Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2012-2023 and is owned by Tenable, Inc. or an Affiliate thereof.WIRESHARK_1_6_10.NASL
HistoryAug 17, 2012 - 12:00 a.m.

Wireshark 1.6.x < 1.6.10 Multiple Vulnerabilities

2012-08-1700:00:00
This script is Copyright (C) 2012-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
JSON

The installed version of Wireshark is 1.6.x before 1.6.10. This version is affected by the following vulnerabilities :

  • The ‘DCP ETSI’ dissector can attempt a divide by zero operation leading to an application crash. (CVE-2012-4285)

  • The ‘XTP’, ‘AFP’, and ‘CTDB’ dissectors can be caused to large or infinite loops. (CVE-2012-4288, CVE-2012-4289, CVE-2012-4290)

  • The ‘CIP’ dissector can be caused to exhaust system memory. (CVE-2012-4291)

  • The ‘STUN’ dissector can be caused to crash. (CVE-2012-4292)

  • The ‘EtherCAT Mailbox’ dissector can be caused to abort. (CVE-2012-4293)

  • A buffer overflow exists related to the ‘RTPS2’ and ‘GSM RLC MAC’ dissectors. (CVE-2012-4296 CVE-2012-4297)

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(61572);
  script_version("1.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/03/09");

  script_cve_id(
    "CVE-2012-4285",
    "CVE-2012-4288",
    "CVE-2012-4289",
    "CVE-2012-4290",
    "CVE-2012-4291",
    "CVE-2012-4292",
    "CVE-2012-4293",
    "CVE-2012-4296",
    "CVE-2012-4297"
  );
  script_bugtraq_id(55035);

  script_name(english:"Wireshark 1.6.x < 1.6.10 Multiple Vulnerabilities");
  script_summary(english:"Does a version check");

  script_set_attribute(attribute:"synopsis", value:
"The remote Windows host contains an application that is affected by
multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The installed version of Wireshark is 1.6.x before 1.6.10.  This
version is affected by the following vulnerabilities :

  - The 'DCP ETSI' dissector can attempt a divide by zero
    operation leading to an application crash. 
    (CVE-2012-4285)

  - The 'XTP', 'AFP', and 'CTDB' dissectors can be caused 
    to large or infinite loops. (CVE-2012-4288,
    CVE-2012-4289, CVE-2012-4290)

  - The 'CIP' dissector can be caused to exhaust system
    memory. (CVE-2012-4291)

  - The 'STUN' dissector can be caused to crash. 
    (CVE-2012-4292)

  - The 'EtherCAT Mailbox' dissector can be caused to
    abort. (CVE-2012-4293)

  - A buffer overflow exists related to the 'RTPS2'
    and 'GSM RLC MAC' dissectors. (CVE-2012-4296
    CVE-2012-4297)");
  script_set_attribute(attribute:"see_also", value:"http://www.wireshark.org/security/wnpa-sec-2012-13.html");
  script_set_attribute(attribute:"see_also", value:"http://www.wireshark.org/security/wnpa-sec-2012-15.html");
  script_set_attribute(attribute:"see_also", value:"http://www.wireshark.org/security/wnpa-sec-2012-17.html");
  script_set_attribute(attribute:"see_also", value:"http://www.wireshark.org/security/wnpa-sec-2012-18.html");
  script_set_attribute(attribute:"see_also", value:"http://www.wireshark.org/security/wnpa-sec-2012-19.html");
  script_set_attribute(attribute:"see_also", value:"http://www.wireshark.org/security/wnpa-sec-2012-20.html");
  script_set_attribute(attribute:"see_also", value:"http://www.wireshark.org/security/wnpa-sec-2012-21.html");
  script_set_attribute(attribute:"see_also", value:"http://www.wireshark.org/security/wnpa-sec-2012-22.html");
  script_set_attribute(attribute:"see_also", value:"http://www.wireshark.org/security/wnpa-sec-2012-23.html");
  script_set_attribute(attribute:"see_also", value:"http://www.wireshark.org/docs/relnotes/wireshark-1.6.10.html");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Wireshark version 1.6.10 or later.");
  script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-4297");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/08/15");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/08/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/17");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:wireshark:wireshark");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2012-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("wireshark_installed.nasl");
  script_require_keys("SMB/Wireshark/Installed");

  exit(0);
}

include('vcf.inc');
get_kb_item_or_exit('SMB/Registry/Enumerated');

var app_info = vcf::get_app_info(app:'Wireshark', win_local:TRUE);

var constraints = [
  { 'min_version' : '1.6.0', 'max_version' : '1.6.9', 'fixed_version' : '1.6.10' }
];

vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);
VendorProductVersionCPE
wiresharkwiresharkcpe:/a:wireshark:wireshark

References

Related

nessus 24
openvas 29
fedora 2
securityvulns 2
freebsd 1
redhat 2
centos 2
veracode 36
oraclelinux 2
prion 9
ubuntucve 9
cve 9
debiancve 9
debian 1
amazon 1
gentoo 1
nessus
nessus
Fedora 16 : wireshark-1.6.10-1.fc16 (2012-12085)
2012-08-28 00:00:00
Fedora 17 : wireshark-1.6.10-1.fc17 (2012-12091)
2012-08-28 00:00:00
openSUSE Security Update : wireshark (openSUSE-SU-2012:1035-1)
2014-06-13 00:00:00
openvas
openvas
Fedora Update for wireshark FEDORA-2012-12091
2012-08-30 00:00:00
Fedora Update for wireshark FEDORA-2012-12085
2012-08-30 00:00:00
Fedora Update for wireshark FEDORA-2012-12085
2012-08-30 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: wireshark-1.6.10-1.fc17
2012-08-27 23:05:49
[SECURITY] Fedora 16 Update: wireshark-1.6.10-1.fc16
2012-08-27 22:55:57
securityvulns
securityvulns
[ MDVSA-2012:135 ] wireshark
2012-08-20 00:00:00
Wireshark security vulnerabilities
2012-08-20 00:00:00
freebsd
freebsd
Wireshark -- Multiple vulnerabilities
2012-07-22 00:00:00
redhat
redhat
(RHSA-2013:0125) Moderate: wireshark security, bug fix, and enhancement update
2013-01-08 00:00:00
(RHSA-2013:1569) Moderate: wireshark security, bug fix, and enhancement update
2013-11-21 00:00:00
centos
centos
wireshark security update
2013-01-09 19:42:29
wireshark security update
2013-11-26 13:33:12
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:45:33
Denial Of Service (DoS)
2019-05-02 04:45:33
Denial Of Service (DoS)
2019-05-02 04:45:33
oraclelinux
oraclelinux
wireshark security, bug fix, and enhancement update
2013-01-11 00:00:00
wireshark security, bug fix, and enhancement update
2013-11-25 00:00:00
prion
prion
Buffer overflow
2012-08-16 10:38:00
Code injection
2012-08-16 10:38:00
Design/Logic Flaw
2012-08-16 10:38:00
ubuntucve
ubuntucve
CVE-2012-4296
2012-08-16 00:00:00
CVE-2012-4290
2012-08-16 00:00:00
CVE-2012-4297
2012-08-16 00:00:00
cve
cve
CVE-2012-4296
2012-08-16 10:38:00
CVE-2012-4289
2012-08-16 10:38:00
CVE-2012-4290
2012-08-16 10:38:00
debiancve
debiancve
CVE-2012-4289
2012-08-16 10:38:00
CVE-2012-4291
2012-08-16 10:38:00
CVE-2012-4297
2012-08-16 10:38:00
debian
debian
[SECURITY] [DSA 2590-1] wireshark security update
2012-12-26 15:20:33
amazon
amazon
Medium: wireshark
2013-12-02 20:29:00
gentoo
gentoo
Wireshark: Multiple vulnerabilities
2013-08-28 00:00:00
JSON
Related for WIRESHARK_1_6_10.NASL
nessus24openvas29fedora2securityvulns2freebsd1redhat2centos2veracode36oraclelinux2prion9ubuntucve9cve9debiancve9debian1amazon1gentoo1