-2010-2286"], "modified": "2017-12-18T00:00:00", "id": "OPENVAS:831071", "href": "http://plugins.openvas.org/nasl.php?oid=831071", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for wireshark MDVSA-2010:113 (wireshark)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This advisory updates wireshark to the latest version(s), fixing\n several security issues:\n\n * The SMB dissector could dereference a NULL pointer. (Bug 4734)\n * J. Oquendo discovered that the ASN.1 BER dissector could overrun\n the stack.\n * The SMB PIPE dissector could dereference a NULL pointer on some\n platforms.\n * The SigComp Universal Decompressor Virtual Machine could go into\n an infinite loop. (Bug 4826)\n * The SigComp Universal Decompressor Virtual Machine could overrun\n a buffer. (Bug 4837)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-06/msg00009.php\");\n script_id(831071);\n script_cve_id(\"CVE-2010-2283\",\"CVE-2010-2284\",\"CVE-2010-2285\",\"CVE-2010-2286\",\"CVE-2010-2287\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 8153 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-18 07:30:39 +0100 (Mon, 18 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-11 13:46:51 +0200 (Fri, 11 Jun 2010)\");\n script_xref(name: \"MDVSA\", value: \"2010:113\");\n script_name(\"Mandriva Update for wireshark MDVSA-2010:113 (wireshark)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-08T12:54:28", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-06-11T00:00:00", "type": "openvas", "title": "Mandriva Update for wireshark MDVSA-2010:113 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2285", "CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2283", "CVE-2010-2286"], "modified": "2018-01-05T00:00:00", "id": "OPENVAS:1361412562310831071", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831071", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for wireshark MDVSA-2010:113 (wireshark)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This advisory updates wireshark to the latest version(s), fixing\n several security issues:\n\n * The SMB dissector could dereference a NULL pointer. (Bug 4734)\n * J. Oquendo discovered that the ASN.1 BER dissector could overrun\n the stack.\n * The SMB PIPE dissector could dereference a NULL pointer on some\n platforms.\n * The SigComp Universal Decompressor Virtual Machine could go into\n an infinite loop. (Bug 4826)\n * The SigComp Universal Decompressor Virtual Machine could overrun\n a buffer. (Bug 4837)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-06/msg00009.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831071\");\n script_cve_id(\"CVE-2010-2283\",\"CVE-2010-2284\",\"CVE-2010-2285\",\"CVE-2010-2286\",\"CVE-2010-2287\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 8296 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 08:28:01 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-11 13:46:51 +0200 (Fri, 11 Jun 2010)\");\n script_xref(name: \"MDVSA\", value: \"2010:113\");\n script_name(\"Mandriva Update for wireshark MDVSA-2010:113 (wireshark)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.14~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.2.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.14~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-22T13:05:55", "description": "The remote host is missing an update to wireshark\nannounced via advisory DSA 2066-1.", "cvss3": {}, "published": "2010-07-06T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2066-1 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2285", "CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2283", "CVE-2010-2286"], "modified": "2018-01-22T00:00:00", "id": "OPENVAS:136141256231067638", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231067638", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2066_1.nasl 8485 2018-01-22 07:57:57Z teissa $\n# Description: Auto-generated from advisory DSA 2066-1 (wireshark)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in the Wireshark\nnetwork traffic analyzer. It was discovered that null pointer\ndereferences, buffer overflows and infinite loops in the SMB, SMB\nPIPE, ASN1.1 and SigComp dissectors could lead to denial of service\nor the execution of arbitrary code.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.0.2-3+lenny9.\n\nFor the upcoming stable distribution (squeeze) and the unstable\ndistribution (sid), these problems have been fixed in version\n1.2.9-1.\n\nWe recommend that you upgrade your wireshark packages.\";\ntag_summary = \"The remote host is missing an update to wireshark\nannounced via advisory DSA 2066-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202066-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.67638\");\n script_version(\"$Revision: 8485 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 08:57:57 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-06 02:35:12 +0200 (Tue, 06 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\");\n script_name(\"Debian Security Advisory DSA 2066-1 (wireshark)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.0.2-3+lenny9\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.0.2-3+lenny9\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.0.2-3+lenny9\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tshark\", ver:\"1.0.2-3+lenny9\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:30", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2011-01-14T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2011-0167", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2283", "CVE-2010-2286", "CVE-2010-4538"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:862791", "href": "http://plugins.openvas.org/nasl.php?oid=862791", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2011-0167\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a network traffic analyzer for Unix-ish operating systems.\n\n This package lays base for libpcap, a packet capture and filtering\n library, contains command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface is packaged\n separately to GTK+ package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Fedora 13\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053061.html\");\n script_id(862791);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-14 16:07:43 +0100 (Fri, 14 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-0167\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2010-4538\");\n script_name(\"Fedora Update for wireshark FEDORA-2011-0167\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.13~2.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:46", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-01-14T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2011-0167", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2283", "CVE-2010-2286", "CVE-2010-4538"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310862791", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862791", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2011-0167\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053061.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862791\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-14 16:07:43 +0100 (Fri, 14 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-0167\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2010-4538\");\n script_name(\"Fedora Update for wireshark FEDORA-2011-0167\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"wireshark on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.13~2.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:31", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-02-04T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2011-0460", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2011-0444", "CVE-2010-2283", "CVE-2010-2286", "CVE-2011-0445"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310862831", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862831", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2011-0460\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053669.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862831\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-04 14:19:53 +0100 (Fri, 04 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-0460\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2011-0444\", \"CVE-2011-0445\");\n script_name(\"Fedora Update for wireshark FEDORA-2011-0460\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"wireshark on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.14~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:50", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2011-05-05T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2011-5529", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2011-1590", "CVE-2010-2283", "CVE-2010-2286", "CVE-2011-1591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863056", "href": "http://plugins.openvas.org/nasl.php?oid=863056", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2011-5529\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a network traffic analyzer for Unix-ish operating systems.\n\n This package lays base for libpcap, a packet capture and filtering\n library, contains command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface is packaged\n separately to GTK+ package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Fedora 13\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html\");\n script_id(863056);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-05 07:14:22 +0200 (Thu, 05 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-5529\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2011-1590\", \"CVE-2011-1591\");\n script_name(\"Fedora Update for wireshark FEDORA-2011-5529\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.16~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:24", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2011-02-04T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2011-0460", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2011-0444", "CVE-2010-2283", "CVE-2010-2286", "CVE-2011-0445"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:862831", "href": "http://plugins.openvas.org/nasl.php?oid=862831", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2011-0460\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a network traffic analyzer for Unix-ish operating systems.\n\n This package lays base for libpcap, a packet capture and filtering\n library, contains command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface is packaged\n separately to GTK+ package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Fedora 13\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053669.html\");\n script_id(862831);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-04 14:19:53 +0100 (Fri, 04 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-0460\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2011-0444\", \"CVE-2011-0445\");\n script_name(\"Fedora Update for wireshark FEDORA-2011-0460\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.14~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:37", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-05-05T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2011-5529", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2011-1590", "CVE-2010-2283", "CVE-2010-2286", "CVE-2011-1591"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863056", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863056", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2011-5529\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863056\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-05 07:14:22 +0200 (Thu, 05 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-5529\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2011-1590\", \"CVE-2011-1591\");\n script_name(\"Fedora Update for wireshark FEDORA-2011-5529\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"wireshark on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.16~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-20T13:18:30", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-08-06T00:00:00", "type": "openvas", "title": "Mandriva Update for wireshark MDVSA-2010:144 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287"], "modified": "2017-12-19T00:00:00", "id": "OPENVAS:831120", "href": "http://plugins.openvas.org/nasl.php?oid=831120", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for wireshark MDVSA-2010:144 (wireshark)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This advisory updates wireshark to the latest version(s), fixing\n several security issues:\n\n Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through\n 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack\n vectors (CVE-2010-2284).\n \n Buffer overflow in the SigComp Universal Decompressor Virtual Machine\n dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8\n has unknown impact and remote attack vectors (CVE-2010-2287).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-08/msg00000.php\");\n script_id(831120);\n script_version(\"$Revision: 8164 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 07:30:41 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-06 10:34:50 +0200 (Fri, 06 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2010:144\");\n script_cve_id(\"CVE-2010-2284\", \"CVE-2010-2287\");\n script_name(\"Mandriva Update for wireshark MDVSA-2010:144 (wireshark)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-17T11:05:48", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-08-06T00:00:00", "type": "openvas", "title": "Mandriva Update for wireshark MDVSA-2010:144 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287"], "modified": "2018-01-16T00:00:00", "id": "OPENVAS:1361412562310831120", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831120", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for wireshark MDVSA-2010:144 (wireshark)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This advisory updates wireshark to the latest version(s), fixing\n several security issues:\n\n Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through\n 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack\n vectors (CVE-2010-2284).\n \n Buffer overflow in the SigComp Universal Decompressor Virtual Machine\n dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8\n has unknown impact and remote attack vectors (CVE-2010-2287).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-08/msg00000.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831120\");\n script_version(\"$Revision: 8438 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-16 18:38:23 +0100 (Tue, 16 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-06 10:34:50 +0200 (Fri, 06 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2010:144\");\n script_cve_id(\"CVE-2010-2284\", \"CVE-2010-2287\");\n script_name(\"Mandriva Update for wireshark MDVSA-2010:144 (wireshark)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.15~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.2.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.15~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:24", "description": "The remote host is missing an update to wireshark\nannounced via advisory DSA 2101-1.", "cvss3": {}, "published": "2010-10-10T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2101-1 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2995", "CVE-2010-2994"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:67988", "href": "http://plugins.openvas.org/nasl.php?oid=67988", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2101_1.nasl 6614 2017-07-07 12:09:12Z cfischer $\n# Description: Auto-generated from advisory DSA 2101-1 (wireshark)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several implementation errors in the dissector of the Wireshark network\ntraffic analyzer for the ASN.1 BER protocol and in the SigComp Universal\nDecompressor Virtual Machine may lead to the execution of arbitrary code.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.0.2-3+lenny10.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.2.10-1.\n\nWe recommend that you upgrade your wireshark packages.\";\ntag_summary = \"The remote host is missing an update to wireshark\nannounced via advisory DSA 2101-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202101-1\";\n\n\nif(description)\n{\n script_id(67988);\n script_version(\"$Revision: 6614 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:12 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-10-10 19:35:00 +0200 (Sun, 10 Oct 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-2994\", \"CVE-2010-2995\");\n script_name(\"Debian Security Advisory DSA 2101-1 (wireshark)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.0.2-3+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tshark\", ver:\"1.0.2-3+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.0.2-3+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.0.2-3+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-19T15:05:08", "description": "The remote host is missing an update to wireshark\nannounced via advisory DSA 2101-1.", "cvss3": {}, "published": "2010-10-10T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2101-1 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2995", "CVE-2010-2994"], "modified": "2018-01-18T00:00:00", "id": "OPENVAS:136141256231067988", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231067988", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2101_1.nasl 8457 2018-01-18 07:58:32Z teissa $\n# Description: Auto-generated from advisory DSA 2101-1 (wireshark)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several implementation errors in the dissector of the Wireshark network\ntraffic analyzer for the ASN.1 BER protocol and in the SigComp Universal\nDecompressor Virtual Machine may lead to the execution of arbitrary code.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.0.2-3+lenny10.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.2.10-1.\n\nWe recommend that you upgrade your wireshark packages.\";\ntag_summary = \"The remote host is missing an update to wireshark\nannounced via advisory DSA 2101-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202101-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.67988\");\n script_version(\"$Revision: 8457 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-18 08:58:32 +0100 (Thu, 18 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-10-10 19:35:00 +0200 (Sun, 10 Oct 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-2994\", \"CVE-2010-2995\");\n script_name(\"Debian Security Advisory DSA 2101-1 (wireshark)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.0.2-3+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tshark\", ver:\"1.0.2-3+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.0.2-3+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.0.2-3+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:32", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2011-03-15T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2011-2620", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2283", "CVE-2010-2286", "CVE-2011-0713", "CVE-2011-1141", "CVE-2010-3445", "CVE-2011-1143", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-0538", "CVE-2011-1138"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:862907", "href": "http://plugins.openvas.org/nasl.php?oid=862907", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2011-2620\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a network traffic analyzer for Unix-ish operating systems.\n\n This package lays base for libpcap, a packet capture and filtering\n library, contains command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface is packaged\n separately to GTK+ package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Fedora 13\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html\");\n script_id(862907);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-15 14:58:18 +0100 (Tue, 15 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-2620\");\n script_cve_id(\"CVE-2011-0538\", \"CVE-2010-3445\", \"CVE-2011-1143\", \"CVE-2011-1140\", \"CVE-2011-1141\", \"CVE-2011-1138\", \"CVE-2011-1139\", \"CVE-2011-0713\", \"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\");\n script_name(\"Fedora Update for wireshark FEDORA-2011-2620\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.15~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-03-15T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2011-2620", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2283", "CVE-2010-2286", "CVE-2011-0713", "CVE-2011-1141", "CVE-2010-3445", "CVE-2011-1143", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-0538", "CVE-2011-1138"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310862907", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862907", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2011-2620\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862907\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-15 14:58:18 +0100 (Tue, 15 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-2620\");\n script_cve_id(\"CVE-2011-0538\", \"CVE-2010-3445\", \"CVE-2011-1143\", \"CVE-2011-1140\", \"CVE-2011-1141\", \"CVE-2011-1138\", \"CVE-2011-1139\", \"CVE-2011-0713\", \"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\");\n script_name(\"Fedora Update for wireshark FEDORA-2011-2620\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"wireshark on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.15~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-06-20T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2011-7858", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2174", "CVE-2010-2284", "CVE-2010-2287", "CVE-2011-2175", "CVE-2011-1959", "CVE-2010-2283", "CVE-2010-2286", "CVE-2011-1957", "CVE-2011-1958"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863282", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863282", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2011-7858\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863282\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-20 08:37:08 +0200 (Mon, 20 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-7858\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2011-2175\", \"CVE-2011-2174\", \"CVE-2011-1959\", \"CVE-2011-1957\", \"CVE-2011-1958\");\n script_name(\"Fedora Update for wireshark FEDORA-2011-7858\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"wireshark on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.17~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:30", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2011-06-20T00:00:00", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2011-7858", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2174", "CVE-2010-2284", "CVE-2010-2287", "CVE-2011-2175", "CVE-2011-1959", "CVE-2010-2283", "CVE-2010-2286", "CVE-2011-1957", "CVE-2011-1958"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863282", "href": "http://plugins.openvas.org/nasl.php?oid=863282", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2011-7858\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a network traffic analyzer for Unix-ish operating systems.\n\n This package lays base for libpcap, a packet capture and filtering\n library, contains command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface is packaged\n separately to GTK+ package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Fedora 13\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html\");\n script_id(863282);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-20 08:37:08 +0200 (Mon, 20 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-7858\");\n script_cve_id(\"CVE-2010-2287\", \"CVE-2010-2286\", \"CVE-2010-2284\", \"CVE-2010-2283\", \"CVE-2011-2175\", \"CVE-2011-2174\", \"CVE-2011-1959\", \"CVE-2011-1957\", \"CVE-2011-1958\");\n script_name(\"Fedora Update for wireshark FEDORA-2011-7858\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.17~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:24", "description": "Oracle Linux Local Security Checks ELSA-2011-0013", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-0013", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4300", "CVE-2010-3445", "CVE-2010-4538"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122284", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122284", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-0013.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122284\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:15:58 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-0013\");\n script_tag(name:\"insight\", value:\"ELSA-2011-0013 - wireshark security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-0013\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-0013.html\");\n script_cve_id(\"CVE-2010-3445\", \"CVE-2010-4300\", \"CVE-2010-4538\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.0.1.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.0.1.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.13~1.0.1.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"wireshark-devel\", rpm:\"wireshark-devel~1.2.13~1.0.1.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.2.13~1.0.1.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:31", "description": "The remote host is missing updates announced in\nadvisory GLSA 201110-02.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201110-02 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0024", "CVE-2010-2285", "CVE-2011-1142", "CVE-2011-1592", "CVE-2011-2174", "CVE-2011-3482", "CVE-2010-2284", "CVE-2010-2287", "CVE-2011-2175", "CVE-2011-1590", "CVE-2011-3360", "CVE-2011-1959", "CVE-2011-2597", "CVE-2011-2698", "CVE-2011-0444", "CVE-2010-2992", "CVE-2010-4300", "CVE-2010-3133", "CVE-2011-3483", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286", "CVE-2011-0713", "CVE-2011-1957", "CVE-2010-4301", "CVE-2011-1141", "CVE-2010-3445", "CVE-2011-1143", "CVE-2010-4538", "CVE-2011-3266", "CVE-2010-2993", "CVE-2011-1139", "CVE-2011-1956", "CVE-2011-1140", "CVE-2010-2994", "CVE-2011-0538", "CVE-2011-1958", "CVE-2011-1138", "CVE-2011-1591", "CVE-2011-0445"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:136141256231070765", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070765", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201110_02.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70765\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2992\", \"CVE-2010-2993\", \"CVE-2010-2994\", \"CVE-2010-2995\", \"CVE-2010-3133\", \"CVE-2010-3445\", \"CVE-2010-4300\", \"CVE-2010-4301\", \"CVE-2010-4538\", \"CVE-2011-0024\", \"CVE-2011-0444\", \"CVE-2011-0445\", \"CVE-2011-0538\", \"CVE-2011-0713\", \"CVE-2011-1138\", \"CVE-2011-1139\", \"CVE-2011-1140\", \"CVE-2011-1141\", \"CVE-2011-1142\", \"CVE-2011-1143\", \"CVE-2011-1590\", \"CVE-2011-1591\", \"CVE-2011-1592\", \"CVE-2011-1956\", \"CVE-2011-1957\", \"CVE-2011-1958\", \"CVE-2011-1959\", \"CVE-2011-2174\", \"CVE-2011-2175\", \"CVE-2011-2597\", \"CVE-2011-2698\", \"CVE-2011-3266\", \"CVE-2011-3360\", \"CVE-2011-3482\", \"CVE-2011-3483\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 10:04:38 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201110-02 (wireshark)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities in Wireshark allow for the remote\n execution of arbitrary code, or a Denial of Service condition.\");\n script_tag(name:\"solution\", value:\"All Wireshark users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/wireshark-1.4.9'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201110-02\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=323859\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=330479\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=339401\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=346191\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=350551\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=354197\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=357237\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=363895\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=369683\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=373961\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=381551\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=383823\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=386179\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201110-02.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"net-analyzer/wireshark\", unaffected: make_list(\"ge 1.4.9\"), vulnerable: make_list(\"lt 1.4.9\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:50:48", "description": "The remote host is missing updates announced in\nadvisory GLSA 201110-02.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201110-02 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0024", "CVE-2010-2285", "CVE-2011-1142", "CVE-2011-1592", "CVE-2011-2174", "CVE-2011-3482", "CVE-2010-2284", "CVE-2010-2287", "CVE-2011-2175", "CVE-2011-1590", "CVE-2011-3360", "CVE-2011-1959", "CVE-2011-2597", "CVE-2011-2698", "CVE-2011-0444", "CVE-2010-2992", "CVE-2010-4300", "CVE-2010-3133", "CVE-2011-3483", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286", "CVE-2011-0713", "CVE-2011-1957", "CVE-2010-4301", "CVE-2011-1141", "CVE-2010-3445", "CVE-2011-1143", "CVE-2010-4538", "CVE-2011-3266", "CVE-2010-2993", "CVE-2011-1139", "CVE-2011-1956", "CVE-2011-1140", "CVE-2010-2994", "CVE-2011-0538", "CVE-2011-1958", "CVE-2011-1138", "CVE-2011-1591", "CVE-2011-0445"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:70765", "href": "http://plugins.openvas.org/nasl.php?oid=70765", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities in Wireshark allow for the remote\n execution of arbitrary code, or a Denial of Service condition.\";\ntag_solution = \"All Wireshark users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/wireshark-1.4.9'\n \n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201110-02\nhttp://bugs.gentoo.org/show_bug.cgi?id=323859\nhttp://bugs.gentoo.org/show_bug.cgi?id=330479\nhttp://bugs.gentoo.org/show_bug.cgi?id=339401\nhttp://bugs.gentoo.org/show_bug.cgi?id=346191\nhttp://bugs.gentoo.org/show_bug.cgi?id=350551\nhttp://bugs.gentoo.org/show_bug.cgi?id=354197\nhttp://bugs.gentoo.org/show_bug.cgi?id=357237\nhttp://bugs.gentoo.org/show_bug.cgi?id=363895\nhttp://bugs.gentoo.org/show_bug.cgi?id=369683\nhttp://bugs.gentoo.org/show_bug.cgi?id=373961\nhttp://bugs.gentoo.org/show_bug.cgi?id=381551\nhttp://bugs.gentoo.org/show_bug.cgi?id=383823\nhttp://bugs.gentoo.org/show_bug.cgi?id=386179\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201110-02.\";\n\n \n \nif(description)\n{\n script_id(70765);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-2283\", \"CVE-2010-2284\", \"CVE-2010-2285\", \"CVE-2010-2286\", \"CVE-2010-2287\", \"CVE-2010-2992\", \"CVE-2010-2993\", \"CVE-2010-2994\", \"CVE-2010-2995\", \"CVE-2010-3133\", \"CVE-2010-3445\", \"CVE-2010-4300\", \"CVE-2010-4301\", \"CVE-2010-4538\", \"CVE-2011-0024\", \"CVE-2011-0444\", \"CVE-2011-0445\", \"CVE-2011-0538\", \"CVE-2011-0713\", \"CVE-2011-1138\", \"CVE-2011-1139\", \"CVE-2011-1140\", \"CVE-2011-1141\", \"CVE-2011-1142\", \"CVE-2011-1143\", \"CVE-2011-1590\", \"CVE-2011-1591\", \"CVE-2011-1592\", \"CVE-2011-1956\", \"CVE-2011-1957\", \"CVE-2011-1958\", \"CVE-2011-1959\", \"CVE-2011-2174\", \"CVE-2011-2175\", \"CVE-2011-2597\", \"CVE-2011-2698\", \"CVE-2011-3266\", \"CVE-2011-3360\", \"CVE-2011-3482\", \"CVE-2011-3483\");\n script_version(\"$Revision: 6593 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:18:14 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 10:04:38 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201110-02 (wireshark)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"net-analyzer/wireshark\", unaffected: make_list(\"ge 1.4.9\"), vulnerable: make_list(\"lt 1.4.9\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-19T10:48:48", "description": "This host is installed with Wireshark and is prone to denial of\n service vulnerability.", "cvss3": {}, "published": "2010-12-09T00:00:00", "type": "openvas", "title": "Wireshark ZigBee ZCL Dissector Denial of Service Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4301"], "modified": "2017-07-04T00:00:00", "id": "OPENVAS:801554", "href": "http://plugins.openvas.org/nasl.php?oid=801554", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_zigbee_zcl_dissector_dos_vuln_win.nasl 6519 2017-07-04 14:08:14Z cfischer $\n#\n# Wireshark ZigBee ZCL Dissector Denial of Service Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to crash the application.\n Impact Level: Application\";\ntag_affected = \"Wireshark version 1.4.0 to 1.4.1\";\ntag_insight = \"The flaw is due to error in 'epan/dissectors/packet-zbee-zcl.c' in the\n ZigBee ZCL dissector, which allows remote attackers to cause a denial of\n service (infinite loop) via a crafted ZCL packet.\";\ntag_solution = \"Upgrade to Wireshark 1.4.2 or later,\n For updates refer to http://www.wireshark.org/download\";\ntag_summary = \"This host is installed with Wireshark and is prone to denial of\n service vulnerability.\";\n\nif(description)\n{\n script_id(801554);\n script_version(\"$Revision: 6519 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-04 16:08:14 +0200 (Tue, 04 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-09 06:36:39 +0100 (Thu, 09 Dec 2010)\");\n script_cve_id(\"CVE-2010-4301\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Wireshark ZigBee ZCL Dissector Denial of Service Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/42290\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2010/3038\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-14.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Confirm Windows\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\n## Check version from 1.4.0 through 1.4.1\nif(version_in_range(version:sharkVer, test_version:\"1.4.0\", test_version2:\"1.4.1\")){\n security_message(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:32", "description": "This host is installed with Wireshark and is prone to denial of\n service vulnerability.", "cvss3": {}, "published": "2012-05-04T00:00:00", "type": "openvas", "title": "Wireshark ZigBee ZCL Dissector Denial of Service Vulnerability (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4301"], "modified": "2017-04-17T00:00:00", "id": "OPENVAS:802846", "href": "http://plugins.openvas.org/nasl.php?oid=802846", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_zigbee_zcl_dissector_dos_vuln_macosx.nasl 5958 2017-04-17 09:02:19Z teissa $\n#\n# Wireshark ZigBee ZCL Dissector Denial of Service Vulnerability (Mac OS X)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to crash the application.\n Impact Level: Application\";\ntag_affected = \"Wireshark version 1.4.0 to 1.4.1\";\ntag_insight = \"The flaw is due to an error in 'epan/dissectors/packet-zbee-zcl.c' in\n the ZigBee ZCL dissector, which allows remote attackers to cause a denial of\n service (infinite loop) via a crafted ZCL packet.\";\ntag_solution = \"Upgrade to Wireshark 1.4.2 or later.\n For updates refer to http://www.wireshark.org/download\";\ntag_summary = \"This host is installed with Wireshark and is prone to denial of\n service vulnerability.\";\n\nif(description)\n{\n script_id(802846);\n script_version(\"$Revision: 5958 $\");\n script_cve_id(\"CVE-2010-4301\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-17 11:02:19 +0200 (Mon, 17 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-04 18:39:35 +0530 (Fri, 04 May 2012)\");\n script_name(\"Wireshark ZigBee ZCL Dissector Denial of Service Vulnerability (Mac OS X)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/42290\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2010/3038\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-14.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_require_keys(\"Wireshark/MacOSX/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nsharkVer = \"\";\n\nsharkVer = get_kb_item(\"Wireshark/MacOSX/Version\");\nif(!sharkVer){\n exit(0);\n}\n\n## Check version from 1.4.0 through 1.4.1\nif(version_in_range(version:sharkVer, test_version:\"1.4.0\", test_version2:\"1.4.1\")){\n security_message(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2020-04-27T19:23:08", "description": "This host is installed with Wireshark and is prone to denial of\n service vulnerability.", "cvss3": {}, "published": "2010-12-09T00:00:00", "type": "openvas", "title": "Wireshark ZigBee ZCL Dissector Denial of Service Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4301"], "modified": "2020-04-23T00:00:00", "id": "OPENVAS:1361412562310801554", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801554", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Wireshark ZigBee ZCL Dissector Denial of Service Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801554\");\n script_version(\"2020-04-23T12:22:09+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-23 12:22:09 +0000 (Thu, 23 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2010-12-09 06:36:39 +0100 (Thu, 09 Dec 2010)\");\n script_cve_id(\"CVE-2010-4301\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Wireshark ZigBee ZCL Dissector Denial of Service Vulnerability (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/42290\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2010/3038\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-14.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to crash the application.\");\n script_tag(name:\"affected\", value:\"Wireshark version 1.4.0 to 1.4.1\");\n script_tag(name:\"insight\", value:\"The flaw is due to error in 'epan/dissectors/packet-zbee-zcl.c' in the\n ZigBee ZCL dissector, which allows remote attackers to cause a denial of\n service (infinite loop) via a crafted ZCL packet.\");\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark 1.4.2 or later.\");\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark and is prone to denial of\n service vulnerability.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\nif(version_in_range(version:sharkVer, test_version:\"1.4.0\", test_version2:\"1.4.1\")){\n report = report_fixed_ver(installed_version:sharkVer, vulnerable_range:\"1.4.0 - 1.4.1\");\n security_message(port: 0, data: report);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-04-26T15:07:59", "description": "This host is installed with Wireshark and is prone to denial of\n service vulnerability.", "cvss3": {}, "published": "2012-05-04T00:00:00", "type": "openvas", "title": "Wireshark ZigBee ZCL Dissector Denial of Service Vulnerability (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4301"], "modified": "2020-04-22T00:00:00", "id": "OPENVAS:1361412562310802846", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802846", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Wireshark ZigBee ZCL Dissector Denial of Service Vulnerability (Mac OS X)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802846\");\n script_version(\"2020-04-22T10:27:30+0000\");\n script_cve_id(\"CVE-2010-4301\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-22 10:27:30 +0000 (Wed, 22 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-05-04 18:39:35 +0530 (Fri, 04 May 2012)\");\n script_name(\"Wireshark ZigBee ZCL Dissector Denial of Service Vulnerability (Mac OS X)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/42290\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2010/3038\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-14.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_mandatory_keys(\"Wireshark/MacOSX/Version\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to crash the application.\");\n script_tag(name:\"affected\", value:\"Wireshark version 1.4.0 to 1.4.1\");\n script_tag(name:\"insight\", value:\"The flaw is due to an error in 'epan/dissectors/packet-zbee-zcl.c' in\n the ZigBee ZCL dissector, which allows remote attackers to cause a denial of\n service (infinite loop) via a crafted ZCL packet.\");\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark 1.4.2 or later.\");\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark and is prone to denial of\n service vulnerability.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/MacOSX/Version\");\nif(!sharkVer){\n exit(0);\n}\n\nif(version_in_range(version:sharkVer, test_version:\"1.4.0\", test_version2:\"1.4.1\")){\n report = report_fixed_ver(installed_version:sharkVer, vulnerable_range:\"1.4.0 - 1.4.1\");\n security_message(port:0, data:report);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:40:13", "description": "This host is installed with Wireshark and is prone to\n denial of service vulnerability.", "cvss3": {}, "published": "2010-05-19T00:00:00", "type": "openvas", "title": "Wireshark DOCSIS Dissector Denial of Service Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455"], "modified": "2018-12-04T00:00:00", "id": "OPENVAS:1361412562310801208", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801208", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_docsis_dos_vuln_win.nasl 12653 2018-12-04 15:31:25Z cfischer $\n#\n# Wireshark DOCSIS Dissector Denial of Service Vulnerability (Windows)\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801208\");\n script_version(\"$Revision: 12653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-04 16:31:25 +0100 (Tue, 04 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-19 14:50:39 +0200 (Wed, 19 May 2010)\");\n script_bugtraq_id(39950);\n script_cve_id(\"CVE-2010-1455\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_name(\"Wireshark DOCSIS Dissector Denial of Service Vulnerability (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/39661\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-03.html\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-04.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to crash the application.\");\n script_tag(name:\"affected\", value:\"Wireshark Version 0.9.6 through 1.0.12 and\n Wireshark Version 1.2.0 through 1.2.7\");\n script_tag(name:\"insight\", value:\"The flaw is caused by an error in the DOCSIS (Data Over Cable Service\n Interface Specification) dissector when processing malformed data. An\n attacker can exploit this vulnerability by tricking a user into opening\n a malformed packet trace file.\");\n script_tag(name:\"solution\", value:\"Upgrade to the latest version of Wireshark 1.2.8 or 1.0.13.\");\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark and is prone to\n denial of service vulnerability.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\nif(version_in_range(version:sharkVer, test_version:\"0.9.6\",\n test_version2:\"1.0.12\") || version_in_range(version:sharkVer,\n test_version:\"1.2.0\", test_version2:\"1.2.7\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-22T13:05:44", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2010-05-14T00:00:00", "type": "openvas", "title": "FreeBSD Ports: wireshark", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455"], "modified": "2018-01-22T00:00:00", "id": "OPENVAS:136141256231067389", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231067389", "sourceData": "#\n#VID 28022228-5a0e-11df-942d-0015587e2cc1\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 28022228-5a0e-11df-942d-0015587e2cc1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: wireshark\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.wireshark.org/security/wnpa-sec-2010-03.html\nhttp://www.wireshark.org/security/wnpa-sec-2010-04.html\nhttp://www.vuxml.org/freebsd/28022228-5a0e-11df-942d-0015587e2cc1.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.67389\");\n script_version(\"$Revision: 8485 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 08:57:57 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-14 20:09:58 +0200 (Fri, 14 May 2010)\");\n script_cve_id(\"CVE-2010-1455\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_name(\"FreeBSD Ports: wireshark\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"wireshark\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.2.6_1\")<=0) {\n txt += 'Package wireshark version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-18T10:58:30", "description": "Check for the Version of foomatic-db", "cvss3": {}, "published": "2010-03-12T00:00:00", "type": "openvas", "title": "Mandriva Update for foomatic-db MDVA-2010:099 (foomatic-db)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455"], "modified": "2017-12-18T00:00:00", "id": "OPENVAS:830942", "href": "http://plugins.openvas.org/nasl.php?oid=830942", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for foomatic-db MDVA-2010:099 (foomatic-db)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"There was a regression in certain versions of foomatic-rip 3 and 4,\n which has since been fixed. As a result, old versions fail the LSB\n printing tests.\n\n This advisory updates foomatic-db to 4.0 that passes the LSB tests\n and also provides various updated printing softwares and drivers.\";\n\ntag_affected = \"foomatic-db on Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-03/msg00024.php\");\n script_id(830942);\n script_version(\"$Revision: 8153 $\");\n script_cve_id(\"CVE-2010-1455\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-18 07:30:39 +0100 (Mon, 18 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-12 17:02:32 +0100 (Fri, 12 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVA\", value: \"2010:099\");\n script_name(\"Mandriva Update for foomatic-db MDVA-2010:099 (foomatic-db)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of foomatic-db\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups-drivers-foo2zjs\", rpm:\"cups-drivers-foo2zjs~0.0~0.20090122.2.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-drivers-lbp660\", rpm:\"cups-drivers-lbp660~0.3.1~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-drivers-splix\", rpm:\"cups-drivers-splix~2.0.0~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"foomatic-db\", rpm:\"foomatic-db~4.0~0.20090316.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"foomatic-db-engine\", rpm:\"foomatic-db-engine~4.0.1~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"foomatic-db-hpijs-20090208\", rpm:\"foomatic-db-hpijs-20090208~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"foomatic-filters\", rpm:\"foomatic-filters~4.0.1~1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gutenprint-common\", rpm:\"gutenprint-common~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gutenprint-cups\", rpm:\"gutenprint-cups~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gutenprint-escputil\", rpm:\"gutenprint-escputil~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gutenprint-foomatic\", rpm:\"gutenprint-foomatic~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gutenprint-gimp2\", rpm:\"gutenprint-gimp2~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gutenprint-ijs\", rpm:\"gutenprint-ijs~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hplip\", rpm:\"hplip~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hplip-doc\", rpm:\"hplip-doc~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hplip-gui\", rpm:\"hplip-gui~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hplip-hpijs\", rpm:\"hplip-hpijs~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hplip-hpijs-ppds\", rpm:\"hplip-hpijs-ppds~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hplip-model-data\", rpm:\"hplip-model-data~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgutenprint2\", rpm:\"libgutenprint2~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgutenprint2-devel\", rpm:\"libgutenprint2-devel~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgutenprintui2_1\", rpm:\"libgutenprintui2_1~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgutenprintui2_1-devel\", rpm:\"libgutenprintui2_1-devel~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libhpip0\", rpm:\"libhpip0~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libhpip0-devel\", rpm:\"libhpip0-devel~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpython2.5\", rpm:\"libpython2.5~2.5.2~5.6mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpython2.5-devel\", rpm:\"libpython2.5-devel~2.5.2~5.6mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsane-hpaio1\", rpm:\"libsane-hpaio1~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mtink\", rpm:\"mtink~1.0.14~14.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.5.2~5.6mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.5.2~5.6mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.5.2~5.6mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"system-config-printer\", rpm:\"system-config-printer~1.0.16~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"system-config-printer-libs\", rpm:\"system-config-printer-libs~1.0.16~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"task-printing\", rpm:\"task-printing~2009.0~1.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"task-printing-canon\", rpm:\"task-printing-canon~2009.0~1.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"task-printing-epson\", rpm:\"task-printing-epson~2009.0~1.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"task-printing-hp\", rpm:\"task-printing-hp~2009.0~1.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"task-printing-lexmark\", rpm:\"task-printing-lexmark~2009.0~1.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"task-printing-misc\", rpm:\"task-printing-misc~2009.0~1.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"task-printing-okidata\", rpm:\"task-printing-okidata~2009.0~1.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"task-printing-scanning\", rpm:\"task-printing-scanning~2009.0~1.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"task-printing-server\", rpm:\"task-printing-server~2009.0~1.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.5.2~5.6mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.5.2~5.6mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gutenprint\", rpm:\"gutenprint~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gutenprint2\", rpm:\"lib64gutenprint2~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gutenprint2-devel\", rpm:\"lib64gutenprint2-devel~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gutenprintui2_1\", rpm:\"lib64gutenprintui2_1~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gutenprintui2_1-devel\", rpm:\"lib64gutenprintui2_1-devel~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64hpip0\", rpm:\"lib64hpip0~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64hpip0-devel\", rpm:\"lib64hpip0-devel~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.5\", rpm:\"lib64python2.5~2.5.2~5.6mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.5-devel\", rpm:\"lib64python2.5-devel~2.5.2~5.6mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sane-hpaio1\", rpm:\"lib64sane-hpaio1~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-19T10:49:02", "description": "This host is installed with Wireshark and is prone to\n denial of service vulnerability.", "cvss3": {}, "published": "2010-05-19T00:00:00", "type": "openvas", "title": "Wireshark DOCSIS Dissector Denial of Service Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455"], "modified": "2017-07-04T00:00:00", "id": "OPENVAS:801208", "href": "http://plugins.openvas.org/nasl.php?oid=801208", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_docsis_dos_vuln_win.nasl 6519 2017-07-04 14:08:14Z cfischer $\n#\n# Wireshark DOCSIS Dissector Denial of Service Vulnerability (Windows)\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to crash the application.\n Impact Level: Application\";\ntag_affected = \"Wireshark Version 0.9.6 through 1.0.12 and\n Wireshark Version 1.2.0 through 1.2.7\";\ntag_insight = \"The flaw is caused by an error in the DOCSIS (Data Over Cable Service\n Interface Specification) dissector when processing malformed data. An\n attacker can exploit this vulnerability by tricking a user into opening\n a malformed packet trace file.\";\ntag_solution = \"Upgrade to the latest version of Wireshark 1.2.8 or 1.0.13,\n For updates refer to http://www.wireshark.org/download\";\ntag_summary = \"This host is installed with Wireshark and is prone to\n denial of service vulnerability.\";\n\nif(description)\n{\n script_id(801208);\n script_version(\"$Revision: 6519 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-04 16:08:14 +0200 (Tue, 04 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-19 14:50:39 +0200 (Wed, 19 May 2010)\");\n script_bugtraq_id(39950);\n script_cve_id(\"CVE-2010-1455\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_name(\"Wireshark DOCSIS Dissector Denial of Service Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/39661\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-03.html\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-04.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Confirm Windows\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\n## Check version from 0.9.6 through 1.0.12 or 1.2.0 through 1.2.7\nif(version_in_range(version:sharkVer, test_version:\"0.9.6\",\n test_version2:\"1.0.12\") || version_in_range(version:sharkVer,\n test_version:\"1.2.0\", test_version2:\"1.2.7\")){\n security_message(0);\n}\n\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-18T11:05:22", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-05-28T00:00:00", "type": "openvas", "title": "Mandriva Update for wireshark MDVSA-2010:099 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455"], "modified": "2018-01-17T00:00:00", "id": "OPENVAS:1361412562310831046", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831046", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for wireshark MDVSA-2010:099 (wireshark)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This advisory updates wireshark to the latest version(s), fixing\n several bugs and one security issue:\n\n The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0\n through 1.2.7 allows user-assisted remote attackers to cause a denial\n of service (application crash) via a malformed packet trace file\n (CVE-2010-1455).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-05/msg00021.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831046\");\n script_version(\"$Revision: 8447 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:12:19 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-28 10:00:59 +0200 (Fri, 28 May 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:099\");\n script_cve_id(\"CVE-2010-1455\");\n script_name(\"Mandriva Update for wireshark MDVSA-2010:099 (wireshark)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.2.8~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.2.8~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.2.8~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.2.8~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.2.8~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.8~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.2.8~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.2.8~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.2.8~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-08T12:54:37", "description": "Check for the Version of foomatic-db", "cvss3": {}, "published": "2010-03-12T00:00:00", "type": "openvas", "title": "Mandriva Update for foomatic-db MDVA-2010:099 (foomatic-db)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:1361412562310830942", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830942", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for foomatic-db MDVA-2010:099 (foomatic-db)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"There was a regression in certain versions of foomatic-rip 3 and 4,\n which has since been fixed. As a result, old versions fail the LSB\n printing tests.\n\n This advisory updates foomatic-db to 4.0 that passes the LSB tests\n and also provides various updated printing softwares and drivers.\";\n\ntag_affected = \"foomatic-db on Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-03/msg00024.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830942\");\n script_version(\"$Revision: 8314 $\");\n script_cve_id(\"CVE-2010-1455\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 09:01:01 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-12 17:02:32 +0100 (Fri, 12 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVA\", value: \"2010:099\");\n script_name(\"Mandriva Update for foomatic-db MDVA-2010:099 (foomatic-db)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of foomatic-db\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups-drivers-foo2zjs\", rpm:\"cups-drivers-foo2zjs~0.0~0.20090122.2.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-drivers-lbp660\", rpm:\"cups-drivers-lbp660~0.3.1~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-drivers-splix\", rpm:\"cups-drivers-splix~2.0.0~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"foomatic-db\", rpm:\"foomatic-db~4.0~0.20090316.0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"foomatic-db-engine\", rpm:\"foomatic-db-engine~4.0.1~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"foomatic-db-hpijs-20090208\", rpm:\"foomatic-db-hpijs-20090208~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"foomatic-filters\", rpm:\"foomatic-filters~4.0.1~1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gutenprint-common\", rpm:\"gutenprint-common~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gutenprint-cups\", rpm:\"gutenprint-cups~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gutenprint-escputil\", rpm:\"gutenprint-escputil~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gutenprint-foomatic\", rpm:\"gutenprint-foomatic~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gutenprint-gimp2\", rpm:\"gutenprint-gimp2~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gutenprint-ijs\", rpm:\"gutenprint-ijs~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hplip\", rpm:\"hplip~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hplip-doc\", rpm:\"hplip-doc~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hplip-gui\", rpm:\"hplip-gui~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hplip-hpijs\", rpm:\"hplip-hpijs~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hplip-hpijs-ppds\", rpm:\"hplip-hpijs-ppds~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hplip-model-data\", rpm:\"hplip-model-data~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgutenprint2\", rpm:\"libgutenprint2~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgutenprint2-devel\", rpm:\"libgutenprint2-devel~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgutenprintui2_1\", rpm:\"libgutenprintui2_1~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgutenprintui2_1-devel\", rpm:\"libgutenprintui2_1-devel~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libhpip0\", rpm:\"libhpip0~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libhpip0-devel\", rpm:\"libhpip0-devel~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpython2.5\", rpm:\"libpython2.5~2.5.2~5.6mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpython2.5-devel\", rpm:\"libpython2.5-devel~2.5.2~5.6mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsane-hpaio1\", rpm:\"libsane-hpaio1~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mtink\", rpm:\"mtink~1.0.14~14.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.5.2~5.6mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.5.2~5.6mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.5.2~5.6mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"system-config-printer\", rpm:\"system-config-printer~1.0.16~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"system-config-printer-libs\", rpm:\"system-config-printer-libs~1.0.16~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"task-printing\", rpm:\"task-printing~2009.0~1.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"task-printing-canon\", rpm:\"task-printing-canon~2009.0~1.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"task-printing-epson\", rpm:\"task-printing-epson~2009.0~1.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"task-printing-hp\", rpm:\"task-printing-hp~2009.0~1.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"task-printing-lexmark\", rpm:\"task-printing-lexmark~2009.0~1.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"task-printing-misc\", rpm:\"task-printing-misc~2009.0~1.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"task-printing-okidata\", rpm:\"task-printing-okidata~2009.0~1.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"task-printing-scanning\", rpm:\"task-printing-scanning~2009.0~1.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"task-printing-server\", rpm:\"task-printing-server~2009.0~1.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.5.2~5.6mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.5.2~5.6mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gutenprint\", rpm:\"gutenprint~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gutenprint2\", rpm:\"lib64gutenprint2~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gutenprint2-devel\", rpm:\"lib64gutenprint2-devel~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gutenprintui2_1\", rpm:\"lib64gutenprintui2_1~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gutenprintui2_1-devel\", rpm:\"lib64gutenprintui2_1-devel~5.2.3~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64hpip0\", rpm:\"lib64hpip0~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64hpip0-devel\", rpm:\"lib64hpip0-devel~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.5\", rpm:\"lib64python2.5~2.5.2~5.6mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.5-devel\", rpm:\"lib64python2.5-devel~2.5.2~5.6mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sane-hpaio1\", rpm:\"lib64sane-hpaio1~3.9.2~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-21T11:33:25", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-05-28T00:00:00", "type": "openvas", "title": "Mandriva Update for wireshark MDVSA-2010:099 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455"], "modified": "2017-12-20T00:00:00", "id": "OPENVAS:831046", "href": "http://plugins.openvas.org/nasl.php?oid=831046", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for wireshark MDVSA-2010:099 (wireshark)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This advisory updates wireshark to the latest version(s), fixing\n several bugs and one security issue:\n\n The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0\n through 1.2.7 allows user-assisted remote attackers to cause a denial\n of service (application crash) via a malformed packet trace file\n (CVE-2010-1455).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-05/msg00021.php\");\n script_id(831046);\n script_version(\"$Revision: 8186 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 07:30:34 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-28 10:00:59 +0200 (Fri, 28 May 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:099\");\n script_cve_id(\"CVE-2010-1455\");\n script_name(\"Mandriva Update for wireshark MDVSA-2010:099 (wireshark)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.2.8~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.2.8~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.2.8~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.2.8~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.2.8~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.8~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.2.8~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.2.8~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.2.8~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:09:54", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2010-05-14T00:00:00", "type": "openvas", "title": "FreeBSD Ports: wireshark", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1455"], "modified": "2017-02-10T00:00:00", "id": "OPENVAS:67389", "href": "http://plugins.openvas.org/nasl.php?oid=67389", "sourceData": "#\n#VID 28022228-5a0e-11df-942d-0015587e2cc1\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 28022228-5a0e-11df-942d-0015587e2cc1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: wireshark\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.wireshark.org/security/wnpa-sec-2010-03.html\nhttp://www.wireshark.org/security/wnpa-sec-2010-04.html\nhttp://www.vuxml.org/freebsd/28022228-5a0e-11df-942d-0015587e2cc1.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(67389);\n script_version(\"$Revision: 5263 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-10 14:45:51 +0100 (Fri, 10 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-14 20:09:58 +0200 (Fri, 14 May 2010)\");\n script_cve_id(\"CVE-2010-1455\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_name(\"FreeBSD Ports: wireshark\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"wireshark\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.2.6_1\")<=0) {\n txt += 'Package wireshark version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:13", "description": "The host is installed with Wireshark and is prone to Stack-based\n Buffer Overflow Vulnerability.", "cvss3": {}, "published": "2010-08-19T00:00:00", "type": "openvas", "title": "Wireshark Stack-based Buffer Overflow Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2994"], "modified": "2018-12-04T00:00:00", "id": "OPENVAS:1361412562310801434", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801434", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_dissector_bof_vuln_win.nasl 12653 2018-12-04 15:31:25Z cfischer $\n#\n# Wireshark Stack-based Buffer Overflow Vulnerability (Windows)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801434\");\n script_version(\"$Revision: 12653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-04 16:31:25 +0100 (Tue, 04 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-19 10:23:11 +0200 (Thu, 19 Aug 2010)\");\n script_cve_id(\"CVE-2010-2994\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Wireshark Stack-based Buffer Overflow Vulnerability (Windows)\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-08.html\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\");\n\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to cause buffer overflow.\");\n script_tag(name:\"affected\", value:\"Wireshark version 1.2.0 through 1.2.9\n Wireshark version 0.10.13 through 1.0.14\");\n script_tag(name:\"insight\", value:\"The flaw is due to an error in handling 'ASN.1 BER dissector' which\n could be used to exhaust stack memory.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Wireshark version 1.0.15 or 1.2.10 or later.\");\n script_tag(name:\"summary\", value:\"The host is installed with Wireshark and is prone to Stack-based\n Buffer Overflow Vulnerability.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download.html\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nwiresharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!wiresharkVer){\n exit(0);\n}\n\nif(version_in_range(version:wiresharkVer, test_version:\"1.2.0\", test_version2:\"1.2.9\")||\n version_in_range(version:wiresharkVer, test_version:\"0.10.13\", test_version2:\"1.0.14\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:09:53", "description": "The host is installed with Wireshark and is prone to Stack-based\n Buffer Overflow Vulnerability.", "cvss3": {}, "published": "2010-08-19T00:00:00", "type": "openvas", "title": "Wireshark Stack-based Buffer Overflow Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2994"], "modified": "2017-02-21T00:00:00", "id": "OPENVAS:801434", "href": "http://plugins.openvas.org/nasl.php?oid=801434", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_dissector_bof_vuln_win.nasl 5388 2017-02-21 15:13:30Z teissa $\n#\n# Wireshark Stack-based Buffer Overflow Vulnerability (Windows)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow attackers to cause buffer overflow.\n Impact Level: Application\";\ntag_affected = \"Wireshark version 1.2.0 through 1.2.9\n Wireshark version 0.10.13 through 1.0.14\";\ntag_insight = \"The flaw is due to an error in handling 'ASN.1 BER dissector' which\n could be used to exhaust stack memory.\";\ntag_solution = \"Upgrade to the Wireshark version 1.0.15 or 1.2.10 or later,\n For updates refer to http://www.wireshark.org/download.html\";\ntag_summary = \"The host is installed with Wireshark and is prone to Stack-based\n Buffer Overflow Vulnerability.\";\n\nif(description)\n{\n script_id(801434);\n script_version(\"$Revision: 5388 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-21 16:13:30 +0100 (Tue, 21 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-19 10:23:11 +0200 (Thu, 19 Aug 2010)\");\n script_cve_id(\"CVE-2010-2994\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Wireshark Stack-based Buffer Overflow Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-08.html\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\");\n\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_require_keys(\"Wireshark/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Get the version from KB\nwiresharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!wiresharkVer){\n exit(0);\n}\n\n## Check for Wireshark Version\nif(version_in_range(version:wiresharkVer, test_version:\"1.2.0\", test_version2:\"1.2.9\")||\n version_in_range(version:wiresharkVer, test_version:\"0.10.13\", test_version2:\"1.0.14\")){\n security_message(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:10:00", "description": "This host is installed with Wireshark and is prone to Denial of\n Service vulnerability.", "cvss3": {}, "published": "2010-06-22T00:00:00", "type": "openvas", "title": "Wireshark SMB dissector Denial of Service Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2283"], "modified": "2017-02-23T00:00:00", "id": "OPENVAS:902196", "href": "http://plugins.openvas.org/nasl.php?oid=902196", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_wireshark_smb_dissector_dos_vuln_win.nasl 5401 2017-02-23 09:46:07Z teissa $\n#\n# Wireshark SMB dissector Denial of Service Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow the attackers to crash an affected\n application.\n Impact Level: Application\";\ntag_affected = \"Wireshark version 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8\";\ntag_insight = \"The flaw is caused by a NULL pointer dereference error in the 'SMB' dissector,\n which could be exploited to crash an affected application via unknown vectors.\";\ntag_solution = \"Upgrade to Wireshark version 1.0.14 or 1.2.9:\n For updates refer to http://www.wireshark.org/download.html\";\ntag_summary = \"This host is installed with Wireshark and is prone to Denial of\n Service vulnerability.\";\n\nif(description)\n{\n script_id(902196);\n script_version(\"$Revision: 5401 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-23 10:46:07 +0100 (Thu, 23 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-22 13:34:32 +0200 (Tue, 22 Jun 2010)\");\n script_cve_id(\"CVE-2010-2283\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Wireshark SMB dissector Denial of Service Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/40112\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2010/1418\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-05.html\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-06.html\");\n script_xref(name : \"URL\" , value : \"http://www.openwall.com/lists/oss-security/2010/06/11/1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 SecPod\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_require_keys(\"Wireshark/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\n# Check for Wireshark version\nif(version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.8\") ||\n version_in_range(version:sharkVer, test_version:\"0.99.6\", test_version2:\"1.0.13\")){\n security_message(0);\n}\n", "cvss": {"score": 3.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:11", "description": "This host is installed with Wireshark and is prone to Denial of\n Service vulnerability.", "cvss3": {}, "published": "2010-06-22T00:00:00", "type": "openvas", "title": "Wireshark SMB dissector Denial of Service Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2283"], "modified": "2018-12-04T00:00:00", "id": "OPENVAS:1361412562310902196", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902196", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_wireshark_smb_dissector_dos_vuln_win.nasl 12653 2018-12-04 15:31:25Z cfischer $\n#\n# Wireshark SMB dissector Denial of Service Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902196\");\n script_version(\"$Revision: 12653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-04 16:31:25 +0100 (Tue, 04 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-22 13:34:32 +0200 (Tue, 22 Jun 2010)\");\n script_cve_id(\"CVE-2010-2283\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Wireshark SMB dissector Denial of Service Vulnerability (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/40112\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2010/1418\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-05.html\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-06.html\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2010/06/11/1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 SecPod\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow the attackers to crash an affected\n application.\");\n script_tag(name:\"affected\", value:\"Wireshark version 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8\");\n script_tag(name:\"insight\", value:\"The flaw is caused by a NULL pointer dereference error in the 'SMB' dissector,\n which could be exploited to crash an affected application via unknown vectors.\");\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 1.0.14 or 1.2.9:\");\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark and is prone to Denial of\n Service vulnerability.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download.html\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\nif(version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.8\") ||\n version_in_range(version:sharkVer, test_version:\"0.99.6\", test_version2:\"1.0.13\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-02T21:09:51", "description": "This host is installed with Wireshark and is prone to Denial of\n Service vulnerability.", "cvss3": {}, "published": "2010-06-22T00:00:00", "type": "openvas", "title": "Wireshark SigComp Universal Decompressor Virtual Machine dissector DOS Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2286"], "modified": "2017-02-23T00:00:00", "id": "OPENVAS:902198", "href": "http://plugins.openvas.org/nasl.php?oid=902198", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_wireshark_sigcomp_dissector_dos_vuln_win.nasl 5401 2017-02-23 09:46:07Z teissa $\n#\n# Wireshark SigComp Universal Decompressor Virtual Machine dissector DOS Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow the attackers to crash an affected application.\n Impact Level: Application\";\ntag_affected = \"Wireshark version 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8\";\ntag_insight = \"The flaw is caused by an off-by-one error within the SigComp Universal\n Decompressor Virtual Machine, which could be exploited by attackers to\n crash an affected application or execute arbitrary code via unknown vectors.\";\ntag_solution = \"Upgrade to Wireshark version 1.0.14 or 1.2.9:\n For updates refer to http://www.wireshark.org/download.html\";\ntag_summary = \"This host is installed with Wireshark and is prone to Denial of\n Service vulnerability.\";\n\nif(description)\n{\n script_id(902198);\n script_version(\"$Revision: 5401 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-23 10:46:07 +0100 (Thu, 23 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-22 13:34:32 +0200 (Tue, 22 Jun 2010)\");\n script_cve_id(\"CVE-2010-2286\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Wireshark SigComp Universal Decompressor Virtual Machine dissector DOS Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/40112\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2010/1418\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-05.html\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-06.html\");\n script_xref(name : \"URL\" , value : \"http://www.openwall.com/lists/oss-security/2010/06/11/1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 SecPod\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_require_keys(\"Wireshark/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\n# Check for Wireshark version\nif(version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.8\") ||\n version_in_range(version:sharkVer, test_version:\"0.10.7\", test_version2:\"1.0.13\")){\n security_message(0);\n}\n", "cvss": {"score": 3.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:09", "description": "This host is installed with Wireshark and is prone to Denial of\n Service vulnerability.", "cvss3": {}, "published": "2010-06-22T00:00:00", "type": "openvas", "title": "Wireshark SigComp Universal Decompressor Virtual Machine dissector DOS Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2286"], "modified": "2018-12-04T00:00:00", "id": "OPENVAS:1361412562310902198", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902198", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_wireshark_sigcomp_dissector_dos_vuln_win.nasl 12653 2018-12-04 15:31:25Z cfischer $\n#\n# Wireshark SigComp Universal Decompressor Virtual Machine dissector DOS Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902198\");\n script_version(\"$Revision: 12653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-04 16:31:25 +0100 (Tue, 04 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-22 13:34:32 +0200 (Tue, 22 Jun 2010)\");\n script_cve_id(\"CVE-2010-2286\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Wireshark SigComp Universal Decompressor Virtual Machine dissector DOS Vulnerability (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/40112\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2010/1418\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-05.html\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-06.html\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2010/06/11/1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 SecPod\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow the attackers to crash an affected application.\");\n script_tag(name:\"affected\", value:\"Wireshark version 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8\");\n script_tag(name:\"insight\", value:\"The flaw is caused by an off-by-one error within the SigComp Universal\n Decompressor Virtual Machine, which could be exploited by attackers to\n crash an affected application or execute arbitrary code via unknown vectors.\");\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 1.0.14 or 1.2.9:\");\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark and is prone to Denial of\n Service vulnerability.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download.html\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\nif(version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.8\") ||\n version_in_range(version:sharkVer, test_version:\"0.10.7\", test_version2:\"1.0.13\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-02T21:10:39", "description": "This host is installed with Wireshark and is prone to buffer\n overflow vulnerability.", "cvss3": {}, "published": "2012-05-04T00:00:00", "type": "openvas", "title": "Wireshark LDSS Dissector Buffer Overflow Vulnerability (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4300"], "modified": "2017-04-24T00:00:00", "id": "OPENVAS:802847", "href": "http://plugins.openvas.org/nasl.php?oid=802847", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_ldss_dissector_bof_vuln_macosx.nasl 6018 2017-04-24 09:02:24Z teissa $\n#\n# Wireshark LDSS Dissector Buffer Overflow Vulnerability (Mac OS X)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to crash the application.\n Impact Level: Application\";\ntag_affected = \"Wireshark version 1.2.0 to 1.2.12 and 1.4.0 to 1.4.1\";\ntag_insight = \"The flaw is due to heap based buffer overflow in\n 'dissect_ldss_transfer()' function (epan/dissectors/packet-ldss.c) in the\n LDSS dissector, which allows attackers to cause a denial of service (crash)\n and possibly execute arbitrary code via an LDSS packet with a long digest\n line.\";\ntag_solution = \"Upgrade to Wireshark 1.4.2 or 1.2.13 later.\n For updates refer to http://www.wireshark.org/download\";\ntag_summary = \"This host is installed with Wireshark and is prone to buffer\n overflow vulnerability.\";\n\nif(description)\n{\n script_id(802847);\n script_version(\"$Revision: 6018 $\");\n script_cve_id(\"CVE-2010-4300\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-24 11:02:24 +0200 (Mon, 24 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-04 18:49:10 +0530 (Fri, 04 May 2012)\");\n script_name(\"Wireshark LDSS Dissector Buffer Overflow Vulnerability (Mac OS X)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/42290\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2010/3038\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-14.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_require_keys(\"Wireshark/MacOSX/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nsharkVer = \"\";\n\nsharkVer = get_kb_item(\"Wireshark/MacOSX/Version\");\nif(!sharkVer){\n exit(0);\n}\n\n## Check version from 1.4.0 through 1.4.1 or 1.2.0 through 1.2.12\nif(version_in_range(version:sharkVer, test_version:\"1.4.0\", test_version2:\"1.4.1\") ||\n version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.12\")){\n security_message(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:36", "description": "This host is installed with Wireshark and is prone to buffer\n overflow vulnerability.", "cvss3": {}, "published": "2012-05-04T00:00:00", "type": "openvas", "title": "Wireshark LDSS Dissector Buffer Overflow Vulnerability (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4300"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310802847", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802847", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_ldss_dissector_bof_vuln_macosx.nasl 11855 2018-10-12 07:34:51Z cfischer $\n#\n# Wireshark LDSS Dissector Buffer Overflow Vulnerability (Mac OS X)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802847\");\n script_version(\"$Revision: 11855 $\");\n script_cve_id(\"CVE-2010-4300\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 09:34:51 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-04 18:49:10 +0530 (Fri, 04 May 2012)\");\n script_name(\"Wireshark LDSS Dissector Buffer Overflow Vulnerability (Mac OS X)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/42290\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2010/3038\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-14.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_mandatory_keys(\"Wireshark/MacOSX/Version\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to crash the application.\");\n script_tag(name:\"affected\", value:\"Wireshark version 1.2.0 to 1.2.12 and 1.4.0 to 1.4.1\");\n script_tag(name:\"insight\", value:\"The flaw is due to heap based buffer overflow in\n 'dissect_ldss_transfer()' function (epan/dissectors/packet-ldss.c) in the\n LDSS dissector, which allows attackers to cause a denial of service (crash)\n and possibly execute arbitrary code via an LDSS packet with a long digest\n line.\");\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark 1.4.2 or 1.2.13 later.\");\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark and is prone to buffer\n overflow vulnerability.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/MacOSX/Version\");\nif(!sharkVer){\n exit(0);\n}\n\nif(version_in_range(version:sharkVer, test_version:\"1.4.0\", test_version2:\"1.4.1\") ||\n version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.12\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-12-14T11:48:40", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-12-02T00:00:00", "type": "openvas", "title": "Mandriva Update for wireshark MDVSA-2010:242 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4300"], "modified": "2017-12-13T00:00:00", "id": "OPENVAS:831267", "href": "http://plugins.openvas.org/nasl.php?oid=831267", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for wireshark MDVSA-2010:242 (wireshark)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This advisory updates wireshark to the latest version (1.2.13),\n fixing one security issue:\n\n Heap-based buffer overflow in the dissect_ldss_transfer function\n (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark\n 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers\n to cause a denial of service (crash) and possibly execute arbitrary\n code via an LDSS packet with a long digest line that triggers memory\n corruption (CVE-2010-4300).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-11/msg00043.php\");\n script_id(831267);\n script_version(\"$Revision: 8092 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-13 07:31:16 +0100 (Wed, 13 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-02 08:39:14 +0100 (Thu, 02 Dec 2010)\");\n script_xref(name: \"MDVSA\", value: \"2010:242\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-4300\");\n script_name(\"Mandriva Update for wireshark MDVSA-2010:242 (wireshark)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.2.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.2.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.2.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.2.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.2.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.2.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.2.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.2.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.2.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.2.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.2.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.2.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.2.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.2.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.2.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.2.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:26", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-12-02T00:00:00", "type": "openvas", "title": "Mandriva Update for wireshark MDVSA-2010:242 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4300"], "modified": "2017-12-26T00:00:00", "id": "OPENVAS:1361412562310831267", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831267", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for wireshark MDVSA-2010:242 (wireshark)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This advisory updates wireshark to the latest version (1.2.13),\n fixing one security issue:\n\n Heap-based buffer overflow in the dissect_ldss_transfer function\n (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark\n 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers\n to cause a denial of service (crash) and possibly execute arbitrary\n code via an LDSS packet with a long digest line that triggers memory\n corruption (CVE-2010-4300).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-11/msg00043.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831267\");\n script_version(\"$Revision: 8246 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 08:29:20 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-02 08:39:14 +0100 (Thu, 02 Dec 2010)\");\n script_xref(name: \"MDVSA\", value: \"2010:242\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-4300\");\n script_name(\"Mandriva Update for wireshark MDVSA-2010:242 (wireshark)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.2.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.2.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.2.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.2.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.2.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.2.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.2.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.2.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.2.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.2.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.2.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.2.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.2.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.2.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.2.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.2.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:11", "description": "This host is installed with Wireshark and is prone to buffer\n overflow vulnerability.", "cvss3": {}, "published": "2010-12-09T00:00:00", "type": "openvas", "title": "Wireshark LDSS Dissector Buffer Overflow Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4300"], "modified": "2018-12-04T00:00:00", "id": "OPENVAS:1361412562310801555", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801555", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_ldss_dissector_bof_vuln_win.nasl 12653 2018-12-04 15:31:25Z cfischer $\n#\n# Wireshark LDSS Dissector Buffer Overflow Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801555\");\n script_version(\"$Revision: 12653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-04 16:31:25 +0100 (Tue, 04 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-09 06:36:39 +0100 (Thu, 09 Dec 2010)\");\n script_cve_id(\"CVE-2010-4300\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Wireshark LDSS Dissector Buffer Overflow Vulnerability (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/42290\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2010/3038\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-14.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to crash the application.\");\n script_tag(name:\"affected\", value:\"Wireshark version 1.2.0 to 1.2.12 and 1.4.0 to 1.4.1\");\n script_tag(name:\"insight\", value:\"The flaw is due to heap-based buffer overflow in\n 'dissect_ldss_transfer()' function (epan/dissectors/packet-ldss.c) in the\n LDSS dissector, which allows attackers to cause a denial of service (crash)\n and possibly execute arbitrary code via an LDSS packet with a long digest\n line.\");\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark 1.4.2 or 1.2.13 later.\");\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark and is prone to buffer\n overflow vulnerability.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\nif(version_in_range(version:sharkVer, test_version:\"1.4.0\", test_version2:\"1.4.1\") ||\n version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.12\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-19T10:49:03", "description": "This host is installed with Wireshark and is prone to buffer\n overflow vulnerability.", "cvss3": {}, "published": "2010-12-09T00:00:00", "type": "openvas", "title": "Wireshark LDSS Dissector Buffer Overflow Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4300"], "modified": "2017-07-04T00:00:00", "id": "OPENVAS:801555", "href": "http://plugins.openvas.org/nasl.php?oid=801555", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_ldss_dissector_bof_vuln_win.nasl 6519 2017-07-04 14:08:14Z cfischer $\n#\n# Wireshark LDSS Dissector Buffer Overflow Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to crash the application.\n Impact Level: Application\";\ntag_affected = \"Wireshark version 1.2.0 to 1.2.12 and 1.4.0 to 1.4.1\";\ntag_insight = \"The flaw is due to heap-based buffer overflow in\n 'dissect_ldss_transfer()' function (epan/dissectors/packet-ldss.c) in the\n LDSS dissector, which allows attackers to cause a denial of service (crash)\n and possibly execute arbitrary code via an LDSS packet with a long digest\n line.\";\ntag_solution = \"Upgrade to Wireshark 1.4.2 or 1.2.13 later,\n For updates refer to http://www.wireshark.org/download\";\ntag_summary = \"This host is installed with Wireshark and is prone to buffer\n overflow vulnerability.\";\n\nif(description)\n{\n script_id(801555);\n script_version(\"$Revision: 6519 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-04 16:08:14 +0200 (Tue, 04 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-09 06:36:39 +0100 (Thu, 09 Dec 2010)\");\n script_cve_id(\"CVE-2010-4300\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Wireshark LDSS Dissector Buffer Overflow Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/42290\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2010/3038\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-14.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Confirm Windows\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\n## Check version from 1.4.0 through 1.4.1 or 1.2.0 through 1.2.12\nif(version_in_range(version:sharkVer, test_version:\"1.4.0\", test_version2:\"1.4.1\") ||\n version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.12\")){\n security_message(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:13", "description": "This host is installed with Wireshark and is prone to buffer overflow\n vulnerability.", "cvss3": {}, "published": "2010-06-22T00:00:00", "type": "openvas", "title": "Wireshark ASN.1 BER Dissector Buffer Overflow Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284"], "modified": "2018-12-04T00:00:00", "id": "OPENVAS:1361412562310902195", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902195", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_wireshark_asn_ber_dissector_bof_vuln_win.nasl 12653 2018-12-04 15:31:25Z cfischer $\n#\n# Wireshark ASN.1 BER Dissector Buffer Overflow Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902195\");\n script_version(\"$Revision: 12653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-04 16:31:25 +0100 (Tue, 04 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-22 13:34:32 +0200 (Tue, 22 Jun 2010)\");\n script_cve_id(\"CVE-2010-2284\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Wireshark ASN.1 BER Dissector Buffer Overflow Vulnerability (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/40112\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2010/1418\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-05.html\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-06.html\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2010/06/11/1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 SecPod\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name:\"impact\", value:\"It has unknown impact and remote attack vectors.\");\n script_tag(name:\"affected\", value:\"Wireshark version 0.10.13 to 1.0.13 and 1.2.0 to 1.2.8 on windows.\");\n script_tag(name:\"insight\", value:\"The flaw is caused by a buffer overflow error within the 'ASN.1 BER' dissector.\");\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 1.0.14 or 1.2.9:\");\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark and is prone to buffer overflow\n vulnerability.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download.html\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\nif(version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.8\") ||\n version_in_range(version:sharkVer, test_version:\"0.10.13\", test_version2:\"1.0.13\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:09:56", "description": "This host is installed with Wireshark and is prone to buffer overflow\n vulnerability.", "cvss3": {}, "published": "2010-06-22T00:00:00", "type": "openvas", "title": "Wireshark ASN.1 BER Dissector Buffer Overflow Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2284"], "modified": "2017-02-23T00:00:00", "id": "OPENVAS:902195", "href": "http://plugins.openvas.org/nasl.php?oid=902195", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_wireshark_asn_ber_dissector_bof_vuln_win.nasl 5401 2017-02-23 09:46:07Z teissa $\n#\n# Wireshark ASN.1 BER Dissector Buffer Overflow Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"It has unknown impact and remote attack vectors.\n Impact Level: Application\";\ntag_affected = \"Wireshark version 0.10.13 to 1.0.13 and 1.2.0 to 1.2.8 on windows.\";\ntag_insight = \"The flaw is caused by a buffer overflow error within the 'ASN.1 BER' dissector.\";\ntag_solution = \"Upgrade to Wireshark version 1.0.14 or 1.2.9:\n For updates refer to http://www.wireshark.org/download.html\";\ntag_summary = \"This host is installed with Wireshark and is prone to buffer overflow\n vulnerability.\";\n\nif(description)\n{\n script_id(902195);\n script_version(\"$Revision: 5401 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-23 10:46:07 +0100 (Thu, 23 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-22 13:34:32 +0200 (Tue, 22 Jun 2010)\");\n script_cve_id(\"CVE-2010-2284\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Wireshark ASN.1 BER Dissector Buffer Overflow Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/40112\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2010/1418\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-05.html\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-06.html\");\n script_xref(name : \"URL\" , value : \"http://www.openwall.com/lists/oss-security/2010/06/11/1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 SecPod\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_require_keys(\"Wireshark/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\n# Grep for Wireshark version\nif(version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.8\") ||\n version_in_range(version:sharkVer, test_version:\"0.10.13\", test_version2:\"1.0.13\")){\n security_message(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:05", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-10-19T00:00:00", "type": "openvas", "title": "Mandriva Update for wireshark MDVSA-2010:200 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3445"], "modified": "2017-12-22T00:00:00", "id": "OPENVAS:831205", "href": "http://plugins.openvas.org/nasl.php?oid=831205", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for wireshark MDVSA-2010:200 (wireshark)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that the ASN.1 BER dissector in wireshark was\n susceptible to a stack overflow (CVE-2010-3445).\n\n For 2010.0 and 2010.1 wireshark was upgraded to v1.2.12 which is not\n vulnerable to this issue and was patched for CS4 and MES5 to resolve\n the vulnerability.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-10/msg00021.php\");\n script_id(831205);\n script_version(\"$Revision: 8226 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 07:30:26 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-10-19 15:54:15 +0200 (Tue, 19 Oct 2010)\");\n script_xref(name: \"MDVSA\", value: \"2010:200\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2010-3445\");\n script_name(\"Mandriva Update for wireshark MDVSA-2010:200 (wireshark)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.15~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.15~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.15~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.15~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.15~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.15~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.15~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.15~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.2.12~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.2.12~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.2.12~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.2.12~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.2.12~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.12~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.2.12~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.2.12~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.2.12~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.2.12~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.2.12~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.2.12~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.2.12~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.2.12~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.12~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.2.12~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.2.12~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.2.12~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:48", "description": "This host is installed with Wireshark and is prone to stack\n consumption vulnerability.", "cvss3": {}, "published": "2012-05-04T00:00:00", "type": "openvas", "title": "Wireshark BER Dissector Stack Consumption Vulnerability (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3445"], "modified": "2017-04-24T00:00:00", "id": "OPENVAS:802845", "href": "http://plugins.openvas.org/nasl.php?oid=802845", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_ber_dissector_stack_consumption_vuln_macosx.nasl 6018 2017-04-24 09:02:24Z teissa $\n#\n# Wireshark BER Dissector Stack Consumption Vulnerability (Mac OS X)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to crash the application.\n Impact Level: Application\";\ntag_affected = \"Wireshark version 1.4.x before 1.4.1 and 1.2.x before 1.2.12\";\ntag_insight = \"The flaw is due to stack consumption error in the\n 'dissect_ber_unknown()' function in 'epan/dissectors/packet-ber.c' in the\n BER dissector, which allows remote attackers to cause a denial of service\n (NULL pointer dereference and crash) via a long string in an unknown\n 'ASN.1/BER' encoded packet.\";\ntag_solution = \"Upgrade to Wireshark 1.4.1 or 1.2.12 or later.\n For updates refer to http://www.wireshark.org/download\";\ntag_summary = \"This host is installed with Wireshark and is prone to stack\n consumption vulnerability.\";\n\nif(description)\n{\n script_id(802845);\n script_version(\"$Revision: 6018 $\");\n script_cve_id(\"CVE-2010-3445\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-24 11:02:24 +0200 (Mon, 24 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-04 18:26:03 +0530 (Fri, 04 May 2012)\");\n script_name(\"Wireshark BER Dissector Stack Consumption Vulnerability (Mac OS X)\");\n script_xref(name : \"URL\" , value : \"http://www.openwall.com/lists/oss-security/2010/10/12/1\");\n script_xref(name : \"URL\" , value : \"http://www.openwall.com/lists/oss-security/2010/10/01/10\");\n script_xref(name : \"URL\" , value : \"http://xorl.wordpress.com/2010/10/15/cve-2010-3445-wireshark-asn-1-ber-stack-overflow/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_require_keys(\"Wireshark/MacOSX/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nsharkVer = \"\";\n\nsharkVer = get_kb_item(\"Wireshark/MacOSX/Version\");\nif(!sharkVer){\n exit(0);\n}\n\n## Check version 1.4.0 or 1.2.0 through 1.2.11\nif(version_is_equal(version:sharkVer, test_version:\"1.4.0\") ||\n version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.11\")){\n security_message(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:56", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2010-11-17T00:00:00", "type": "openvas", "title": "FreeBSD Ports: wireshark", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3445"], "modified": "2017-12-27T00:00:00", "id": "OPENVAS:136141256231068494", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231068494", "sourceData": "#\n#VID b2eaa7c2-e64a-11df-bc65-0022156e8794\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID b2eaa7c2-e64a-11df-bc65-0022156e8794\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n wireshark\n wireshark-lite\n tshark\n tshark-lite\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.wireshark.org/lists/wireshark-announce/201010/msg00002.html\nhttp://www.wireshark.org/lists/wireshark-announce/201010/msg00001.html\nhttp://www.vuxml.org/freebsd/b2eaa7c2-e64a-11df-bc65-0022156e8794.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.68494\");\n script_version(\"$Revision: 8250 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 08:29:15 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-17 03:33:48 +0100 (Wed, 17 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2010-3445\");\n script_name(\"FreeBSD Ports: wireshark\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"wireshark\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3\")>=0 && revcomp(a:bver, b:\"1.4.1\")<0) {\n txt += 'Package wireshark version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"1.0\")>=0 && revcomp(a:bver, b:\"1.2.12\")<0) {\n txt += 'Package wireshark version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"wireshark-lite\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3\")>=0 && revcomp(a:bver, b:\"1.4.1\")<0) {\n txt += 'Package wireshark-lite version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"1.0\")>=0 && revcomp(a:bver, b:\"1.2.12\")<0) {\n txt += 'Package wireshark-lite version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"tshark\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3\")>=0 && revcomp(a:bver, b:\"1.4.1\")<0) {\n txt += 'Package tshark version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"1.0\")>=0 && revcomp(a:bver, b:\"1.2.12\")<0) {\n txt += 'Package tshark version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"tshark-lite\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3\")>=0 && revcomp(a:bver, b:\"1.4.1\")<0) {\n txt += 'Package tshark-lite version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"1.0\")>=0 && revcomp(a:bver, b:\"1.2.12\")<0) {\n txt += 'Package tshark-lite version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-19T10:49:03", "description": "This host is installed with Wireshark and is prone to stack\n consumption vulnerability.", "cvss3": {}, "published": "2010-12-09T00:00:00", "type": "openvas", "title": "Wireshark BER Dissector Stack Consumption Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3445"], "modified": "2017-07-04T00:00:00", "id": "OPENVAS:801553", "href": "http://plugins.openvas.org/nasl.php?oid=801553", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_ber_dissector_stack_consumption_vuln_win.nasl 6519 2017-07-04 14:08:14Z cfischer $\n#\n# Wireshark BER Dissector Stack Consumption Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to crash the application.\n Impact Level: Application\";\ntag_affected = \"Wireshark version 1.4.x before 1.4.1 and 1.2.x before 1.2.12\";\ntag_insight = \"The flaw is due to stack consumption in the 'dissect_ber_unknown()'\n function in 'epan/dissectors/packet-ber.c' in the BER dissector, which allows\n remote attackers to cause a denial of service (NULL pointer dereference and\n crash) via a long string in an unknown 'ASN.1/BER' encoded packet.\";\ntag_solution = \"Upgrade to Wireshark 1.4.1 or 1.2.12 or later,\n For updates refer to http://www.wireshark.org/download\";\ntag_summary = \"This host is installed with Wireshark and is prone to stack\n consumption vulnerability.\";\n\nif(description)\n{\n script_id(801553);\n script_version(\"$Revision: 6519 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-04 16:08:14 +0200 (Tue, 04 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-09 06:36:39 +0100 (Thu, 09 Dec 2010)\");\n script_cve_id(\"CVE-2010-3445\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Wireshark BER Dissector Stack Consumption Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://www.openwall.com/lists/oss-security/2010/10/12/1\");\n script_xref(name : \"URL\" , value : \"http://www.openwall.com/lists/oss-security/2010/10/01/10\");\n script_xref(name : \"URL\" , value : \"http://xorl.wordpress.com/2010/10/15/cve-2010-3445-wireshark-asn-1-ber-stack-overflow/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Confirm Windows\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\n## Check version 1.4.0 or 1.2.0 through 1.2.11\nif(version_is_equal(version:sharkVer, test_version:\"1.4.0\") ||\n version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.11\")){\n security_message(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:03", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2010-11-17T00:00:00", "type": "openvas", "title": "FreeBSD Ports: wireshark", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3445"], "modified": "2017-02-10T00:00:00", "id": "OPENVAS:68494", "href": "http://plugins.openvas.org/nasl.php?oid=68494", "sourceData": "#\n#VID b2eaa7c2-e64a-11df-bc65-0022156e8794\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID b2eaa7c2-e64a-11df-bc65-0022156e8794\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n wireshark\n wireshark-lite\n tshark\n tshark-lite\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.wireshark.org/lists/wireshark-announce/201010/msg00002.html\nhttp://www.wireshark.org/lists/wireshark-announce/201010/msg00001.html\nhttp://www.vuxml.org/freebsd/b2eaa7c2-e64a-11df-bc65-0022156e8794.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(68494);\n script_version(\"$Revision: 5263 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-10 14:45:51 +0100 (Fri, 10 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-17 03:33:48 +0100 (Wed, 17 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2010-3445\");\n script_name(\"FreeBSD Ports: wireshark\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"wireshark\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3\")>=0 && revcomp(a:bver, b:\"1.4.1\")<0) {\n txt += 'Package wireshark version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"1.0\")>=0 && revcomp(a:bver, b:\"1.2.12\")<0) {\n txt += 'Package wireshark version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"wireshark-lite\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3\")>=0 && revcomp(a:bver, b:\"1.4.1\")<0) {\n txt += 'Package wireshark-lite version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"1.0\")>=0 && revcomp(a:bver, b:\"1.2.12\")<0) {\n txt += 'Package wireshark-lite version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"tshark\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3\")>=0 && revcomp(a:bver, b:\"1.4.1\")<0) {\n txt += 'Package tshark version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"1.0\")>=0 && revcomp(a:bver, b:\"1.2.12\")<0) {\n txt += 'Package tshark version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"tshark-lite\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3\")>=0 && revcomp(a:bver, b:\"1.4.1\")<0) {\n txt += 'Package tshark-lite version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"1.0\")>=0 && revcomp(a:bver, b:\"1.2.12\")<0) {\n txt += 'Package tshark-lite version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:14", "description": "This host is installed with Wireshark and is prone to stack\n consumption vulnerability.", "cvss3": {}, "published": "2010-12-09T00:00:00", "type": "openvas", "title": "Wireshark BER Dissector Stack Consumption Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3445"], "modified": "2018-12-04T00:00:00", "id": "OPENVAS:1361412562310801553", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801553", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_ber_dissector_stack_consumption_vuln_win.nasl 12653 2018-12-04 15:31:25Z cfischer $\n#\n# Wireshark BER Dissector Stack Consumption Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801553\");\n script_version(\"$Revision: 12653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-04 16:31:25 +0100 (Tue, 04 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-09 06:36:39 +0100 (Thu, 09 Dec 2010)\");\n script_cve_id(\"CVE-2010-3445\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Wireshark BER Dissector Stack Consumption Vulnerability (Windows)\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2010/10/12/1\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2010/10/01/10\");\n script_xref(name:\"URL\", value:\"http://xorl.wordpress.com/2010/10/15/cve-2010-3445-wireshark-asn-1-ber-stack-overflow/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to crash the application.\");\n script_tag(name:\"affected\", value:\"Wireshark version 1.4.x before 1.4.1 and 1.2.x before 1.2.12\");\n script_tag(name:\"insight\", value:\"The flaw is due to stack consumption in the 'dissect_ber_unknown()'\n function in 'epan/dissectors/packet-ber.c' in the BER dissector, which allows\n remote attackers to cause a denial of service (NULL pointer dereference and\n crash) via a long string in an unknown 'ASN.1/BER' encoded packet.\");\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark 1.4.1 or 1.2.12 or later.\");\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark and is prone to stack\n consumption vulnerability.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\nif(version_is_equal(version:sharkVer, test_version:\"1.4.0\") ||\n version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.11\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:36", "description": "This host is installed with Wireshark and is prone to stack\n consumption vulnerability.", "cvss3": {}, "published": "2012-05-04T00:00:00", "type": "openvas", "title": "Wireshark BER Dissector Stack Consumption Vulnerability (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3445"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310802845", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802845", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_ber_dissector_stack_consumption_vuln_macosx.nasl 11855 2018-10-12 07:34:51Z cfischer $\n#\n# Wireshark BER Dissector Stack Consumption Vulnerability (Mac OS X)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802845\");\n script_version(\"$Revision: 11855 $\");\n script_cve_id(\"CVE-2010-3445\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 09:34:51 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-04 18:26:03 +0530 (Fri, 04 May 2012)\");\n script_name(\"Wireshark BER Dissector Stack Consumption Vulnerability (Mac OS X)\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2010/10/12/1\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2010/10/01/10\");\n script_xref(name:\"URL\", value:\"http://xorl.wordpress.com/2010/10/15/cve-2010-3445-wireshark-asn-1-ber-stack-overflow/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_mandatory_keys(\"Wireshark/MacOSX/Version\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to crash the application.\");\n script_tag(name:\"affected\", value:\"Wireshark version 1.4.x before 1.4.1 and 1.2.x before 1.2.12\");\n script_tag(name:\"insight\", value:\"The flaw is due to stack consumption error in the\n 'dissect_ber_unknown()' function in 'epan/dissectors/packet-ber.c' in the\n BER dissector, which allows remote attackers to cause a denial of service\n (NULL pointer dereference and crash) via a long string in an unknown\n 'ASN.1/BER' encoded packet.\");\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark 1.4.1 or 1.2.12 or later.\");\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark and is prone to stack\n consumption vulnerability.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/MacOSX/Version\");\nif(!sharkVer){\n exit(0);\n}\n\nif(version_is_equal(version:sharkVer, test_version:\"1.4.0\") ||\n version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.11\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-22T13:05:32", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2010-10-19T00:00:00", "type": "openvas", "title": "Mandriva Update for wireshark MDVSA-2010:200 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3445"], "modified": "2018-01-22T00:00:00", "id": "OPENVAS:1361412562310831205", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831205", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for wireshark MDVSA-2010:200 (wireshark)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that the ASN.1 BER dissector in wireshark was\n susceptible to a stack overflow (CVE-2010-3445).\n\n For 2010.0 and 2010.1 wireshark was upgraded to v1.2.12 which is not\n vulnerable to this issue and was patched for CS4 and MES5 to resolve\n the vulnerability.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-10/msg00021.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831205\");\n script_version(\"$Revision: 8485 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 08:57:57 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-10-19 15:54:15 +0200 (Tue, 19 Oct 2010)\");\n script_xref(name: \"MDVSA\", value: \"2010:200\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2010-3445\");\n script_name(\"Mandriva Update for wireshark MDVSA-2010:200 (wireshark)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.15~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.15~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.15~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.15~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.15~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.15~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.15~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.15~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.2.12~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.2.12~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.2.12~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.2.12~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.2.12~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.12~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.2.12~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.2.12~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.2.12~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.2.12~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.2.12~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.2.12~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.2.12~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.2.12~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.2.12~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.2.12~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.2.12~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.2.12~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:01", "description": "This host is installed with Wireshark and is prone to buffer overflow\n vulnerability.", "cvss3": {}, "published": "2010-06-22T00:00:00", "type": "openvas", "title": "Wireshark SigComp Universal Decompressor Virtual Machine dissector BOF Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2287"], "modified": "2017-02-23T00:00:00", "id": "OPENVAS:902199", "href": "http://plugins.openvas.org/nasl.php?oid=902199", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_wireshark_sigcomp_dissector_bof_vuln_win.nasl 5401 2017-02-23 09:46:07Z teissa $\n#\n# Wireshark SigComp Universal Decompressor Virtual Machine dissector BOF Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"It has unknown impact and remote attack vectors.\n Impact Level: Application\";\ntag_affected = \"Wireshark version 0.10.8 to 1.0.13 and 1.2.0 to 1.2.8\";\ntag_insight = \"The flaw is due to a buffer overflow error in the SigComp Universal\n Decompressor Virtual Machine dissector.\";\ntag_solution = \"Upgrade to Wireshark version 1.0.14 or 1.2.9:\n For updates refer to http://www.wireshark.org/download.html\";\ntag_summary = \"This host is installed with Wireshark and is prone to buffer overflow\n vulnerability.\";\n\nif(description)\n{\n script_id(902199);\n script_version(\"$Revision: 5401 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-23 10:46:07 +0100 (Thu, 23 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-22 13:34:32 +0200 (Tue, 22 Jun 2010)\");\n script_cve_id(\"CVE-2010-2287\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Wireshark SigComp Universal Decompressor Virtual Machine dissector BOF Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/40112\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2010/1418\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-05.html\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-06.html\");\n script_xref(name : \"URL\" , value : \"http://www.openwall.com/lists/oss-security/2010/06/11/1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 SecPod\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_require_keys(\"Wireshark/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\n# Check for Wireshark version\nif(version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.8\") ||\n version_in_range(version:sharkVer, test_version:\"0.10.8\", test_version2:\"1.0.13\")){\n security_message(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:40:06", "description": "This host is installed with Wireshark and is prone to buffer overflow\n vulnerability.", "cvss3": {}, "published": "2010-06-22T00:00:00", "type": "openvas", "title": "Wireshark SigComp Universal Decompressor Virtual Machine dissector BOF Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2287"], "modified": "2018-12-04T00:00:00", "id": "OPENVAS:1361412562310902199", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902199", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_wireshark_sigcomp_dissector_bof_vuln_win.nasl 12653 2018-12-04 15:31:25Z cfischer $\n#\n# Wireshark SigComp Universal Decompressor Virtual Machine dissector BOF Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902199\");\n script_version(\"$Revision: 12653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-04 16:31:25 +0100 (Tue, 04 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-22 13:34:32 +0200 (Tue, 22 Jun 2010)\");\n script_cve_id(\"CVE-2010-2287\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Wireshark SigComp Universal Decompressor Virtual Machine dissector BOF Vulnerability (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/40112\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2010/1418\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-05.html\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-06.html\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2010/06/11/1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 SecPod\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name:\"impact\", value:\"It has unknown impact and remote attack vectors.\");\n script_tag(name:\"affected\", value:\"Wireshark version 0.10.8 to 1.0.13 and 1.2.0 to 1.2.8\");\n script_tag(name:\"insight\", value:\"The flaw is due to a buffer overflow error in the SigComp Universal\n Decompressor Virtual Machine dissector.\");\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 1.0.14 or 1.2.9:\");\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark and is prone to buffer overflow\n vulnerability.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download.html\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\nif(version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.8\") ||\n version_in_range(version:sharkVer, test_version:\"0.10.8\", test_version2:\"1.0.13\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:40:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-2285"], "description": "This host is installed with Wireshark and is prone to Denial of\n Service vulnerability.", "modified": "2018-12-04T00:00:00", "published": "2010-06-22T00:00:00", "id": "OPENVAS:1361412562310902197", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902197", "type": "openvas", "title": "Wireshark SMB PIPE Dissector Denial of Service Vulnerability (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_wireshark_smb_pipe_dissector_dos_vuln_win.nasl 12653 2018-12-04 15:31:25Z cfischer $\n#\n# Wireshark SMB PIPE Dissector Denial of Service Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902197\");\n script_version(\"$Revision: 12653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-04 16:31:25 +0100 (Tue, 04 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-22 13:34:32 +0200 (Tue, 22 Jun 2010)\");\n script_cve_id(\"CVE-2010-2285\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Wireshark SMB PIPE Dissector Denial of Service Vulnerability (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/40112\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2010/1418\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-05.html\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-06.html\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2010/06/11/1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 SecPod\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow the attackers to crash an affected\n application.\");\n script_tag(name:\"affected\", value:\"Wireshark version 0.8.20 to 1.0.13 and 1.2.0 to 1.2.8\");\n script_tag(name:\"insight\", value:\"The flaw is caused by a NULL pointer dereference error in the 'SMB PIPE'\n dissector, which could be exploited to crash an affected application via\n unknown vectors.\");\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 1.0.14 or 1.2.9:\");\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark and is prone to Denial of\n Service vulnerability.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download.html\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\nif(version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.8\") ||\n version_in_range(version:sharkVer, test_version:\"0.8.20\", test_version2:\"1.0.13\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-02T21:09:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-2285"], "description": "This host is installed with Wireshark and is prone to Denial of\n Service vulnerability.", "modified": "2017-02-23T00:00:00", "published": "2010-06-22T00:00:00", "id": "OPENVAS:902197", "href": "http://plugins.openvas.org/nasl.php?oid=902197", "type": "openvas", "title": "Wireshark SMB PIPE Dissector Denial of Service Vulnerability (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_wireshark_smb_pipe_dissector_dos_vuln_win.nasl 5401 2017-02-23 09:46:07Z teissa $\n#\n# Wireshark SMB PIPE Dissector Denial of Service Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow the attackers to crash an affected\n application.\n Impact Level: Application\";\ntag_affected = \"Wireshark version 0.8.20 to 1.0.13 and 1.2.0 to 1.2.8\";\ntag_insight = \"The flaw is caused by a NULL pointer dereference error in the 'SMB PIPE'\n dissector, which could be exploited to crash an affected application via\n unknown vectors.\";\ntag_solution = \"Upgrade to Wireshark version 1.0.14 or 1.2.9:\n For updates refer to http://www.wireshark.org/download.html\";\ntag_summary = \"This host is installed with Wireshark and is prone to Denial of\n Service vulnerability.\";\n\nif(description)\n{\n script_id(902197);\n script_version(\"$Revision: 5401 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-23 10:46:07 +0100 (Thu, 23 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-22 13:34:32 +0200 (Tue, 22 Jun 2010)\");\n script_cve_id(\"CVE-2010-2285\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Wireshark SMB PIPE Dissector Denial of Service Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/40112\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2010/1418\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-05.html\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-06.html\");\n script_xref(name : \"URL\" , value : \"http://www.openwall.com/lists/oss-security/2010/06/11/1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 SecPod\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_require_keys(\"Wireshark/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\n# Check for Wireshark version\nif(version_in_range(version:sharkVer, test_version:\"1.2.0\", test_version2:\"1.2.8\") ||\n version_in_range(version:sharkVer, test_version:\"0.8.20\", test_version2:\"1.0.13\")){\n security_message(0);\n}\n", "cvss": {"score": 3.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:15", "description": "The host is installed Wireshark and is prone to multiple\n vulnerabilities.", "cvss3": {}, "published": "2010-08-19T00:00:00", "type": "openvas", "title": "Wireshark Multiple Vulnerabilities (win)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2995"], "modified": "2018-12-04T00:00:00", "id": "OPENVAS:1361412562310801432", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801432", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_mult_vuln_win.nasl 12653 2018-12-04 15:31:25Z cfischer $\n#\n# Wireshark Multiple Vulnerabilities (Windows)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801432\");\n script_version(\"$Revision: 12653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-04 16:31:25 +0100 (Tue, 04 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-19 10:23:11 +0200 (Thu, 19 Aug 2010)\");\n script_cve_id(\"CVE-2010-2995\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Wireshark Multiple Vulnerabilities (win)\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-08.html\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\");\n\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to cause a denial of\n service, execution of arbitrary code.\");\n script_tag(name:\"affected\", value:\"Wireshark version 1.2.0 to 1.2.9\n Wireshark version 0.10.8 to 1.0.14\");\n script_tag(name:\"insight\", value:\"Multiple flaws are due to error in 'sigcomp-udvm.c' and an\n off-by-one error, which could be exploited to execute arbitrary code.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Wireshark version 1.0.15 or 1.2.10 or later.\");\n script_tag(name:\"summary\", value:\"The host is installed Wireshark and is prone to multiple\n vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download.html\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nwiresharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!wiresharkVer){\n exit(0);\n}\n\nif(version_in_range(version:wiresharkVer, test_version:\"0.10.8\", test_version2:\"1.0.14\")||\n version_in_range(version:wiresharkVer, test_version:\"1.2.0\", test_version2:\"1.2.9\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:09:53", "description": "The host is installed Wireshark and is prone to multiple\n vulnerabilities.", "cvss3": {}, "published": "2010-08-19T00:00:00", "type": "openvas", "title": "Wireshark Multiple Vulnerabilities (win)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2995"], "modified": "2017-02-21T00:00:00", "id": "OPENVAS:801432", "href": "http://plugins.openvas.org/nasl.php?oid=801432", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_mult_vuln_win.nasl 5388 2017-02-21 15:13:30Z teissa $\n#\n# Wireshark Multiple Vulnerabilities (Windows)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow attackers to cause a denial of\n service, execution of arbitrary code.\n Impact Level: Application\";\ntag_affected = \"Wireshark version 1.2.0 to 1.2.9\n Wireshark version 0.10.8 to 1.0.14\";\ntag_insight = \"Multiple flaws are due to error in 'sigcomp-udvm.c' and an\n off-by-one error, which could be exploited to execute arbitrary code.\";\ntag_solution = \"Upgrade to the Wireshark version 1.0.15 or 1.2.10 or later,\n For updates refer to http://www.wireshark.org/download.html\";\ntag_summary = \"The host is installed Wireshark and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(801432);\n script_version(\"$Revision: 5388 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-21 16:13:30 +0100 (Tue, 21 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-19 10:23:11 +0200 (Thu, 19 Aug 2010)\");\n script_cve_id(\"CVE-2010-2995\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Wireshark Multiple Vulnerabilities (win)\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-08.html\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\");\n\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_require_keys(\"Wireshark/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Get the version from KB\nwiresharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!wiresharkVer){\n exit(0);\n}\n\n## Check for Wireshark Version\nif(version_in_range(version:wiresharkVer, test_version:\"0.10.8\", test_version2:\"1.0.14\")||\n version_in_range(version:wiresharkVer, test_version:\"1.2.0\", test_version2:\"1.2.9\")){\n security_message(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:10:04", "description": "The host is installed with Wireshark and is prone to Denial of\n Service Vulnerability.", "cvss3": {}, "published": "2010-08-19T00:00:00", "type": "openvas", "title": "Wireshark 'IPMI dissector' Denial of Service Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2993"], "modified": "2017-02-21T00:00:00", "id": "OPENVAS:801435", "href": "http://plugins.openvas.org/nasl.php?oid=801435", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_ipmi_dissector_dos_vuln_win.nasl 5388 2017-02-21 15:13:30Z teissa $\n#\n# Wireshark 'IPMI dissector' Denial of Service Vulnerability (win)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow attackers to cause denial of service.\n Impact Level: Application\";\ntag_affected = \"Wireshark version 1.2.0 to 1.2.9\";\ntag_insight = \"The flaw is due to an error in the handling of 'IPMI dissector',\n which could be exploited to go into an infinite loop.\";\ntag_solution = \"Upgrade to the Wireshark version 1.2.10 or later,\n For updates refer to http://www.wireshark.org/download.html\";\ntag_summary = \"The host is installed with Wireshark and is prone to Denial of\n Service Vulnerability.\";\n\nif(description)\n{\n script_id(801435);\n script_version(\"$Revision: 5388 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-21 16:13:30 +0100 (Tue, 21 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-19 10:23:11 +0200 (Thu, 19 Aug 2010)\");\n script_cve_id(\"CVE-2010-2993\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Wireshark 'IPMI dissector' Denial of Service Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-08.html\");\n script_xref(name : \"URL\" , value : \"http://securitytracker.com/alerts/2010/Jul/1024269.html\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\");\n\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_require_keys(\"Wireshark/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Get the version from KB\nwiresharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!wiresharkVer){\n exit(0);\n}\n\n## Check for Wireshark Version\nif(version_in_range(version:wiresharkVer, test_version:\"1.2.0\", test_version2:\"1.2.9\")){\n security_message(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2020-04-27T19:23:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-2993"], "description": "The host is installed with Wireshark and is prone to Denial of\n Service Vulnerability.", "modified": "2020-04-23T00:00:00", "published": "2010-08-19T00:00:00", "id": "OPENVAS:1361412562310801435", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801435", "type": "openvas", "title": "Wireshark 'IPMI dissector' Denial of Service Vulnerability (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Wireshark 'IPMI dissector' Denial of Service Vulnerability (win)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801435\");\n script_version(\"2020-04-23T12:22:09+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-23 12:22:09 +0000 (Thu, 23 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2010-08-19 10:23:11 +0200 (Thu, 19 Aug 2010)\");\n script_cve_id(\"CVE-2010-2993\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Wireshark 'IPMI dissector' Denial of Service Vulnerability (Windows)\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-08.html\");\n script_xref(name:\"URL\", value:\"http://securitytracker.com/alerts/2010/Jul/1024269.html\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\");\n\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to cause denial of service.\");\n script_tag(name:\"affected\", value:\"Wireshark version 1.2.0 to 1.2.9\");\n script_tag(name:\"insight\", value:\"The flaw is due to an error in the handling of 'IPMI dissector',\n which could be exploited to go into an infinite loop.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Wireshark version 1.2.10 or later.\");\n script_tag(name:\"summary\", value:\"The host is installed with Wireshark and is prone to Denial of\n Service Vulnerability.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download.html\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nwiresharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!wiresharkVer){\n exit(0);\n}\n\nif(version_in_range(version:wiresharkVer, test_version:\"1.2.0\", test_version2:\"1.2.9\")){\n report = report_fixed_ver(installed_version:wiresharkVer, vulnerable_range:\"1.2.0 - 1.2.9\");\n security_message(port: 0, data: report);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-02T21:10:03", "description": "The host is installed with Wireshark and is prone to Denial of\n Service Vulnerability.", "cvss3": {}, "published": "2010-08-19T00:00:00", "type": "openvas", "title": "Wireshark 'packet-gsm_a_rr.c' Denial of Service Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2992"], "modified": "2017-02-21T00:00:00", "id": "OPENVAS:801433", "href": "http://plugins.openvas.org/nasl.php?oid=801433", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_dissector_dos_vuln_win.nasl 5388 2017-02-21 15:13:30Z teissa $\n#\n# Wireshark 'packet-gsm_a_rr.c' Denial of Service Vulnerability (Windows)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow attackers to cause a denial of service.\n Impact Level: Application\";\ntag_affected = \"Wireshark version 1.2.2 through 1.2.9\";\ntag_insight = \"The flaw is due to an error in 'packet-gsm_a_rr.c' in the GSM A RR\n dissector.\";\ntag_solution = \"Upgrade to the Wireshark version 1.2.10 or later,\n For updates refer to http://www.wireshark.org/download.html\";\ntag_summary = \"The host is installed with Wireshark and is prone to Denial of\n Service Vulnerability.\";\n\nif(description)\n{\n script_id(801433);\n script_version(\"$Revision: 5388 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-21 16:13:30 +0100 (Tue, 21 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-19 10:23:11 +0200 (Thu, 19 Aug 2010)\");\n script_cve_id(\"CVE-2010-2992\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Wireshark 'packet-gsm_a_rr.c' Denial of Service Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2010-08.html\");\n script_xref(name : \"URL\" , value : \"http://securitytracker.com/alerts/2010/Jul/1024269.html\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\");\n\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_require_keys(\"Wireshark/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Get the version from KB\nwiresharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!wiresharkVer){\n exit(0);\n}\n\n## Check for Wireshark Version\nif(version_in_range(version:wiresharkVer, test_version:\"1.2.2\", test_version2:\"1.2.9\")){\n security_message(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2020-04-27T19:23:05", "description": "The host is installed with Wireshark and is prone to Denial of\n Service Vulnerability.", "cvss3": {}, "published": "2010-08-19T00:00:00", "type": "openvas", "title": "Wireshark 'packet-gsm_a_rr.c' Denial of Service Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2992"], "modified": "2020-04-23T00:00:00", "id": "OPENVAS:1361412562310801433", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801433", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Wireshark 'packet-gsm_a_rr.c' Denial of Service Vulnerability (Windows)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801433\");\n script_version(\"2020-04-23T12:22:09+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-23 12:22:09 +0000 (Thu, 23 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2010-08-19 10:23:11 +0200 (Thu, 19 Aug 2010)\");\n script_cve_id(\"CVE-2010-2992\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Wireshark 'packet-gsm_a_rr.c' Denial of Service Vulnerability (Windows)\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2010-08.html\");\n script_xref(name:\"URL\", value:\"http://securitytracker.com/alerts/2010/Jul/1024269.html\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html\");\n\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to cause a denial of service.\");\n script_tag(name:\"affected\", value:\"Wireshark version 1.2.2 through 1.2.9\");\n script_tag(name:\"insight\", value:\"The flaw is due to an error in 'packet-gsm_a_rr.c' in the GSM A RR\n dissector.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Wireshark version 1.2.10 or later.\");\n script_tag(name:\"summary\", value:\"The host is installed with Wireshark and is prone to Denial of\n Service Vulnerability.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download.html\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nwiresharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!wiresharkVer){\n exit(0);\n}\n\nif(version_in_range(version:wiresharkVer, test_version:\"1.2.2\", test_version2:\"1.2.9\")){\n report = report_fixed_ver(installed_version:wiresharkVer, vulnerable_range:\"1.2.2 - 1.2.9\");\n security_message(port: 0, data: report);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-09-04T14:20:00", "description": "The remote host is missing updates announced in\nadvisory GLSA 201006-05.", "cvss3": {}, "published": "2011-03-09T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201006-05 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4376", "CVE-2009-4377", "CVE-2010-1455", "CVE-2009-4378"], "modified": "2017-08-31T00:00:00", "id": "OPENVAS:69008", "href": "http://plugins.openvas.org/nasl.php?oid=69008", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were found in Wireshark.\";\ntag_solution = \"All Wireshark users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/wireshark-1.2.8-r1'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201006-05\nhttp://bugs.gentoo.org/show_bug.cgi?id=297388\nhttp://bugs.gentoo.org/show_bug.cgi?id=318935\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201006-05.\";\n\n \n \n\nif(description)\n{\n script_id(69008);\n script_version(\"$Revision: 7029 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-31 13:51:40 +0200 (Thu, 31 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-09 05:54:11 +0100 (Wed, 09 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2009-4376\", \"CVE-2009-4377\", \"CVE-2009-4378\", \"CVE-2010-1455\");\n script_name(\"Gentoo Security Advisory GLSA 201006-05 (wireshark)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-analyzer/wireshark\", unaffected: make_list(\"ge 1.2.8-r1\"), vulnerable: make_list(\"lt 1.2.8-r1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:35", "description": "The remote host is missing updates announced in\nadvisory GLSA 201006-05.", "cvss3": {}, "published": "2011-03-09T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201006-05 (wireshark)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4376", "CVE-2009-4377", "CVE-2010-1455", "CVE-2009-4378"], "modified": "2019-03-14T00:00:00", "id": "OPENVAS:136141256231069008", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069008", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201006_05.nasl 14171 2019-03-14 10:22:03Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69008\");\n script_version(\"$Revision: 14171 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 11:22:03 +0100 (Thu, 14 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-09 05:54:11 +0100 (Wed, 09 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2009-4376\", \"CVE-2009-4377\", \"CVE-2009-4378\", \"CVE-2010-1455\");\n script_name(\"Gentoo Security Advisory GLSA 201006-05 (wireshark)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities were found in Wireshark.\");\n script_tag(name:\"solution\", value:\"All Wireshark users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/wireshark-1.2.8-r1'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201006-05\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=297388\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=318935\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201006-05.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-analyzer/wireshark\", unaffected: make_list(\"ge 1.2.8-r1\"), vulnerable: make_list(\"lt 1.2.8-r1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-27T10:55:30", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2011-03-24T00:00:00", "type": "openvas", "title": "RedHat Update for wireshark RHSA-2011:0370-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0024", "CVE-2011-1141", "CVE-2010-3445", "CVE-2011-1143", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-0538"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870411", "href": "http://plugins.openvas.org/nasl.php?oid=870411", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for wireshark RHSA-2011:0370-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n A heap-based buffer overflow flaw was found in Wireshark. If Wireshark\n opened a specially-crafted capture file, it could crash or, possibly,\n execute arbitrary code as the user running Wireshark. (CVE-2011-0024)\n \n Several denial of service flaws were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off a network, or\n opened a malicious dump file. (CVE-2010-3445, CVE-2011-0538, CVE-2011-1139,\n CVE-2011-1140, CVE-2011-1141, CVE-2011-1143)\n \n Users of Wireshark should upgrade to these updated packages, which contain\n backported patches to correct these issues. All running instances of\n Wireshark must be restarted for the update to take effect.\";\n\ntag_affected = \"wireshark on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-March/msg00034.html\");\n script_id(870411);\n script_version(\"$Revision: 6685 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-24 14:29:52 +0100 (Thu, 24 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2011:0370-01\");\n script_cve_id(\"CVE-2010-3445\", \"CVE-2011-0024\", \"CVE-2011-0538\", \"CVE-2011-1139\", \"CVE-2011-1140\", \"CVE-2011-1141\", \"CVE-2011-1143\");\n script_name(\"RedHat Update for wireshark RHSA-2011:0370-01\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.15~1.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~2.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.15~2.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~2.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:43", "description": "Check for the Version of wireshark", "cvss3": {}, "published": "2011-03-25T00:00:00", "type": "openvas", "title": "CentOS Update for wireshark CESA-2011:0370 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0024", "CVE-2011-1141", "CVE-2010-3445", "CVE-2011-1143", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-0538"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880481", "href": "http://plugins.openvas.org/nasl.php?oid=880481", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for wireshark CESA-2011:0370 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n A heap-based buffer overflow flaw was found in Wireshark. If Wireshark\n opened a specially-crafted capture file, it could crash or, possibly,\n execute arbitrary code as the user running Wireshark. (CVE-2011-0024)\n \n Several denial of service flaws were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off a network, or\n opened a malicious dump file. (CVE-2010-3445, CVE-2011-0538, CVE-2011-1139,\n CVE-2011-1140, CVE-2011-1141, CVE-2011-1143)\n \n Users of Wireshark should upgrade to these updated packages, which contain\n backported patches to correct these issues. All running instances of\n Wireshark must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-March/017273.html\");\n script_id(880481);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-25 15:26:27 +0100 (Fri, 25 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2011:0370\");\n script_cve_id(\"CVE-2010-3445\", \"CVE-2011-0024\", \"CVE-2011-0538\", \"CVE-2011-1139\", \"CVE-2011-1140\", \"CVE-2011-1141\", \"CVE-2011-1143\");\n script_name(\"CentOS Update for wireshark CESA-2011:0370 centos4 i386\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~2.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~2.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-03-24T00:00:00", "type": "openvas", "title": "RedHat Update for wireshark RHSA-2011:0370-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0024", "CVE-2011-1141", "CVE-2010-3445", "CVE-2011-1143", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-0538"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870411", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870411", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for wireshark RHSA-2011:0370-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-March/msg00034.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870411\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-24 14:29:52 +0100 (Thu, 24 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2011:0370-01\");\n script_cve_id(\"CVE-2010-3445\", \"CVE-2011-0024\", \"CVE-2011-0538\", \"CVE-2011-1139\", \"CVE-2011-1140\", \"CVE-2011-1141\", \"CVE-2011-1143\");\n script_name(\"RedHat Update for wireshark RHSA-2011:0370-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(5|4)\");\n script_tag(name:\"affected\", value:\"wireshark on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n A heap-based buffer overflow flaw was found in Wireshark. If Wireshark\n opened a specially-crafted capture file, it could crash or, possibly,\n execute arbitrary code as the user running Wireshark. (CVE-2011-0024)\n\n Several denial of service flaws were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off a network, or\n opened a malicious dump file. (CVE-2010-3445, CVE-2011-0538, CVE-2011-1139,\n CVE-2011-1140, CVE-2011-1141, CVE-2011-1143)\n\n Users of Wireshark should upgrade to these updated packages, which contain\n backported patches to correct these issues. All running instances of\n Wireshark must be restarted for the update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.15~1.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.el5_6.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~2.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.15~2.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~2.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:57", "description": "Oracle Linux Local Security Checks ELSA-2011-0370", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-0370", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0024", "CVE-2011-1141", "CVE-2010-3445", "CVE-2011-1143", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-0538"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122214", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122214", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-0370.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122214\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:14:54 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-0370\");\n script_tag(name:\"insight\", value:\"ELSA-2011-0370 - wireshark security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-0370\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-0370.html\");\n script_cve_id(\"CVE-2010-3445\", \"CVE-2011-0024\", \"CVE-2011-0538\", \"CVE-2011-1139\", \"CVE-2011-1140\", \"CVE-2011-1141\", \"CVE-2011-1143\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.0.1.el5_6.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.0.1.el5_6.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:25", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for wireshark CESA-2011:0370 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0024", "CVE-2011-1141", "CVE-2010-3445", "CVE-2011-1143", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-0538"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880531", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880531", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for wireshark CESA-2011:0370 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-April/017403.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880531\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2011:0370\");\n script_cve_id(\"CVE-2010-3445\", \"CVE-2011-0024\", \"CVE-2011-0538\", \"CVE-2011-1139\", \"CVE-2011-1140\", \"CVE-2011-1141\", \"CVE-2011-1143\");\n script_name(\"CentOS Update for wireshark CESA-2011:0370 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"wireshark on CentOS 5\");\n script_tag(name:\"insight\", value:\"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n A heap-based buffer overflow flaw was found in Wireshark. If Wireshark\n opened a specially-crafted capture file, it could crash or, possibly,\n execute arbitrary code as the user running Wireshark. (CVE-2011-0024)\n\n Several denial of service flaws were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off a network, or\n opened a malicious dump file. (CVE-2010-3445, CVE-2011-0538, CVE-2011-1139,\n CVE-2011-1140, CVE-2011-1141, CVE-2011-1143)\n\n Users of Wireshark should upgrade to these updated packages, which contain\n backported patches to correct these issues. All running instances of\n Wireshark must be restarted for the update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~1.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~1.el5_6.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:47", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-03-25T00:00:00", "type": "openvas", "title": "CentOS Update for wireshark CESA-2011:0370 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0024", "CVE-2011-1141", "CVE-2010-3445", "CVE-2011-1143", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-0538"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880481", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880481", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for wireshark CESA-2011:0370 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-March/017273.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880481\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-25 15:26:27 +0100 (Fri, 25 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2011:0370\");\n script_cve_id(\"CVE-2010-3445\", \"CVE-2011-0024\", \"CVE-2011-0538\", \"CVE-2011-1139\", \"CVE-2011-1140\", \"CVE-2011-1141\", \"CVE-2011-1143\");\n script_name(\"CentOS Update for wireshark CESA-2011:0370 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"wireshark on CentOS 4\");\n script_tag(name:\"insight\", value:\"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n A heap-based buffer overflow flaw was found in Wireshark. If Wireshark\n opened a specially-crafted capture file, it could crash or, possibly,\n execute arbitrary code as the user running Wireshark. (CVE-2011-0024)\n\n Several denial of service flaws were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off a network, or\n opened a malicious dump file. (CVE-2010-3445, CVE-2011-0538, CVE-2011-1139,\n CVE-2011-1140, CVE-2011-1141, CVE-2011-1143)\n\n Users of Wireshark should upgrade to these updated packages, which contain\n backported patches to correct these issues. All running instances of\n Wireshark must be restarted for the update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.15~2.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.15~2.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "cvss3": {}, "published": "2010-09-02T20:47:13", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: wireshark-1.2.10-1.fc12", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2995"], "modified": "2010-09-02T20:47:13", "id": "FEDORA:22127110B4B", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/S7HT3OF5LY4L6YTBUNYNRCQVKUA5ZFHV/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "cvss3": {}, "published": "2010-09-02T20:45:30", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: wireshark-1.2.10-1.fc13", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2992", "CVE-2010-2993", "CVE-2010-2995"], "modified": "2010-09-02T20:45:30", "id": "FEDORA:C0E72110A4E", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/6ISTV7Z6IY7QFNYIIIQETVRSIB4LXMVO/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "cvss3": {}, "published": "2011-01-13T23:31:35", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: wireshark-1.2.13-2.fc13", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-4538"], "modified": "2011-01-13T23:31:35", "id": "FEDORA:77FD910F9EE", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/BNGPBH4YOVMLE2CV3PFSRSQ5NDF6C4RU/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "cvss3": {}, "published": "2011-04-26T21:52:59", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: wireshark-1.2.16-1.fc13", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2011-1590", "CVE-2011-1591"], "modified": "2011-04-26T21:52:59", "id": "FEDORA:5ED55110E1C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/2GN5O5AMS35QRYGUGD2HN2GMV45ZQQ33/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "cvss3": {}, "published": "2011-02-02T19:29:59", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: wireshark-1.2.14-1.fc13", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2011-0444", "CVE-2011-0445"], "modified": "2011-02-02T19:29:59", "id": "FEDORA:B6CC8110BFF", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QW3PKY6YV2DU7UXON325A7SY2LJNNGBA/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "cvss3": {}, "published": "2011-03-11T20:56:24", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: wireshark-1.2.15-1.fc13", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-3445", "CVE-2011-0538", "CVE-2011-0713", "CVE-2011-1138", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-1141", "CVE-2011-1143"], "modified": "2011-03-11T20:56:24", "id": "FEDORA:C7FE910F926", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4CUFPCJPSKBZP2KVOQZ5CMO5WZW6EGHW/", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "cvss3": {}, "published": "2011-06-15T05:45:17", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: wireshark-1.2.17-1.fc13", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2011-1957", "CVE-2011-1958", "CVE-2011-1959", "CVE-2011-2174", "CVE-2011-2175"], "modified": "2011-06-15T05:45:17", "id": "FEDORA:A487811127C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/DH7SM423CBN7HHI7QFNVCHYJPE2B45YD/", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2021-06-08T19:16:54", "description": "Multiple DoS conditions, buffer overflow.", "edition": 2, "cvss3": {}, "published": "2010-09-14T00:00:00", "title": "Wireshark sniffer multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2010-2285", "CVE-2010-2284", "CVE-2010-2287", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286", "CVE-2010-2994"], "modified": "2010-09-14T00:00:00", "id": "SECURITYVULNS:VULN:10928", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10928", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:36", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2101-1 security@debian.org\r\nhttp://www.debian.org/security/ Moritz Muehlenhoff\r\nAugust 31, 2010 http://www.debian.org/security/faq\r\n- ------------------------------------------------------------------------\r\n\r\nPackage : wireshark\r\nVulnerability : several\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE Id&#40;s&#41; : CVE-2010-2994 CVE-2010-2995\r\n\r\nSeveral implementation errors in the dissector of the Wireshark network\r\ntraffic analyzer for the ASN.1 BER protocol and in the SigComp Universal\r\nDecompressor Virtual Machine may lead to the execution of arbitrary code.\r\n\r\nFor the stable distribution &#40;lenny&#41;, these problems have been fixed in\r\nversion 1.0.2-3+lenny10.\r\n\r\nFor the unstable distribution &#40;sid&#41;, these problems have been fixed in\r\nversion 1.2.10-1.\r\n\r\nWe recommend that you upgrade your wireshark packages.\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 5.0 alias lenny\r\n- --------------------------------\r\n\r\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2.orig.tar.gz\r\n Size/MD5 checksum: 16935492 1834437f7c6dbed02082e7757133047d\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny10.diff.gz\r\n Size/MD5 checksum: 119766 5a4194b36f275740420e6976a3cf4801\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny10.dsc\r\n Size/MD5 checksum: 1506 8c8b1b6eb5746bb12f3a31606279d2a4\r\n\r\nalpha architecture &#40;DEC Alpha&#41;\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny10_alpha.deb\r\n Size/MD5 checksum: 12098048 c6037e2144a2b606c89666a38bba255d\r\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny10_alpha.deb\r\n Size/MD5 checksum: 127062 0ed9502cbcfafb5f40092dfb85bd1452\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny10_alpha.deb\r\n Size/MD5 checksum: 731182 7d68066a76be15c23097c467591a71d7\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny10_alpha.deb\r\n Size/MD5 checksum: 570002 ef363dd7b6e59f55ac352dd7f476271f\r\n\r\namd64 architecture &#40;AMD x86_64 &#40;AMD64&#41;&#41;\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny10_amd64.deb\r\n Size/MD5 checksum: 659672 93affb6b939d97543c0a2ee094eb7bcf\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny10_amd64.deb\r\n Size/MD5 checksum: 11867538 e26471505e2511c44915167d9df30b2c\r\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny10_amd64.deb\r\n Size/MD5 checksum: 119270 3507f87aae6c6eb333f5d6675557ffea\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny10_amd64.deb\r\n Size/MD5 checksum: 568816 5c2bde00638f8be32513abe1c9b861f9\r\n\r\narm architecture &#40;ARM&#41;\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny10_arm.deb\r\n Size/MD5 checksum: 10214680 bc5423c9321f4790707c2be839f48029\r\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny10_arm.deb\r\n Size/MD5 checksum: 111310 3c7a4f2daba42dec5e4e5b0cad3c8ba4\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny10_arm.deb\r\n Size/MD5 checksum: 614450 ba489525ee84174cf3e9fb7a40f89d14\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny10_arm.deb\r\n Size/MD5 checksum: 584538 1a02fc4e91ce9d386bb8ed1e7902c280\r\n\r\narmel architecture &#40;ARM EABI&#41;\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny10_armel.deb\r\n Size/MD5 checksum: 620126 27ace8479a33a8d685f019fa563d3afa\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny10_armel.deb\r\n Size/MD5 checksum: 10219808 ef603f9abcd981feb550a6f328592eba\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny10_armel.deb\r\n Size/MD5 checksum: 586342 7929f0643a92cb084568da2e32ada209\r\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny10_armel.deb\r\n Size/MD5 checksum: 113602 e459df96b13b2321ea4ac2b7ca055a55\r\n\r\nhppa architecture &#40;HP PA RISC&#41;\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny10_hppa.deb\r\n Size/MD5 checksum: 121180 7cc1f3a0fe508449031c851142b5c4d3\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny10_hppa.deb\r\n Size/MD5 checksum: 13271640 6bbfc0d14d3bb8c46b35a40523139c5f\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny10_hppa.deb\r\n Size/MD5 checksum: 584306 c77db073cd347903377d301d656ec3b6\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny10_hppa.deb\r\n Size/MD5 checksum: 694870 5c35736053a02a728cc9263cea544118\r\n\r\ni386 architecture &#40;Intel ia32&#41;\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny10_i386.deb\r\n Size/MD5 checksum: 583572 3c416afdc0bed67389798748ac82dab1\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny10_i386.deb\r\n Size/MD5 checksum: 619668 b279bae201515f07f50b789fe9208ee3\r\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny10_i386.deb\r\n Size/MD5 checksum: 111708 bd19cc8a584292771ce8b37a934b6759\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny10_i386.deb\r\n Size/MD5 checksum: 10109862 4a6846b885178fd578ecc6dc3b284172\r\n\r\nia64 architecture &#40;Intel ia64&#41;\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny10_ia64.deb\r\n Size/MD5 checksum: 568824 dabad8c92b646ce5bdf5ac4369593b1a\r\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny10_ia64.deb\r\n Size/MD5 checksum: 154666 185f3441d66fcf3ce9c781dc061e4961\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny10_ia64.deb\r\n Size/MD5 checksum: 931572 a74e996b87300057ef62722bdccf072c\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny10_ia64.deb\r\n Size/MD5 checksum: 13684804 ec46eeb74513b1c42288f0c186313505\r\n\r\nmips architecture &#40;MIPS &#40;Big Endian&#41;&#41;\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny10_mips.deb\r\n Size/MD5 checksum: 10424544 8f76ad6d63aecdb627850b2729655b3e\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny10_mips.deb\r\n Size/MD5 checksum: 636682 909599c2175d06ba483baac5fbef9715\r\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny10_mips.deb\r\n Size/MD5 checksum: 113264 333e8a51080d13136689b9786e4d0061\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny10_mips.deb\r\n Size/MD5 checksum: 585810 921806111c71ed490ff18e05ef5383c7\r\n\r\nmipsel architecture &#40;MIPS &#40;Little Endian&#41;&#41;\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny10_mipsel.deb\r\n Size/MD5 checksum: 113454 9602da05aa4bc7a22432bcd720660cc0\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny10_mipsel.deb\r\n Size/MD5 checksum: 570006 1e8cb3f56fa73956d52268d237c15baf\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny10_mipsel.deb\r\n Size/MD5 checksum: 627162 2ef6443e548130d6d7f3e7bdf0176b6a\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny10_mipsel.deb\r\n Size/MD5 checksum: 9729736 fa8030ec05b4e395f0ba3c90ee670e46\r\n\r\npowerpc architecture &#40;PowerPC&#41;\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny10_powerpc.deb\r\n Size/MD5 checksum: 582794 f2e0c6a4336e42c023c4f1db3dc00dd8\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny10_powerpc.deb\r\n Size/MD5 checksum: 677742 0dda6ce349cf9e844e7ba074765ab682\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny10_powerpc.deb\r\n Size/MD5 checksum: 11220016 5e5f2754bef30795bdab7486c5dd8a72\r\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny10_powerpc.deb\r\n Size/MD5 checksum: 122572 ac15689cd78a06ac3472760c10a253af\r\n\r\ns390 architecture &#40;IBM S/390&#41;\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny10_s390.deb\r\n Size/MD5 checksum: 12488184 b916661193fbbdef2e6838f5e144e0c4\r\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny10_s390.deb\r\n Size/MD5 checksum: 122150 fa1d1a623a2cd95b2d59f5d910226086\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny10_s390.deb\r\n Size/MD5 checksum: 569966 9c91e4417d2860da5e9903410f92d775\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny10_s390.deb\r\n Size/MD5 checksum: 671588 c2f017d2cb7bdd3a8c7c5f85aef2df6f\r\n\r\nsparc architecture &#40;Sun SPARC/UltraSPARC&#41;\r\n\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_1.0.2-3+lenny10_sparc.deb\r\n Size/MD5 checksum: 11287328 d4bb52efa605646c1c207565c9c1eb77\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_1.0.2-3+lenny10_sparc.deb\r\n Size/MD5 checksum: 583744 803661967720b8f8d048844afef3a6b3\r\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_1.0.2-3+lenny10_sparc.deb\r\n Size/MD5 checksum: 113520 0f733a8ef1549c573cf4055ee37e1842\r\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_1.0.2-3+lenny10_sparc.deb\r\n Size/MD5 checksum: 629600 f7ed1aa09cb192c7d8f844cfc7fae2bc\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: &#96;apt-cache show &lt;pkg&gt;&#39; and http://packages.debian.org/&lt;pkg&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 &#40;GNU/Linux&#41;\r\n\r\niEYEARECAAYFAkx9c8QACgkQXm3vHE4uylrESACfTJUNw4OFiIQV7Iaw4pwS/fQa\r\nS7IAn1YBxtdVgDDmJi/ufNW05qKFhQsn\r\n=iB+3\r\n-----END PGP SIGNATURE-----", "edition": 1, "cvss3": {}, "published": "2010-09-02T00:00:00", "title": "[SECURITY] [DSA 2101-1] New wireshark packages fix several vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2010-2995", "CVE-2010-2994"], "modified": "2010-09-02T00:00:00", "id": "SECURITYVULNS:DOC:24664", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:24664", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:36", "description": "Memory corruption on DOCSIS protocol parsing.", "edition": 1, "cvss3": {}, "published": "2010-05-21T00:00:00", "title": "Wireshark memory corruption", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2010-1455"], "modified": "2010-05-21T00:00:00", "id": "SECURITYVULNS:VULN:10860", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10860", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:34", "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2010:099\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : wireshark\r\n Date : May 18, 2010\r\n Affected: 2009.1, 2010.0, Corporate 4.0, Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n This advisory updates wireshark to the latest version&#40;s&#41;, fixing\r\n several bugs and one security issue:\r\n \r\n The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0\r\n through 1.2.7 allows user-assisted remote attackers to cause a denial\r\n of service &#40;application crash&#41; via a malformed packet trace file\r\n &#40;CVE-2010-1455&#41;.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1455\r\n http://www.wireshark.org/security/wnpa-sec-2010-03.html\r\n http://www.wireshark.org/security/wnpa-sec-2010-04.html\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2009.1:\r\n 3427658b5fa7df10dfa9171fce88f274 2009.1/i586/dumpcap-1.0.13-0.1mdv2009.1.i586.rpm\r\n 95eaa9c7c7ac154903915192da011c30 2009.1/i586/libwireshark0-1.0.13-0.1mdv2009.1.i586.rpm\r\n 8ff6136b164403ef8723c79ba1c4fe9c 2009.1/i586/libwireshark-devel-1.0.13-0.1mdv2009.1.i586.rpm\r\n a941891c51278956c8b09542fe38b316 2009.1/i586/rawshark-1.0.13-0.1mdv2009.1.i586.rpm\r\n e7f5402a8b5ea82a517331662d052258 2009.1/i586/tshark-1.0.13-0.1mdv2009.1.i586.rpm\r\n 0766111a0a9343548634dabaa1d45532 2009.1/i586/wireshark-1.0.13-0.1mdv2009.1.i586.rpm\r\n 19a17a62a92d2c5b5333fd50b084b6af 2009.1/i586/wireshark-tools-1.0.13-0.1mdv2009.1.i586.rpm \r\n 8ab9c2e193eac4ae22d7d511a4090781 2009.1/SRPMS/wireshark-1.0.13-0.1mdv2009.1.src.rpm\r\n\r\n Mandriva Linux 2009.1/X86_64:\r\n 8f7794755f7c0eedc2b28e8418856360 2009.1/x86_64/dumpcap-1.0.13-0.1mdv2009.1.x86_64.rpm\r\n e97ce630c1d3574081498ceb43a212b0 2009.1/x86_64/lib64wireshark0-1.0.13-0.1mdv2009.1.x86_64.rpm\r\n 35cc38b16123a19a98a2861b6e6bae54 2009.1/x86_64/lib64wireshark-devel-1.0.13-0.1mdv2009.1.x86_64.rpm\r\n fa900f436680fcab9743efb8f0d22f51 2009.1/x86_64/rawshark-1.0.13-0.1mdv2009.1.x86_64.rpm\r\n 47a14ff044d80421e45dedb1b7efd8fd 2009.1/x86_64/tshark-1.0.13-0.1mdv2009.1.x86_64.rpm\r\n a1876af79319c30d2b8566c5952588eb 2009.1/x86_64/wireshark-1.0.13-0.1mdv2009.1.x86_64.rpm\r\n c4f1f8b8379ce70809273245444e0274 2009.1/x86_64/wireshark-tools-1.0.13-0.1mdv2009.1.x86_64.rpm \r\n 8ab9c2e193eac4ae22d7d511a4090781 2009.1/SRPMS/wireshark-1.0.13-0.1mdv2009.1.src.rpm\r\n\r\n Mandriva Linux 2010.0:\r\n 2c5b85c0cb3e8221d600ea1c940d64c4 2010.0/i586/dumpcap-1.2.8-0.1mdv2010.0.i586.rpm\r\n a85db0c4912c68d69a6e413a6746f3f2 2010.0/i586/libwireshark0-1.2.8-0.1mdv2010.0.i586.rpm\r\n 0e9fbb983c87fad49130ae895d967f18 2010.0/i586/libwireshark-devel-1.2.8-0.1mdv2010.0.i586.rpm\r\n 8145924953fb4978e6aac7f7a3350ad4 2010.0/i586/rawshark-1.2.8-0.1mdv2010.0.i586.rpm\r\n 91b4fe8fbd482e9c23c20cb94419b095 2010.0/i586/tshark-1.2.8-0.1mdv2010.0.i586.rpm\r\n e2d9d1a05bb335b46c30436cc96c451b 2010.0/i586/wireshark-1.2.8-0.1mdv2010.0.i586.rpm\r\n 76267d68aef9aaa1eb0980313caf870e 2010.0/i586/wireshark-tools-1.2.8-0.1mdv2010.0.i586.rpm \r\n 06020dae672ccfa508fb2178ebebc40d 2010.0/SRPMS/wireshark-1.2.8-0.1mdv2010.0.src.rpm\r\n\r\n Mandriva Linux 2010.0/X86_64:\r\n 2586bb1431247188f3baa0defefaa56b 2010.0/x86_64/dumpcap-1.2.8-0.1mdv2010.0.x86_64.rpm\r\n e90b861b4536d972a0aecd8872332ed6 2010.0/x86_64/lib64wireshark0-1.2.8-0.1mdv2010.0.x86_64.rpm\r\n 6659765951116ebf828767453770c894 2010.0/x86_64/lib64wireshark-devel-1.2.8-0.1mdv2010.0.x86_64.rpm\r\n d4df009441f8298a31166051b856bbb6 2010.0/x86_64/rawshark-1.2.8-0.1mdv2010.0.x86_64.rpm\r\n f6ca978a30455563574c7692c5761645 2010.0/x86_64/tshark-1.2.8-0.1mdv2010.0.x86_64.rpm\r\n 3f14e37aeba9563c97565450e3cff0c4 2010.0/x86_64/wireshark-1.2.8-0.1mdv2010.0.x86_64.rpm\r\n ceb5d1d67c811a789f689b6c52c6b138 2010.0/x86_64/wireshark-tools-1.2.8-0.1mdv2010.0.x86_64.rpm \r\n 06020dae672ccfa508fb2178ebebc40d 2010.0/SRPMS/wireshark-1.2.8-0.1mdv2010.0.src.rpm\r\n\r\n Corporate 4.0:\r\n c4b2c595380a9ffecf99a9d5327d718d corporate/4.0/i586/dumpcap-1.0.13-0.1.20060mlcs4.i586.rpm\r\n 684237a417550abfb5cd737e4251209a corporate/4.0/i586/libwireshark0-1.0.13-0.1.20060mlcs4.i586.rpm\r\n 3bd58a1b9287347d442337893918134e corporate/4.0/i586/libwireshark-devel-1.0.13-0.1.20060mlcs4.i586.rpm\r\n 3b74b6610f9f4cbfdde3a91ecb1ad968 corporate/4.0/i586/rawshark-1.0.13-0.1.20060mlcs4.i586.rpm\r\n 5d51ba1b7f02a343c75a12832ca35ad8 corporate/4.0/i586/tshark-1.0.13-0.1.20060mlcs4.i586.rpm\r\n 82526ef77e651cf0b7c02a81c7a700c0 corporate/4.0/i586/wireshark-1.0.13-0.1.20060mlcs4.i586.rpm\r\n dc716e950488d94feed96787f67be9c9 corporate/4.0/i586/wireshark-tools-1.0.13-0.1.20060mlcs4.i586.rpm \r\n b97b0f6aa0d8c5642ac07436141c855d corporate/4.0/SRPMS/wireshark-1.0.13-0.1.20060mlcs4.src.rpm\r\n\r\n Corporate 4.0/X86_64:\r\n 2ec3496f75013772d6e9bdea6828c16f corporate/4.0/x86_64/dumpcap-1.0.13-0.1.20060mlcs4.x86_64.rpm\r\n c0865dc441a4ec7c400ac058412cb032 corporate/4.0/x86_64/lib64wireshark0-1.0.13-0.1.20060mlcs4.x86_64.rpm\r\n ec3f166d445b74f6e46e0c4bac4e6c62 corporate/4.0/x86_64/lib64wireshark-devel-1.0.13-0.1.20060mlcs4.x86_64.rpm\r\n 9d7cf63bbdd653cae0c798c208add461 corporate/4.0/x86_64/rawshark-1.0.13-0.1.20060mlcs4.x86_64.rpm\r\n 8df217351b953556dbfee0ea8b5ddf50 corporate/4.0/x86_64/tshark-1.0.13-0.1.20060mlcs4.x86_64.rpm\r\n d53580174b0a15136052fd5669791667 corporate/4.0/x86_64/wireshark-1.0.13-0.1.20060mlcs4.x86_64.rpm\r\n 24ab0d2d38836f963606cfd8f7aa6232 corporate/4.0/x86_64/wireshark-tools-1.0.13-0.1.20060mlcs4.x86_64.rpm \r\n b97b0f6aa0d8c5642ac07436141c855d corporate/4.0/SRPMS/wireshark-1.0.13-0.1.20060mlcs4.src.rpm\r\n\r\n Mandriva Enterprise Server 5:\r\n f865f10f62d8e5527f1f8524b9891c5e mes5/i586/dumpcap-1.0.13-0.1mdvmes5.1.i586.rpm\r\n 7bde53dbbc605a62b83e48e5a0bbde53 mes5/i586/libwireshark0-1.0.13-0.1mdvmes5.1.i586.rpm\r\n 7ecca1bf236e03022150f93092dd3ef7 mes5/i586/libwireshark-devel-1.0.13-0.1mdvmes5.1.i586.rpm\r\n 32bbd3675662dea150f915e1ee77ae17 mes5/i586/rawshark-1.0.13-0.1mdvmes5.1.i586.rpm\r\n c072835fc21b9b36a5eb7d0761d288c7 mes5/i586/tshark-1.0.13-0.1mdvmes5.1.i586.rpm\r\n b5fca6f651f1b81f0df15b5c71d9cdfb mes5/i586/wireshark-1.0.13-0.1mdvmes5.1.i586.rpm\r\n d711e784319692510c6691594936d57e mes5/i586/wireshark-tools-1.0.13-0.1mdvmes5.1.i586.rpm \r\n 355ce77e75e6cf4f2f86e0824aeb81a2 mes5/SRPMS/wireshark-1.0.13-0.1mdvmes5.1.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n f997085cdfb83ec7b21a5096b3f7f655 mes5/x86_64/dumpcap-1.0.13-0.1mdvmes5.1.x86_64.rpm\r\n 586e93233e0596f188f3cf3400540db3 mes5/x86_64/lib64wireshark0-1.0.13-0.1mdvmes5.1.x86_64.rpm\r\n 101ac339faa3cb81e855eff790fc57b2 mes5/x86_64/lib64wireshark-devel-1.0.13-0.1mdvmes5.1.x86_64.rpm\r\n a5bdef0bb8c7a95abc2a397acedf4c6b mes5/x86_64/rawshark-1.0.13-0.1mdvmes5.1.x86_64.rpm\r\n 20e38292613f404a59e1d0c7a459a7dc mes5/x86_64/tshark-1.0.13-0.1mdvmes5.1.x86_64.rpm\r\n f60e210371f306a9d65032d0a9eebc74 mes5/x86_64/wireshark-1.0.13-0.1mdvmes5.1.x86_64.rpm\r\n 45a0c1e7597283105216f4a722d32854 mes5/x86_64/wireshark-tools-1.0.13-0.1mdvmes5.1.x86_64.rpm \r\n 355ce77e75e6cf4f2f86e0824aeb81a2 mes5/SRPMS/wireshark-1.0.13-0.1mdvmes5.1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFL8ratmqjQ0CJFipgRAh+GAJ9c5ildsVIRLxoBRyVh+7LWOc73VwCfZNL8\r\n+N6HtVQiR7ONcm65k5tvU84=\r\n=y6OA\r\n-----END PGP SIGNATURE-----", "edition": 1, "cvss3": {}, "published": "2010-05-21T00:00:00", "title": "[ MDVSA-2010:099 ] wireshark", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2010-1455"], "modified": "2010-05-21T00:00:00", "id": "SECURITYVULNS:DOC:23902", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:23902", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:37", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2010:200\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : wireshark\r\n Date : October 13, 2010\r\n Affected: 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n It was discovered that the ASN.1 BER dissector in wireshark was\r\n susceptible to a stack overflow &#40;CVE-2010-3445&#41;.\r\n \r\n For 2010.0 and 2010.1 wireshark was upgraded to v1.2.12 which is not\r\n vulnerable to this issue and was patched for CS4 and MES5 to resolve\r\n the vulnerability.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=\r\n https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5230\r\n http://www.wireshark.org/security/wnpa-sec-2010-11.html\r\n http://www.wireshark.org/security/wnpa-sec-2010-12.html\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2010.0:\r\n f40ac2df7d649771ca4436997815ff7d 2010.0/i586/dumpcap-1.2.12-0.1mdv2010.0.i586.rpm\r\n 6b1ff44460cb8c2d13fe79a7727a7576 2010.0/i586/libwireshark0-1.2.12-0.1mdv2010.0.i586.rpm\r\n f1b70e6241c58b97fcaeb694801e939b 2010.0/i586/libwireshark-devel-1.2.12-0.1mdv2010.0.i586.rpm\r\n cd3df61a371dd1deccf8fd8fbca80aa7 2010.0/i586/rawshark-1.2.12-0.1mdv2010.0.i586.rpm\r\n 960c3289f6e2185517161d9223476d97 2010.0/i586/tshark-1.2.12-0.1mdv2010.0.i586.rpm\r\n e46825ba00c144e3f4de545a7996c9ca 2010.0/i586/wireshark-1.2.12-0.1mdv2010.0.i586.rpm\r\n 3c30f330037371e1d9f5abbe393e2950 2010.0/i586/wireshark-tools-1.2.12-0.1mdv2010.0.i586.rpm \r\n c872e89346410766c482dbf846883e3c 2010.0/SRPMS/wireshark-1.2.12-0.1mdv2010.0.src.rpm\r\n\r\n Mandriva Linux 2010.0/X86_64:\r\n 92be514a497b7463a322d846e6b7e9f6 2010.0/x86_64/dumpcap-1.2.12-0.1mdv2010.0.x86_64.rpm\r\n 90c09a2441ab754559cbd8ac8aff112c 2010.0/x86_64/lib64wireshark0-1.2.12-0.1mdv2010.0.x86_64.rpm\r\n 779e8575d192294604fa65970edc5279 2010.0/x86_64/lib64wireshark-devel-1.2.12-0.1mdv2010.0.x86_64.rpm\r\n c7e58ccd2579d611b0cc30aeec55499f 2010.0/x86_64/rawshark-1.2.12-0.1mdv2010.0.x86_64.rpm\r\n 5588757ab177b0992f0cef2a169fd922 2010.0/x86_64/tshark-1.2.12-0.1mdv2010.0.x86_64.rpm\r\n a5c953819a8ecbade91aa69a6a9ebf36 2010.0/x86_64/wireshark-1.2.12-0.1mdv2010.0.x86_64.rpm\r\n b2a51e06e507aab3af42db5bde28e6ea 2010.0/x86_64/wireshark-tools-1.2.12-0.1mdv2010.0.x86_64.rpm \r\n c872e89346410766c482dbf846883e3c 2010.0/SRPMS/wireshark-1.2.12-0.1mdv2010.0.src.rpm\r\n\r\n Mandriva Linux 2010.1:\r\n 5c62d199b162f3234aa1b6bcd1b762a2 2010.1/i586/dumpcap-1.2.12-0.1mdv2010.1.i586.rpm\r\n f471133514b535a05e3ff34f6d143249 2010.1/i586/libwireshark0-1.2.12-0.1mdv2010.1.i586.rpm\r\n a9a220bbe0b0f00cb3fd4346f3840e4d 2010.1/i586/libwireshark-devel-1.2.12-0.1mdv2010.1.i586.rpm\r\n 21029c832b5e55cc7b1a560d1c94d364 2010.1/i586/rawshark-1.2.12-0.1mdv2010.1.i586.rpm\r\n f6669ac7083215d23bdaf60c3bff67c2 2010.1/i586/tshark-1.2.12-0.1mdv2010.1.i586.rpm\r\n 3e81b5bcf9921fac5ac5c1faee72dd59 2010.1/i586/wireshark-1.2.12-0.1mdv2010.1.i586.rpm\r\n a7290eb217dd4b33b309ef6012d6495a 2010.1/i586/wireshark-tools-1.2.12-0.1mdv2010.1.i586.rpm \r\n a163debb57786ad7e057be1adbc42dc6 2010.1/SRPMS/wireshark-1.2.12-0.1mdv2010.1.src.rpm\r\n\r\n Mandriva Linux 2010.1/X86_64:\r\n 7404e0d17a12cae4bc0eab808b4c7910 2010.1/x86_64/dumpcap-1.2.12-0.1mdv2010.1.x86_64.rpm\r\n 4a11c3b558b22da2a4992f316e172b76 2010.1/x86_64/lib64wireshark0-1.2.12-0.1mdv2010.1.x86_64.rpm\r\n fd8be9700208d2de0deb68b4c52dbf29 2010.1/x86_64/lib64wireshark-devel-1.2.12-0.1mdv2010.1.x86_64.rpm\r\n 5c55ed9782c1c621bd6fbbc26d4e5a4f 2010.1/x86_64/rawshark-1.2.12-0.1mdv2010.1.x86_64.rpm\r\n b03b323ea0bca097af95a375b644f0db 2010.1/x86_64/tshark-1.2.12-0.1mdv2010.1.x86_64.rpm\r\n ac8a98fba0778c3b6e605dc56d685137 2010.1/x86_64/wireshark-1.2.12-0.1mdv2010.1.x86_64.rpm\r\n 0441430e34ea5dad2fe88367c2d49a4f 2010.1/x86_64/wireshark-tools-1.2.12-0.1mdv2010.1.x86_64.rpm \r\n a163debb57786ad7e057be1adbc42dc6 2010.1/SRPMS/wireshark-1.2.12-0.1mdv2010.1.src.rpm\r\n\r\n Corporate 4.0:\r\n a1587f7fd3ad986b4c77b4fefc7cffe4 corporate/4.0/i586/dumpcap-1.0.15-0.2.20060mlcs4.i586.rpm\r\n b549bc8586bec1a9d39a52c483086a74 corporate/4.0/i586/libwireshark0-1.0.15-0.2.20060mlcs4.i586.rpm\r\n ad5189043e06c0ca244dadbef04713ae corporate/4.0/i586/libwireshark-devel-1.0.15-0.2.20060mlcs4.i586.rpm\r\n 12271d314116cbbcae2752103e2c2833 corporate/4.0/i586/rawshark-1.0.15-0.2.20060mlcs4.i586.rpm\r\n 902578159f4ac5e1c6cb46b694abfbd6 corporate/4.0/i586/tshark-1.0.15-0.2.20060mlcs4.i586.rpm\r\n 4ec8f9b9d98406b4b66058d187449447 corporate/4.0/i586/wireshark-1.0.15-0.2.20060mlcs4.i586.rpm\r\n 457d599fcff364ff83f781536319bde0 corporate/4.0/i586/wireshark-tools-1.0.15-0.2.20060mlcs4.i586.rpm \r\n 237f35e28dde484145ea6818d3bdeb35 corporate/4.0/SRPMS/wireshark-1.0.15-0.2.20060mlcs4.src.rpm\r\n\r\n Corporate 4.0/X86_64:\r\n d5ee916cf712de37c061b90dc428595b corporate/4.0/x86_64/dumpcap-1.0.15-0.2.20060mlcs4.x86_64.rpm\r\n a78bdeb3a412fe624afbf370faa63ca2 \r\ncorporate/4.0/x86_64/lib64wireshark0-1.0.15-0.2.20060mlcs4.x86_64.rpm\r\n 439edea75eb61a18236839c051927726 \r\ncorporate/4.0/x86_64/lib64wireshark-devel-1.0.15-0.2.20060mlcs4.x86_64.rpm\r\n 933730b1bf446d96681e03bb7e8b77a9 corporate/4.0/x86_64/rawshark-1.0.15-0.2.20060mlcs4.x86_64.rpm\r\n cb576f13d3fe98af597c1174db94680e corporate/4.0/x86_64/tshark-1.0.15-0.2.20060mlcs4.x86_64.rpm\r\n 0dadd636756c86be73272a3e52eeb2b0 corporate/4.0/x86_64/wireshark-1.0.15-0.2.20060mlcs4.x86_64.rpm\r\n f166b39458ace00ab82b0bc3cb26d0d8 \r\ncorporate/4.0/x86_64/wireshark-tools-1.0.15-0.2.20060mlcs4.x86_64.rpm \r\n 237f35e28dde484145ea6818d3bdeb35 corporate/4.0/SRPMS/wireshark-1.0.15-0.2.20060mlcs4.src.rpm\r\n\r\n Mandriva Enterprise Server 5:\r\n 36fc3359d0837a4e99ddaa39c08fac14 mes5/i586/dumpcap-1.0.15-0.2mdvmes5.1.i586.rpm\r\n a7e80b330d95ce5a882d5b4cc3b9daa0 mes5/i586/libwireshark0-1.0.15-0.2mdvmes5.1.i586.rpm\r\n e91f395a7e1bf38997a5e7346129eca9 mes5/i586/libwireshark-devel-1.0.15-0.2mdvmes5.1.i586.rpm\r\n 676221c2b1db8c1ea855adc6b6c2cdcd mes5/i586/rawshark-1.0.15-0.2mdvmes5.1.i586.rpm\r\n 6aa18b2c65a37449ee1b55f76b06c7b0 mes5/i586/tshark-1.0.15-0.2mdvmes5.1.i586.rpm\r\n e5c00d579270c2b83fdd0a4c0ab2dd41 mes5/i586/wireshark-1.0.15-0.2mdvmes5.1.i586.rpm\r\n 26961535b9defa4cee65c2687772672d mes5/i586/wireshark-tools-1.0.15-0.2mdvmes5.1.i586.rpm \r\n 15470206d4632a0ca26c1c8c4c54954b mes5/SRPMS/wireshark-1.0.15-0.2mdvmes5.1.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n df38c30fed1ff3a5c4a53b7c27112bd5 mes5/x86_64/dumpcap-1.0.15-0.2mdvmes5.1.x86_64.rpm\r\n 69e44cc6333a09c87a79dba552615be6 mes5/x86_64/lib64wireshark0-1.0.15-0.2mdvmes5.1.x86_64.rpm\r\n 0f27ccfdac100c5761fb88528b3344a1 mes5/x86_64/lib64wireshark-devel-1.0.15-0.2mdvmes5.1.x86_64.rpm\r\n bd895bd6785072eb2773cadde01ea7ad mes5/x86_64/rawshark-1.0.15-0.2mdvmes5.1.x86_64.rpm\r\n 9a2438c11ba437ce0c7a4c6e919355ea mes5/x86_64/tshark-1.0.15-0.2mdvmes5.1.x86_64.rpm\r\n ef30b0a1dd50d2d7c6ac7675c5188c0b mes5/x86_64/wireshark-1.0.15-0.2mdvmes5.1.x86_64.rpm\r\n 0c2f49379d8cc212b55612f9716507db mes5/x86_64/wireshark-tools-1.0.15-0.2mdvmes5.1.x86_64.rpm \r\n 15470206d4632a0ca26c1c8c4c54954b mes5/SRPMS/wireshark-1.0.15-0.2mdvmes5.1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 &#40;GNU/Linux&#41;\r\n\r\niD4DBQFMtajhmqjQ0CJFipgRAvAaAJUW6eyGO4pIywGTJsg1MLRXwSMIAJ4qnAUp\r\nm1kKVUlRRH2sOhg9V3Z/Iw==\r\n=S/af\r\n-----END PGP SIGNATURE-----", "edition": 1, "cvss3": {}, "published": "2010-10-13T00:00:00", "title": "[ MDVSA-2010:200 ] wireshark", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2010-3445"], "modified": "2010-10-13T00:00:00", "id": "SECURITYVULNS:DOC:24912", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:24912", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2021-06-08T19:16:54", "description": "Stack overflow on ASN.1 parsing.", "edition": 2, "cvss3": {}, "published": "2010-10-13T00:00:00", "title": "Wireshark DoS", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2010-3445"], "modified": "2010-10-13T00:00:00", "id": "SECURITYVULNS:VULN:11201", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11201", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "redhat": [{"lastseen": "2021-10-21T04:43:48", "description": "Wireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in the Wireshark SigComp\nUniversal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read\na malformed packet off a network or opened a malicious dump file, it could\ncrash or, possibly, execute arbitrary code as the user running Wireshark.\n(CVE-2010-2287, CVE-2010-2995)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284,\nCVE-2010-2286)\n\nUsers of Wireshark should upgrade to these updated packages, which contain\nWireshark version 1.0.15, and resolve these issues. All running instances\nof Wireshark must be restarted for the update to take effect.\n", "cvss3": {}, "published": "2010-08-11T00:00:00", "type": "redhat", "title": "(RHSA-2010:0625) Moderate: wireshark security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2995"], "modified": "2018-05-26T00:26:17", "id": "RHSA-2010:0625", "href": "https://access.redhat.com/errata/RHSA-2010:0625", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-19T18:39:28", "description": "Wireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nA heap-based buffer overflow flaw was found in the Wireshark Local Download\nSharing Service (LDSS) dissector. If Wireshark read a malformed packet off\na network or opened a malicious dump file, it could crash or, possibly,\nexecute arbitrary code as the user running Wireshark. (CVE-2010-4300)\n\nA denial of service flaw was found in Wireshark. Wireshark could crash or\nstop responding if it read a malformed packet off a network, or opened a\nmalicious dump file. (CVE-2010-3445)\n\nUsers of Wireshark should upgrade to these updated packages, which contain\nWireshark version 1.2.13, and resolve these issues. All running instances\nof Wireshark must be restarted for the update to take effect.\n", "cvss3": {}, "published": "2010-11-30T00:00:00", "type": "redhat", "title": "(RHSA-2010:0924) Moderate: wireshark security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3445", "CVE-2010-4300"], "modified": "2018-06-06T16:24:33", "id": "RHSA-2010:0924", "href": "https://access.redhat.com/errata/RHSA-2010:0924", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-21T04:45:48", "description": "Wireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nA heap-based buffer overflow flaw was found in Wireshark. If Wireshark\nopened a specially-crafted capture file, it could crash or, possibly,\nexecute arbitrary code as the user running Wireshark. (CVE-2011-0024)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malicious dump file. (CVE-2010-3445, CVE-2011-0538, CVE-2011-1139,\nCVE-2011-1140, CVE-2011-1141, CVE-2011-1143)\n\nUsers of Wireshark should upgrade to these updated packages, which contain\nbackported patches to correct these issues. All running instances of\nWireshark must be restarted for the update to take effect.\n", "cvss3": {}, "published": "2011-03-21T00:00:00", "type": "redhat", "title": "(RHSA-2011:0370) Moderate: wireshark security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3445", "CVE-2011-0024", "CVE-2011-0538", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-1141", "CVE-2011-1143"], "modified": "2017-09-08T08:15:54", "id": "RHSA-2011:0370", "href": "https://access.redhat.com/errata/RHSA-2011:0370", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:37:33", "description": "[1.0.15-1.0.1.el5_5.1]\n- Add oracle-ocfs2-network.patch\n[1.0.15-1]\n- upgrade to 1.0.15\n- http://www.wireshark.org/docs/relnotes/wireshark-1.0.15.html\n- fixes CVE-2010-2287 CVE-2010-2284\n- Related: #612239\n[1.0.14-1.2]\n- fix corner case in CVE-2010-2284\n- Related: #612239\n[1.0.14-1]\n- upgrade to 1.0.14\n- http://www.wireshark.org/docs/relnotes/wireshark-1.0.14.html\n- fixes CVE-2010-1455 CVE-2010-2283 CVE-2010-2284 CVE-2010-2286 CVE-2010-2287\n- Resolves: #612239 ", "cvss3": {}, "published": "2010-08-11T00:00:00", "type": "oraclelinux", "title": "wireshark security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2010-2284", "CVE-2010-2287", "CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2995", "CVE-2010-2286"], "modified": "2010-08-11T00:00:00", "id": "ELSA-2010-0625", "href": "http://linux.oracle.com/errata/ELSA-2010-0625.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:02", "description": "[1.2.13-1.0.1.el6_0.2]\r\n- Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect\r\n packets bug#11486\r\n \n[1.2.13-1.1]\r\n- fix buffer overflow in ENTTEC dissector\r\n- Resolves: #667337\r\n \n[1.2.13-1]\r\n- upgrade to 1.2.13\r\n- see http://www.wireshark.org/docs/relnotes/wireshark-1.2.11.html\r\n- see http://www.wireshark.org/docs/relnotes/wireshark-1.2.12.html\r\n- see http://www.wireshark.org/docs/relnotes/wireshark-1.2.13.html\r\n- Resolves: #657534 (CVE-2010-4300 CVE-2010-3445)", "cvss3": {}, "published": "2011-01-10T00:00:00", "type": "oraclelinux", "title": "wireshark security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2010-4300", "CVE-2010-3445", "CVE-2010-4538"], "modified": "2011-01-10T00:00:00", "id": "ELSA-2011-0013", "href": "http://linux.oracle.com/errata/ELSA-2011-0013.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:50", "description": "[1.0.15-1.0.1.el5_6.4]\n- Added oracle-ocfs2-network.patch\n[1.0.15-1.4]\n- fix few security issues\n- Resolves: CVE -2011-0024 CVE-2011-0538 CVE-2011-1139 CVE-2011-1140\n CVE-2011-1141 CVE-2011-1143 #612240\n[1.0.15-1.3]\n- recompile with -fno-strict-aliasing\n[1.0.15-1.2]\n- fix buffer overflow in ENTTEC dissector\n- Resolves: #667335", "cvss3": {}, "published": "2011-03-21T00:00:00", "type": "oraclelinux", "title": "wireshark security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2011-0024", "CVE-2011-1141", "CVE-2010-3445", "CVE-2011-1143", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-0538"], "modified": "2011-03-21T00:00:00", "id": "ELSA-2011-0370", "href": "http://linux.oracle.com/errata/ELSA-2011-0370.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2022-02-27T11:58:08", "description": "**CentOS Errata and Security Advisory** CESA-2010:0625\n\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in the Wireshark SigComp\nUniversal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read\na malformed packet off a network or opened a malicious dump file, it could\ncrash or, possibly, execute arbitrary code as the user running Wireshark.\n(CVE-2010-2287, CVE-2010-2995)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284,\nCVE-2010-2286)\n\nUsers of Wireshark should upgrade to these updated packages, which contain\nWireshark version 1.0.15, and resolve these issues. All running instances\nof Wireshark must be restarted for the update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2010-August/053851.html\nhttps://lists.centos.org/pipermail/centos-announce/2010-August/053852.html\nhttps://lists.centos.org/pipermail/centos-announce/2010-August/053875.html\nhttps://lists.centos.org/pipermail/centos-announce/2010-August/053876.html\n\n**Affected packages:**\nwireshark\nwireshark-gnome\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2010:0625", "cvss3": {}, "published": "2010-08-23T15:13:08", "type": "centos", "title": "wireshark security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "a