Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2021 Tenable Network Security, Inc.SUSE_11_WIRESHARK-130814.NASL
HistorySep 14, 2013 - 12:00 a.m.

SuSE 11.2 / 11.3 Security Update : wireshark (SAT Patch Numbers 8318 / 8319)

2013-09-1400:00:00
This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.
www.tenable.com
11
JSON

This wireshark version update from 1.8.8 to 1.8.9 includes several security and general bug fixes. (bnc#831718)

http://www.wireshark.org/docs/relnotes/wireshark-1.8.9.html

  • The Bluetooth SDP dissector could go into a large loop CVE-2013-4927 wnpa-sec-2013-45

  • The DIS dissector could go into a large loop CVE-2013-4929 wnpa-sec-2013-47

  • The DVB-CI dissector could crash CVE-2013-4930 wnpa-sec-2013-48

  • The GSM RR dissector (and possibly others) could go into a large loop CVE-2013-4931 wnpa-sec-2013-49

  • The GSM A Common dissector could crash CVE-2013-4932 wnpa-sec-2013-50

  • The Netmon file parser could crash CVE-2013-4933 / CVE-2013-4934 wnpa-sec-2013-51

  • The ASN.1 PER dissector could crash CVE-2013-4935 wnpa-sec-2013-52 The release also fixes various non-security issues. Please see the package changelog for details.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from SuSE 11 update information. The text itself is
# copyright (C) Novell, Inc.
#

if (NASL_LEVEL < 3000) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(69894);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2013-4927", "CVE-2013-4929", "CVE-2013-4930", "CVE-2013-4931", "CVE-2013-4932", "CVE-2013-4933", "CVE-2013-4934", "CVE-2013-4935");

  script_name(english:"SuSE 11.2 / 11.3 Security Update : wireshark (SAT Patch Numbers 8318 / 8319)");
  script_summary(english:"Checks rpm output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 11 host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This wireshark version update from 1.8.8 to 1.8.9 includes several
security and general bug fixes. (bnc#831718)

http://www.wireshark.org/docs/relnotes/wireshark-1.8.9.html

  - The Bluetooth SDP dissector could go into a large loop
    CVE-2013-4927 wnpa-sec-2013-45

  - The DIS dissector could go into a large loop
    CVE-2013-4929 wnpa-sec-2013-47

  - The DVB-CI dissector could crash CVE-2013-4930
    wnpa-sec-2013-48

  - The GSM RR dissector (and possibly others) could go into
    a large loop CVE-2013-4931 wnpa-sec-2013-49

  - The GSM A Common dissector could crash CVE-2013-4932
    wnpa-sec-2013-50

  - The Netmon file parser could crash CVE-2013-4933 /
    CVE-2013-4934 wnpa-sec-2013-51

  - The ASN.1 PER dissector could crash CVE-2013-4935
    wnpa-sec-2013-52 The release also fixes various
    non-security issues. Please see the package changelog
    for details."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=831718"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-4927.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-4929.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-4930.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-4931.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-4932.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-4933.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-4934.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-4935.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Apply SAT patch number 8318 / 8319 as appropriate."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:wireshark");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/08/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/14");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);


flag = 0;
if (rpm_check(release:"SLES11", sp:2, cpu:"s390x", reference:"wireshark-1.8.9-0.2.5")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"s390x", reference:"wireshark-1.8.9-0.2.5")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:wireshark
novellsuse_linux11cpe:/o:novell:suse_linux:11

References

Related

nessus 26
mageia 1
securityvulns 2
openvas 23
debian 2
osv 2
f5 2
cvelist 8
veracode 27
prion 8
cve 8
ubuntucve 8
debiancve 8
oraclelinux 2
redhat 2
centos 2
fedora 5
amazon 1
gentoo 1
nessus
nessus
SuSE 11.2 / 11.3 Security Update : wireshark (SAT Patch Numbers 8318 / 8319)
2013-09-14 00:00:00
Wireshark 1.8.x < 1.8.9 Multiple Vulnerabilities
2013-07-29 00:00:00
openSUSE Security Update : wireshark (openSUSE-SU-2013:1295-1)
2014-06-13 00:00:00
mageia
mageia
Updated wireshark package fixes security vulnerabilities
2013-07-29 18:00:22
securityvulns
securityvulns
Wireshark multiple security vulnerabilities
2013-08-12 00:00:00
[SECURITY] [DSA 2734-1] wireshark security update
2013-08-12 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2013:1450-1)
2021-06-09 00:00:00
Mageia: Security Advisory (MGASA-2013-0236)
2022-01-28 00:00:00
Debian Security Advisory DSA 2734-1 (wireshark - several vulnerabilities)
2013-08-05 00:00:00
debian
debian
[SECURITY] [DSA 2734-1] wireshark security update
2013-08-05 16:37:47
[SECURITY] [DLA 497-1] wireshark security update
2016-05-31 10:22:50
osv
osv
wireshark - several
2013-08-05 00:00:00
wireshark - security update
2016-05-31 00:00:00
f5
f5
SOL15868 - Multiple Wireshark vulnerabilities
2014-11-27 00:00:00
K15868 : Multiple Wireshark vulnerabilities
2015-04-29 00:00:00
cvelist
cvelist
CVE-2013-4930
2013-07-29 19:00:00
CVE-2013-4931
2013-07-29 19:00:00
CVE-2013-4935
2013-07-29 19:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:02:02
Denial Of Service (DoS)
2019-05-02 05:02:01
Denial Of Service (DoS)
2019-05-02 05:02:01
prion
prion
Design/Logic Flaw
2013-07-30 00:56:00
Code injection
2013-07-30 00:56:00
Code injection
2013-07-30 00:56:00
cve
cve
CVE-2013-4931
2013-07-30 00:56:00
CVE-2013-4934
2013-07-30 00:56:00
CVE-2013-4932
2013-07-30 00:56:00
ubuntucve
ubuntucve
CVE-2013-4927
2013-07-30 00:00:00
CVE-2013-4931
2013-07-30 00:00:00
CVE-2013-4930
2013-07-30 00:00:00
debiancve
debiancve
CVE-2013-4931
2013-07-30 00:56:00
CVE-2013-4930
2013-07-30 00:56:00
CVE-2013-4932
2013-07-30 00:56:00
oraclelinux
oraclelinux
wireshark security update
2014-03-31 00:00:00
wireshark security, bug fix, and enhancement update
2013-11-25 00:00:00
redhat
redhat
(RHSA-2014:0341) Moderate: wireshark security update
2014-03-31 00:00:00
(RHSA-2013:1569) Moderate: wireshark security, bug fix, and enhancement update
2013-11-21 00:00:00
centos
centos
wireshark security update
2014-03-31 17:51:37
wireshark security update
2013-11-26 13:33:12
fedora
fedora
[SECURITY] Fedora 18 Update: wireshark-1.10.2-4.fc18
2013-12-19 07:14:40
[SECURITY] Fedora 19 Update: wireshark-1.10.2-6.fc19
2013-09-28 00:16:37
[SECURITY] Fedora 20 Update: wireshark-1.10.2-7.fc20
2013-10-03 01:07:39
amazon
amazon
Medium: wireshark
2013-12-02 20:29:00
gentoo
gentoo
Wireshark: Multiple vulnerabilities
2013-08-28 00:00:00
JSON
Related for SUSE_11_WIRESHARK-130814.NASL
nessus26mageia1securityvulns2openvas23debian2osv2f52cvelist8veracode27prion8cve8ubuntucve8debiancve8oraclelinux2redhat2centos2fedora5amazon1gentoo1