Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-3986-1.NASL
HistoryMay 17, 2019 - 12:00 a.m.

Ubuntu 16.04 LTS / 18.04 LTS / 18.10 : Wireshark vulnerabilities (USN-3986-1)

2019-05-1700:00:00
Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
9
JSON

It was discovered that Wireshark improperly handled certain input. A remote or local attacker could cause Wireshark to crash by injecting malform packets onto the wire or convincing someone to read a malformed packet trace file.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-3986-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include("compat.inc");

if (description)
{
  script_id(125252);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/09/17");

  script_cve_id("CVE-2019-10894", "CVE-2019-10895", "CVE-2019-10896", "CVE-2019-10899", "CVE-2019-10901", "CVE-2019-10903", "CVE-2019-9208", "CVE-2019-9209", "CVE-2019-9214");
  script_xref(name:"USN", value:"3986-1");

  script_name(english:"Ubuntu 16.04 LTS / 18.04 LTS / 18.10 : Wireshark vulnerabilities (USN-3986-1)");
  script_summary(english:"Checks dpkg output for updated packages.");

  script_set_attribute(
    attribute:"synopsis",
    value:
"The remote Ubuntu host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description",
    value:
"It was discovered that Wireshark improperly handled certain input. A
remote or local attacker could cause Wireshark to crash by injecting
malform packets onto the wire or convincing someone to read a
malformed packet trace file.

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://usn.ubuntu.com/3986-1/"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libwireshark-data");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libwireshark11");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libwiretap8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libwscodecs2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libwsutil9");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:tshark");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:wireshark");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:wireshark-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:wireshark-gtk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:wireshark-qt");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.10");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/02/28");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/05/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/17");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Ubuntu Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(16\.04|18\.04|18\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 16.04 / 18.04 / 18.10", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);

flag = 0;

if (ubuntu_check(osver:"16.04", pkgname:"libwireshark-data", pkgver:"2.6.8-1~ubuntu16.04.0")) flag++;
if (ubuntu_check(osver:"16.04", pkgname:"libwireshark11", pkgver:"2.6.8-1~ubuntu16.04.0")) flag++;
if (ubuntu_check(osver:"16.04", pkgname:"libwiretap8", pkgver:"2.6.8-1~ubuntu16.04.0")) flag++;
if (ubuntu_check(osver:"16.04", pkgname:"libwscodecs2", pkgver:"2.6.8-1~ubuntu16.04.0")) flag++;
if (ubuntu_check(osver:"16.04", pkgname:"libwsutil9", pkgver:"2.6.8-1~ubuntu16.04.0")) flag++;
if (ubuntu_check(osver:"16.04", pkgname:"tshark", pkgver:"2.6.8-1~ubuntu16.04.0")) flag++;
if (ubuntu_check(osver:"16.04", pkgname:"wireshark", pkgver:"2.6.8-1~ubuntu16.04.0")) flag++;
if (ubuntu_check(osver:"16.04", pkgname:"wireshark-common", pkgver:"2.6.8-1~ubuntu16.04.0")) flag++;
if (ubuntu_check(osver:"16.04", pkgname:"wireshark-gtk", pkgver:"2.6.8-1~ubuntu16.04.0")) flag++;
if (ubuntu_check(osver:"16.04", pkgname:"wireshark-qt", pkgver:"2.6.8-1~ubuntu16.04.0")) flag++;
if (ubuntu_check(osver:"18.04", pkgname:"libwireshark-data", pkgver:"2.6.8-1~ubuntu18.04.0")) flag++;
if (ubuntu_check(osver:"18.04", pkgname:"libwireshark11", pkgver:"2.6.8-1~ubuntu18.04.0")) flag++;
if (ubuntu_check(osver:"18.04", pkgname:"libwiretap8", pkgver:"2.6.8-1~ubuntu18.04.0")) flag++;
if (ubuntu_check(osver:"18.04", pkgname:"libwscodecs2", pkgver:"2.6.8-1~ubuntu18.04.0")) flag++;
if (ubuntu_check(osver:"18.04", pkgname:"libwsutil9", pkgver:"2.6.8-1~ubuntu18.04.0")) flag++;
if (ubuntu_check(osver:"18.04", pkgname:"tshark", pkgver:"2.6.8-1~ubuntu18.04.0")) flag++;
if (ubuntu_check(osver:"18.04", pkgname:"wireshark", pkgver:"2.6.8-1~ubuntu18.04.0")) flag++;
if (ubuntu_check(osver:"18.04", pkgname:"wireshark-common", pkgver:"2.6.8-1~ubuntu18.04.0")) flag++;
if (ubuntu_check(osver:"18.04", pkgname:"wireshark-gtk", pkgver:"2.6.8-1~ubuntu18.04.0")) flag++;
if (ubuntu_check(osver:"18.04", pkgname:"wireshark-qt", pkgver:"2.6.8-1~ubuntu18.04.0")) flag++;
if (ubuntu_check(osver:"18.10", pkgname:"libwireshark-data", pkgver:"2.6.8-1~ubuntu18.10.0")) flag++;
if (ubuntu_check(osver:"18.10", pkgname:"libwireshark11", pkgver:"2.6.8-1~ubuntu18.10.0")) flag++;
if (ubuntu_check(osver:"18.10", pkgname:"libwiretap8", pkgver:"2.6.8-1~ubuntu18.10.0")) flag++;
if (ubuntu_check(osver:"18.10", pkgname:"libwscodecs2", pkgver:"2.6.8-1~ubuntu18.10.0")) flag++;
if (ubuntu_check(osver:"18.10", pkgname:"libwsutil9", pkgver:"2.6.8-1~ubuntu18.10.0")) flag++;
if (ubuntu_check(osver:"18.10", pkgname:"tshark", pkgver:"2.6.8-1~ubuntu18.10.0")) flag++;
if (ubuntu_check(osver:"18.10", pkgname:"wireshark", pkgver:"2.6.8-1~ubuntu18.10.0")) flag++;
if (ubuntu_check(osver:"18.10", pkgname:"wireshark-common", pkgver:"2.6.8-1~ubuntu18.10.0")) flag++;
if (ubuntu_check(osver:"18.10", pkgname:"wireshark-gtk", pkgver:"2.6.8-1~ubuntu18.10.0")) flag++;
if (ubuntu_check(osver:"18.10", pkgname:"wireshark-qt", pkgver:"2.6.8-1~ubuntu18.10.0")) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libwireshark-data / libwireshark11 / libwiretap8 / libwscodecs2 / etc");
}
VendorProductVersionCPE
canonicalubuntu_linuxlibwireshark-datap-cpe:/a:canonical:ubuntu_linux:libwireshark-data
canonicalubuntu_linuxlibwireshark11p-cpe:/a:canonical:ubuntu_linux:libwireshark11
canonicalubuntu_linuxlibwiretap8p-cpe:/a:canonical:ubuntu_linux:libwiretap8
canonicalubuntu_linuxlibwscodecs2p-cpe:/a:canonical:ubuntu_linux:libwscodecs2
canonicalubuntu_linuxlibwsutil9p-cpe:/a:canonical:ubuntu_linux:libwsutil9
canonicalubuntu_linuxtsharkp-cpe:/a:canonical:ubuntu_linux:tshark
canonicalubuntu_linuxwiresharkp-cpe:/a:canonical:ubuntu_linux:wireshark
canonicalubuntu_linuxwireshark-commonp-cpe:/a:canonical:ubuntu_linux:wireshark-common
canonicalubuntu_linuxwireshark-gtkp-cpe:/a:canonical:ubuntu_linux:wireshark-gtk
canonicalubuntu_linuxwireshark-qtp-cpe:/a:canonical:ubuntu_linux:wireshark-qt
Rows per page:
1-10 of 131

Related

nessus 28
openvas 23
suse 4
ubuntu 1
kaspersky 2
osv 13
debian 5
altlinux 2
fedora 3
veracode 9
redhatcve 9
alpinelinux 9
cve 9
prion 9
ubuntucve 9
debiancve 9
ibm 1
oracle 1
nessus
nessus
openSUSE Security Update : wireshark (openSUSE-2019-1390)
2019-05-14 00:00:00
Wireshark 2.4.x < 2.4.14 Multiple Vulnerabilities
2019-04-18 00:00:00
Wireshark 2.4.x < 2.4.14 Multiple Vulnerabilities (macOS)
2019-04-18 00:00:00
openvas
openvas
openSUSE: Security Advisory for wireshark (openSUSE-SU-2019:1390-1)
2019-05-14 00:00:00
Ubuntu: Security Advisory (USN-3986-1)
2019-05-17 00:00:00
Wireshark 2.4.14, 2.6.8, 3.0.1 Security Updates (Apr 2019) - Mac OS X
2019-04-12 00:00:00
suse
suse
Security update for wireshark (moderate)
2019-05-13 00:00:00
Security update for wireshark (moderate)
2019-05-09 00:00:00
Security update for wireshark (moderate)
2019-04-02 00:00:00
ubuntu
ubuntu
Wireshark vulnerabilities
2019-05-16 00:00:00
kaspersky
kaspersky
KLA11464 Multiple vulnerabilities in Wireshark
2019-04-08 00:00:00
KLA11428 Multiple vulnerabilities in Wireshark
2019-02-27 00:00:00
osv
osv
wireshark - security update
2019-05-24 00:00:00
wireshark - security update
2020-10-31 00:00:00
wireshark - security update
2019-03-24 00:00:00
debian
debian
[SECURITY] [DLA 1802-1] wireshark security update
2019-05-25 05:56:42
[SECURITY] [DLA 2423-1] wireshark security update
2020-10-31 21:05:56
[SECURITY] [DSA 4416-1] wireshark security update
2019-03-24 13:01:21
altlinux
altlinux
Security fix for the ALT Linux 9 package wireshark version 3.0.1-alt1
2019-04-10 00:00:00
Security fix for the ALT Linux 9 package wireshark version 2.6.7-alt1
2019-03-04 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: wireshark-3.0.1-1.fc30
2019-04-15 00:03:49
[SECURITY] Fedora 29 Update: wireshark-3.0.1-1.fc29
2019-04-19 19:09:47
[SECURITY] Fedora 29 Update: wireshark-3.0.3-1.fc29
2019-08-30 00:51:53
veracode
veracode
Denial Of Service (DoS)
2020-09-21 06:39:51
Denial Of Service (DoS)
2020-09-21 06:21:31
Cross-site Request Forgery (CSRF)
2019-08-02 05:41:55
redhatcve
redhatcve
CVE-2019-9214
2019-02-28 13:49:53
CVE-2019-10894
2019-05-14 12:01:40
CVE-2019-10899
2019-05-14 12:03:04
alpinelinux
alpinelinux
CVE-2019-9214
2019-02-28 04:29:00
CVE-2019-10899
2019-04-09 04:29:00
CVE-2019-10901
2019-04-09 04:29:00
cve
cve
CVE-2019-10903
2019-04-09 04:29:00
CVE-2019-9214
2019-02-28 04:29:00
CVE-2019-10899
2019-04-09 04:29:00
prion
prion
Heap overflow
2019-04-09 04:29:00
Code injection
2019-04-09 04:29:00
Design/Logic Flaw
2019-02-28 04:29:00
ubuntucve
ubuntucve
CVE-2019-10894
2019-04-09 00:00:00
CVE-2019-10899
2019-04-09 00:00:00
CVE-2019-9214
2019-02-27 00:00:00
debiancve
debiancve
CVE-2019-10899
2019-04-09 04:29:00
CVE-2019-9209
2019-02-28 04:29:00
CVE-2019-9214
2019-02-28 04:29:00
ibm
ibm
Security Bulletin: Vyatta 5600 vRouter Software Patches - Releases 1801-w and 1801-y
2019-05-01 17:50:02
oracle
oracle
Oracle Critical Patch Update Advisory - January 2020
2020-01-14 00:00:00
JSON
Related for UBUNTU_USN-3986-1.NASL
nessus28openvas23suse4ubuntu1kaspersky2osv13debian5altlinux2fedora3veracode9redhatcve9alpinelinux9cve9prion9ubuntucve9debiancve9ibm1oracle1