Lucene search
This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2017-2860-1.NASLHistoryOct 27, 2017 - 12:00 a.m.
SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2017:2860-1)
2017-10-2700:00:00
This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
16
This update for wireshark fixes the following issues: Wireshark was updated to 2.2.10, fixing security issues and bugs :
-
CVE-2017-15191: DMP dissector crash (wnpa-sec-2017-44)
-
CVE-2017-15192: BT ATT dissector crash (wnpa-sec-2017-42)
-
CVE-2017-15193: MBIM dissector crash (wnpa-sec-2017-43)
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2017:2860-1.
# The text itself is copyright (C) SUSE.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(104210);
script_version("3.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2017-15191", "CVE-2017-15192", "CVE-2017-15193");
script_name(english:"SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2017:2860-1)");
script_summary(english:"Checks rpm output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote SUSE host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"This update for wireshark fixes the following issues: Wireshark was
updated to 2.2.10, fixing security issues and bugs :
- CVE-2017-15191: DMP dissector crash (wnpa-sec-2017-44)
- CVE-2017-15192: BT ATT dissector crash
(wnpa-sec-2017-42)
- CVE-2017-15193: MBIM dissector crash (wnpa-sec-2017-43)
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1062645"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-15191/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-15192/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-15193/"
);
# https://www.suse.com/support/update/announcement/2017/suse-su-20172860-1/
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?a81011fb"
);
script_set_attribute(
attribute:"solution",
value:
"To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t
patch SUSE-SLE-SDK-12-SP3-2017-1780=1
SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t
patch SUSE-SLE-SDK-12-SP2-2017-1780=1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t
patch SUSE-SLE-RPI-12-SP2-2017-1780=1
SUSE Linux Enterprise Server 12-SP3:zypper in -t patch
SUSE-SLE-SERVER-12-SP3-2017-1780=1
SUSE Linux Enterprise Server 12-SP2:zypper in -t patch
SUSE-SLE-SERVER-12-SP2-2017-1780=1
SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch
SUSE-SLE-DESKTOP-12-SP3-2017-1780=1
SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch
SUSE-SLE-DESKTOP-12-SP2-2017-1780=1
To bring your system up-to-date, use 'zypper patch'."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libwireshark8");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libwireshark8-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libwiretap6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libwiretap6-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libwscodecs1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libwscodecs1-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libwsutil7");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libwsutil7-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:wireshark");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:wireshark-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:wireshark-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:wireshark-gtk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:wireshark-gtk-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"vuln_publication_date", value:"2017/10/10");
script_set_attribute(attribute:"patch_publication_date", value:"2017/10/26");
script_set_attribute(attribute:"plugin_publication_date", value:"2017/10/27");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(2|3)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP2/3", os_ver + " SP" + sp);
if (os_ver == "SLED12" && (! preg(pattern:"^(2|3)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP2/3", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES12", sp:"3", reference:"libwireshark8-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"libwireshark8-debuginfo-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"libwiretap6-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"libwiretap6-debuginfo-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"libwscodecs1-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"libwscodecs1-debuginfo-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"libwsutil7-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"libwsutil7-debuginfo-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"wireshark-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"wireshark-debuginfo-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"wireshark-debugsource-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"wireshark-gtk-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"wireshark-gtk-debuginfo-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libwireshark8-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libwireshark8-debuginfo-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libwiretap6-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libwiretap6-debuginfo-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libwscodecs1-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libwscodecs1-debuginfo-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libwsutil7-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libwsutil7-debuginfo-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"wireshark-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"wireshark-debuginfo-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"wireshark-debugsource-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"wireshark-gtk-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"wireshark-gtk-debuginfo-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libwireshark8-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libwireshark8-debuginfo-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libwiretap6-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libwiretap6-debuginfo-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libwscodecs1-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libwscodecs1-debuginfo-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libwsutil7-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libwsutil7-debuginfo-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"wireshark-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"wireshark-debuginfo-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"wireshark-debugsource-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"wireshark-gtk-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"wireshark-gtk-debuginfo-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libwireshark8-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libwireshark8-debuginfo-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libwiretap6-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libwiretap6-debuginfo-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libwscodecs1-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libwscodecs1-debuginfo-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libwsutil7-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libwsutil7-debuginfo-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"wireshark-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"wireshark-debuginfo-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"wireshark-debugsource-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"wireshark-gtk-2.2.10-48.12.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"wireshark-gtk-debuginfo-2.2.10-48.12.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "wireshark");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | suse_linux | libwireshark8 | p-cpe:/a:novell:suse_linux:libwireshark8 |
| novell | suse_linux | libwireshark8-debuginfo | p-cpe:/a:novell:suse_linux:libwireshark8-debuginfo |
| novell | suse_linux | libwiretap6 | p-cpe:/a:novell:suse_linux:libwiretap6 |
| novell | suse_linux | libwiretap6-debuginfo | p-cpe:/a:novell:suse_linux:libwiretap6-debuginfo |
| novell | suse_linux | libwscodecs1 | p-cpe:/a:novell:suse_linux:libwscodecs1 |
| novell | suse_linux | libwscodecs1-debuginfo | p-cpe:/a:novell:suse_linux:libwscodecs1-debuginfo |
| novell | suse_linux | libwsutil7 | p-cpe:/a:novell:suse_linux:libwsutil7 |
| novell | suse_linux | libwsutil7-debuginfo | p-cpe:/a:novell:suse_linux:libwsutil7-debuginfo |
| novell | suse_linux | wireshark | p-cpe:/a:novell:suse_linux:wireshark |
| novell | suse_linux | wireshark-debuginfo | p-cpe:/a:novell:suse_linux:wireshark-debuginfo |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15191
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15192
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15193
www.nessus.org/u?a81011fb
bugzilla.suse.com/show_bug.cgi?id=1062645
www.suse.com/security/cve/CVE-2017-15191/
www.suse.com/security/cve/CVE-2017-15192/
www.suse.com/security/cve/CVE-2017-15193/
Related
nessus
nessus
Wireshark 2.2.x < 2.2.10 Multiple DoS
2017-10-19 00:00:00
Wireshark 2.2.x < 2.2.10 Multiple DoS (MacOS)
2017-10-19 00:00:00
openSUSE Security Update : wireshark (openSUSE-2017-1158)
2017-10-23 00:00:00
kaspersky
kaspersky
KLA11119 Multiple vulnerabilities in Wireshark 2.2.x
2017-10-10 00:00:00
KLA11114 Multiple vulnerabilities in Wireshark 2.4.x
2017-10-10 00:00:00
KLA11120 DoS vulnerability in Wireshark 2.0.x
2017-10-10 00:00:00
mageia
mageia
Updated wireshark packages fix security vulnerability
2017-10-18 23:19:34
Updated wireshark packages fix security vulnerability
2017-10-18 23:19:34
openvas
openvas
Wireshark Security Updates (wnpa-sec-2017-43_wnpa-sec-2017-42)-Windows
2017-10-12 00:00:00
Wireshark Security Updates (wnpa-sec-2017-43_wnpa-sec-2017-42)-MACOSX
2017-10-12 00:00:00
Fedora Update for wireshark FEDORA-2017-9fd430dba0
2017-12-10 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package wireshark version 2.4.2-alt1
2017-10-15 00:00:00
archlinux
archlinux
[ASA-201710-14] wireshark-cli: denial of service
2017-10-12 00:00:00
freebsd
freebsd
wireshark -- multiple security issues
2017-10-10 00:00:00
alpinelinux
alpinelinux
fedora
fedora
[SECURITY] Fedora 27 Update: wireshark-2.4.2-1.fc27
2017-12-10 05:10:10
[SECURITY] Fedora 27 Update: wireshark-2.6.1-1.fc27
2018-06-05 14:11:28
[SECURITY] Fedora 27 Update: wireshark-2.6.2-1.fc27
2018-08-01 17:56:04
ubuntucve
ubuntucve
debiancve
debiancve
osv
osv
prion
prion
Code injection
2017-10-10 21:29:00
Design/Logic Flaw
2017-10-10 21:29:00
Design/Logic Flaw
2017-10-10 21:29:00
cve
cve
redhatcve
redhatcve
debian
debian
[SECURITY] [DLA 1634-1] wireshark security update
2019-01-15 19:10:30
Related for SUSE_SU-2017-2860-1.NASL