Lucene search
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2023-3252-1.NASLHistoryAug 10, 2023 - 12:00 a.m.
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : wireshark (SUSE-SU-2023:3252-1)
2023-08-1000:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
4
suse sled15
sles15
opensuse 15
wireshark
security update
vulnerabilities
heap-based buffer overflow
code execution
denial of service
crafted capture file
nessus scanner.
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3252-1 advisory.
-
Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark (CVE-2023-0667)
-
Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark. (CVE-2023-0668)
-
Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file (CVE-2023-2855)
-
VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file (CVE-2023-2856)
-
BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file (CVE-2023-2857)
-
NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file (CVE-2023-2858)
-
GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file (CVE-2023-2879)
-
XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file (CVE-2023-2952)
-
Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file (CVE-2023-3648)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2023:3252-1. The text itself
# is copyright (C) SUSE.
##
include('compat.inc');
if (description)
{
script_id(179657);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/09/07");
script_cve_id(
"CVE-2023-0667",
"CVE-2023-0668",
"CVE-2023-2855",
"CVE-2023-2856",
"CVE-2023-2857",
"CVE-2023-2858",
"CVE-2023-2879",
"CVE-2023-2952",
"CVE-2023-3648"
);
script_xref(name:"IAVB", value:"2023-B-0036-S");
script_xref(name:"SuSE", value:"SUSE-SU-2023:3252-1");
script_xref(name:"IAVB", value:"2023-B-0051-S");
script_name(english:"SUSE SLED15 / SLES15 / openSUSE 15 Security Update : wireshark (SUSE-SU-2023:3252-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are
affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3252-1 advisory.
- Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version
4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly
code execution in the context of the process running Wireshark (CVE-2023-0667)
- Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark
version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code
execution in the context of the process running Wireshark. (CVE-2023-0668)
- Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via
crafted capture file (CVE-2023-2855)
- VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service
via crafted capture file (CVE-2023-2856)
- BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted
capture file (CVE-2023-2857)
- NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via
crafted capture file (CVE-2023-2858)
- GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet
injection or crafted capture file (CVE-2023-2879)
- XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via
packet injection or crafted capture file (CVE-2023-2952)
- Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet
injection or crafted capture file (CVE-2023-3648)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1211703");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1211705");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1211706");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1211707");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1211710");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1211793");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1211844");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1212084");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213319");
# https://lists.suse.com/pipermail/sle-security-updates/2023-August/015828.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?875b3194");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-0667");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-0668");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-2855");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-2856");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-2857");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-2858");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-2879");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-2952");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-3648");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-2952");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2023-2879");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/05/24");
script_set_attribute(attribute:"patch_publication_date", value:"2023/08/09");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/08/10");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libwireshark15");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libwiretap12");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libwsutil13");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:wireshark");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:wireshark-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:wireshark-ui-qt");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES|SUSE)") audit(AUDIT_OS_NOT, "SUSE / openSUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)(?:_SAP)?\d+|SUSE([\d.]+))", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE / openSUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED15|SLED_SAP15|SLES15|SLES_SAP15|SUSE15\.4|SUSE15\.5)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15', 'SUSE / openSUSE (' + os_ver + ')');
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE / openSUSE (' + os_ver + ')', cpu);
var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLED15" && (! preg(pattern:"^(4|5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLED15 SP4/5", os_ver + " SP" + service_pack);
if (os_ver == "SLED_SAP15" && (! preg(pattern:"^(4|5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLED_SAP15 SP4/5", os_ver + " SP" + service_pack);
if (os_ver == "SLES15" && (! preg(pattern:"^(3|4|5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES15 SP3/4/5", os_ver + " SP" + service_pack);
if (os_ver == "SLES_SAP15" && (! preg(pattern:"^(4|5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES_SAP15 SP4/5", os_ver + " SP" + service_pack);
var pkgs = [
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'wireshark-devel-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'wireshark-devel-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'wireshark-ui-qt-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'wireshark-ui-qt-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'wireshark-devel-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'wireshark-devel-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'wireshark-ui-qt-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'wireshark-ui-qt-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'wireshark-devel-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'wireshark-devel-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'wireshark-ui-qt-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'wireshark-ui-qt-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'wireshark-devel-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-desktop-applications-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'wireshark-devel-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-desktop-applications-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'wireshark-ui-qt-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-desktop-applications-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'wireshark-ui-qt-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-desktop-applications-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.3', 'SUSE-Manager-Proxy-release-4.2']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.3', 'SUSE-Manager-Proxy-release-4.2']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.3', 'SUSE-Manager-Proxy-release-4.2']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.3', 'SUSE-Manager-Proxy-release-4.2']},
{'reference':'wireshark-devel-3.6.15-150000.3.97.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.3']},
{'reference':'wireshark-ui-qt-3.6.15-150000.3.97.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.3']},
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Manager-Server-release-4.2']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Manager-Server-release-4.2']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Manager-Server-release-4.2']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Manager-Server-release-4.2']},
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'wireshark-devel-3.6.15-150000.3.97.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'wireshark-ui-qt-3.6.15-150000.3.97.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'wireshark-devel-3.6.15-150000.3.97.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'wireshark-ui-qt-3.6.15-150000.3.97.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']}
];
var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var exists_check = NULL;
var rpm_spec_vers_cmp = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (reference && _release) {
if (exists_check) {
var check_flag = 0;
foreach var check (exists_check) {
if (!rpm_exists(release:_release, rpm:check)) continue;
check_flag++;
}
if (!check_flag) continue;
}
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libwireshark15 / libwiretap12 / libwsutil13 / wireshark / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | suse_linux | libwireshark15 | p-cpe:/a:novell:suse_linux:libwireshark15 |
| novell | suse_linux | libwiretap12 | p-cpe:/a:novell:suse_linux:libwiretap12 |
| novell | suse_linux | libwsutil13 | p-cpe:/a:novell:suse_linux:libwsutil13 |
| novell | suse_linux | wireshark | p-cpe:/a:novell:suse_linux:wireshark |
| novell | suse_linux | wireshark-devel | p-cpe:/a:novell:suse_linux:wireshark-devel |
| novell | suse_linux | wireshark-ui-qt | p-cpe:/a:novell:suse_linux:wireshark-ui-qt |
| novell | suse_linux | 15 | cpe:/o:novell:suse_linux:15 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0667
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0668
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2855
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2856
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2857
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2858
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2879
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2952
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3648
www.nessus.org/u?875b3194
bugzilla.suse.com/1211703
bugzilla.suse.com/1211705
bugzilla.suse.com/1211706
bugzilla.suse.com/1211707
bugzilla.suse.com/1211710
bugzilla.suse.com/1211793
bugzilla.suse.com/1211844
bugzilla.suse.com/1212084
bugzilla.suse.com/1213319
www.suse.com/security/cve/CVE-2023-0667
www.suse.com/security/cve/CVE-2023-0668
www.suse.com/security/cve/CVE-2023-2855
www.suse.com/security/cve/CVE-2023-2856
www.suse.com/security/cve/CVE-2023-2857
www.suse.com/security/cve/CVE-2023-2858
www.suse.com/security/cve/CVE-2023-2879
www.suse.com/security/cve/CVE-2023-2952
www.suse.com/security/cve/CVE-2023-3648
Related
openvas
openvas
openSUSE: Security Advisory for wireshark (SUSE-SU-2023:3252-1)
2024-03-04 00:00:00
Debian: Security Advisory (DLA-3443-1)
2023-06-05 00:00:00
Debian: Security Advisory (DSA-5429-1)
2023-06-16 00:00:00
nessus
nessus
Wireshark 3.6.x < 3.6.14 Multiple Vulnerabilities
2023-05-25 00:00:00
Wireshark 3.6.x < 3.6.14 Multiple Vulnerabilities (macOS)
2023-05-25 00:00:00
Wireshark 4.0.x < 4.0.6 Multiple Vulnerabilities
2023-05-25 00:00:00
osv
osv
wireshark - security update
2023-06-03 00:00:00
Moderate: wireshark security update
2023-11-07 00:00:00
wireshark - security update
2023-06-15 00:00:00
kaspersky
kaspersky
KLA61756 Multiple vulnerabilities in Wireshark
2023-05-24 00:00:00
KLA61757 Multiple vulnerabilities in Wireshark
2023-06-12 00:00:00
oraclelinux
oraclelinux
wireshark security update
2023-11-11 00:00:00
wireshark security update
2023-11-17 00:00:00
redhat
redhat
(RHSA-2023:6469) Moderate: wireshark security update
2023-11-07 06:06:26
(RHSA-2023:7015) Moderate: wireshark security update
2023-11-14 08:42:43
debian
debian
[SECURITY] [DLA 3443-1] wireshark security update
2023-06-03 16:29:41
[SECURITY] [DSA 5429-1] wireshark security update
2023-06-15 18:05:53
almalinux
almalinux
Moderate: wireshark security update
2023-11-07 00:00:00
Moderate: wireshark security update
2023-11-14 00:00:00
gentoo
gentoo
Wireshark: Multiple Vulnerabilities
2023-09-17 00:00:00
amazon
amazon
Medium: wireshark
2023-08-03 18:10:00
Low: wireshark
2023-07-05 22:01:00
Low: wireshark
2023-07-13 23:57:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2388
2024-04-02 07:22:04
Advisory ROSA-SA-2024-2390
2024-04-02 07:35:41
veracode
veracode
Denial Of Service (DoS)
2023-08-07 00:55:58
Heap-based Buffer Overflow
2023-08-06 23:22:39
Denial Of Service (DoS)
2023-08-07 00:55:59
cvelist
cvelist
CVE-2023-0667 Wireshark MSMMS parsing buffer overflow
2023-06-07 02:38:07
CVE-2023-2858
2023-05-26 00:00:00
CVE-2023-0668 Wireshark IEEE-C37.118 parsing buffer overflow
2023-06-07 02:32:45
cve
cve
prion
prion
Design/Logic Flaw
2023-05-26 21:15:00
Design/Logic Flaw
2023-05-26 21:15:00
Design/Logic Flaw
2023-05-26 21:15:00
debiancve
debiancve
ubuntucve
ubuntucve
cbl_mariner
cbl_mariner
CVE-2023-0667 affecting package wireshark for versions less than 4.0.8-1
2023-09-28 11:57:58
cnvd
cnvd
Wireshark Buffer Overflow Vulnerability (CNVD-2023-62286)
2023-06-08 00:00:00
Wireshark Buffer Overflow Vulnerability (CNVD-2023-43872)
2023-05-30 00:00:00
Wireshark Denial of Service Vulnerability (CNVD-2023-62288)
2023-05-31 00:00:00
redhatcve
redhatcve
redos
redos
ROS-20230911-01
2023-09-11 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0620
2023-07-28 00:00:00
Important Photon OS Security Update - PHSA-2023-4.0-0404
2023-06-07 00:00:00
Moderate Photon OS Security Update - PHSA-2023-3.0-0597
2023-06-14 00:00:00
Related for SUSE_SU-2023-3252-1.NASL