Search...

Wireshark 2.2.x < 2.2.12 / 2.4.x < 2.4.4 DoS Vulnerabilities

2018-01-18T00:00:00

ID WIRESHARK_2_4_4.NASL
Type nessus
Reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2021-01-02T00:00:00

Description

The version of Wireshark installed on the remote Windows host is 2.2.x prior to 2.2.12 or 2.4.x prior to 2.4.4. It is, therefore, affected by a denial of service vulnerability.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(106142);
  script_version("1.5");
  script_cvs_date("Date: 2019/11/08");

  script_cve_id(
    "CVE-2017-17997",
    "CVE-2018-5334",
    "CVE-2018-5335",
    "CVE-2018-5336"
  );
  script_bugtraq_id(102499, 102500, 102504);

  script_name(english:"Wireshark 2.2.x &lt; 2.2.12 / 2.4.x &lt; 2.4.4 DoS Vulnerabilities");
  script_summary(english:"Checks the version of Wireshark.");

  script_set_attribute(attribute:"synopsis", value:
"An application installed on the remote Windows host is affected by
multiple denial of service vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Wireshark installed on the remote Windows host is 
2.2.x prior to 2.2.12 or 2.4.x prior to 2.4.4. It is, therefore, 
affected by a denial of service vulnerability.");
  script_set_attribute(attribute:"see_also", value:"https://www.wireshark.org/security/wnpa-sec-2018-01.html");
  script_set_attribute(attribute:"see_also", value:"https://www.wireshark.org/security/wnpa-sec-2018-03.html");
  script_set_attribute(attribute:"see_also", value:"https://www.wireshark.org/security/wnpa-sec-2018-04.html");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Wireshark version 2.2.12 / 2.4.4 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-5336");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/01/11");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/01/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/01/18");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:wireshark:wireshark");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("wireshark_installed.nasl");
  script_require_keys("installed_sw/Wireshark", "SMB/Registry/Enumerated");

  exit(0);
}

include("vcf.inc");

get_kb_item_or_exit("SMB/Registry/Enumerated");

app_info = vcf::get_app_info(app:"Wireshark", win_local:TRUE);

constraints = [
  { "min_version" : "2.2.0", "fixed_version" : "2.2.12" },
  { "min_version" : "2.4.0", "fixed_version" : "2.4.4" }
];

vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);

JSON Vulners Source

Initial Source

{"id": "WIRESHARK_2_4_4.NASL", "bulletinFamily": "scanner", "title": "Wireshark 2.2.x < 2.2.12 / 2.4.x < 2.4.4 DoS Vulnerabilities", "description": "The version of Wireshark installed on the remote Windows host is \n2.2.x prior to 2.2.12 or 2.4.x prior to 2.4.4. It is, therefore, \naffected by a denial of service vulnerability.", "published": "2018-01-18T00:00:00", "modified": "2021-01-02T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://www.tenable.com/plugins/nessus/106142", "reporter": "This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://www.wireshark.org/security/wnpa-sec-2018-03.html", "https://www.wireshark.org/security/wnpa-sec-2018-04.html", "https://www.wireshark.org/security/wnpa-sec-2018-01.html"], "cvelist": ["CVE-2018-5335", "CVE-2018-5334", "CVE-2018-5336", "CVE-2017-17997"], "type": "nessus", "lastseen": "2021-01-01T07:00:56", "edition": 25, "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2017-17997", "CVE-2018-5336", "CVE-2018-5334", "CVE-2018-5335"]}, {"type": "kaspersky", "idList": ["KLA11176"]}, {"type": "nessus", "idList": ["SUSE_SU-2018-0179-1.NASL", "MACOSX_WIRESHARK_2_4_4.NASL", "EULEROS_SA-2018-1042.NASL", "OPENSUSE-2018-32.NASL", "DEBIAN_DSA-4101.NASL", "FEDORA_2018-CDF3F8E8B0.NASL", "FEDORA_2018-BFDAD62CD6.NASL", "EULEROS_SA-2018-1041.NASL", "DEBIAN_DLA-1258.NASL", "SUSE_SU-2018-0191-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310812633", "OPENVAS:1361412562310704101", "OPENVAS:1361412562311220181042", "OPENVAS:1361412562310812631", "OPENVAS:1361412562310812630", "OPENVAS:1361412562310812632", "OPENVAS:1361412562310891258", "OPENVAS:1361412562310874288", "OPENVAS:1361412562311220181041", "OPENVAS:1361412562310874872"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4101-1:FD9E6", "DEBIAN:DLA-1634-1:9CB4F", "DEBIAN:DLA-1258-1:7E441"]}, {"type": "fedora", "idList": ["FEDORA:A36566002E30", "FEDORA:A3BB5642EA04", "FEDORA:BFCC260BDC9A", "FEDORA:AA87961AC333"]}], "modified": "2021-01-01T07:00:56", "rev": 2}, "score": {"value": 6.3, "vector": "NONE", "modified": "2021-01-01T07:00:56", "rev": 2}, "vulnersScore": 6.3}, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(106142);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/11/08\");\n\n script_cve_id(\n \"CVE-2017-17997\",\n \"CVE-2018-5334\",\n \"CVE-2018-5335\",\n \"CVE-2018-5336\"\n );\n script_bugtraq_id(102499, 102500, 102504);\n\n script_name(english:\"Wireshark 2.2.x < 2.2.12 / 2.4.x < 2.4.4 DoS Vulnerabilities\");\n script_summary(english:\"Checks the version of Wireshark.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Windows host is affected by\nmultiple denial of service vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote Windows host is \n2.2.x prior to 2.2.12 or 2.4.x prior to 2.4.4. It is, therefore, \naffected by a denial of service vulnerability.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-01.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-03.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-04.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 2.2.12 / 2.4.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-5336\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"installed_sw/Wireshark\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_info = vcf::get_app_info(app:\"Wireshark\", win_local:TRUE);\n\nconstraints = [\n { \"min_version\" : \"2.2.0\", \"fixed_version\" : \"2.2.12\" },\n { \"min_version\" : \"2.4.0\", \"fixed_version\" : \"2.4.4\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "naslFamily": "Windows", "pluginID": "106142", "cpe": ["cpe:/a:wireshark:wireshark"], "scheme": null, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}}

{"cve": [{"lastseen": "2020-12-09T20:13:28", "description": "In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. This was addressed in epan/dissectors/packet-mrdisc.c by validating an IPv4 address. This vulnerability is similar to CVE-2017-9343.", "edition": 5, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-12-30T07:29:00", "title": "CVE-2017-17997", "type": "cve", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17997"], "modified": "2019-03-01T18:19:00", "cpe": ["cpe:/a:wireshark:wireshark:2.2.11", "cpe:/o:debian:debian_linux:8.0"], "id": "CVE-2017-17997", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17997", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.11:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:25:44", "description": "In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the WCP dissector could crash. This was addressed in epan/dissectors/packet-wcp.c by validating the available buffer length.", "edition": 5, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-01-11T21:29:00", "title": "CVE-2018-5335", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5335"], "modified": "2019-03-12T17:48:00", "cpe": ["cpe:/a:wireshark:wireshark:2.2.11", "cpe:/o:debian:debian_linux:8.0", "cpe:/a:wireshark:wireshark:2.4.3", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-5335", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5335", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:25:44", "description": "In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth.", "edition": 5, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-01-11T21:29:00", "title": "CVE-2018-5336", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5336"], "modified": "2019-03-12T16:00:00", "cpe": ["cpe:/a:wireshark:wireshark:2.2.11", "cpe:/o:debian:debian_linux:8.0", "cpe:/a:wireshark:wireshark:2.4.3", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-5336", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5336", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:25:44", "description": "In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by correcting the signature timestamp bounds checks.", "edition": 5, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-01-11T21:29:00", "title": "CVE-2018-5334", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5334"], "modified": "2019-03-12T17:54:00", "cpe": ["cpe:/a:wireshark:wireshark:2.2.11", "cpe:/o:debian:debian_linux:8.0", "cpe:/a:wireshark:wireshark:2.4.3", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-5334", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5334", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"]}], "nessus": [{"lastseen": "2021-01-01T03:41:30", "description": "The version of Wireshark installed on the remote MacOS/MacOSX host\nis 2.2.x prior to 2.2.12 or 2.4.x prior to 2.4.4. It is, therefore, \naffected by a denial of service vulnerability.", "edition": 25, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2018-01-18T00:00:00", "title": "Wireshark 2.2.x < 2.2.12 / 2.4.x < 2.4.4 DoS Vulnerabilities (MacOS)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5335", "CVE-2018-5334", "CVE-2018-5336", "CVE-2017-17997"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "MACOSX_WIRESHARK_2_4_4.NASL", "href": "https://www.tenable.com/plugins/nessus/106141", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(106141);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/11/08\");\n\n script_cve_id(\n \"CVE-2017-17997\",\n \"CVE-2018-5334\",\n \"CVE-2018-5335\",\n \"CVE-2018-5336\"\n );\n script_bugtraq_id(102499, 102500, 102504);\n\n script_name(english:\"Wireshark 2.2.x < 2.2.12 / 2.4.x < 2.4.4 DoS Vulnerabilities (MacOS)\");\n script_summary(english:\"Checks the version of Wireshark.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote MacOS / MacOSX host is affected by\nmultiple denial of service vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote MacOS/MacOSX host\nis 2.2.x prior to 2.2.12 or 2.4.x prior to 2.4.4. It is, therefore, \naffected by a denial of service vulnerability.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-01.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-03.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-04.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 2.2.12 / 2.4.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-5336\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_wireshark_installed.nbin\");\n script_require_keys(\"installed_sw/Wireshark\", \"Host/MacOSX/Version\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nget_kb_item_or_exit(\"Host/MacOSX/Version\");\n\napp_info = vcf::get_app_info(app:\"Wireshark\");\n\nconstraints = [\n { \"min_version\" : \"2.2.0\", \"fixed_version\" : \"2.2.12\" },\n { \"min_version\" : \"2.4.0\", \"fixed_version\" : \"2.4.4\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-20T12:36:48", "description": "This update for wireshark to version 2.2.12 fixes the following \nissues :\n\n - CVE-2018-5334: IxVeriWave file could crash (boo#1075737)\n\n - CVE-2018-5335: WCP dissector could crash (boo#1075738)\n\n - CVE-2018-5336: Multiple dissector crashes (boo#1075739)\n\n - CVE-2017-17997: MRDISC dissector could crash\n (boo#1074171)\n\nThis release no longers enable the Linux kernel BPF JIT compiler via\nthe net.core.bpf_jit_enable sysctl, as this would make systems more\nvulnerable to Spectre variant 1 CVE-2017-5753 - (boo#1075748)\n\nFurther bug fixes and updated protocol support as listed in:\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.2.12.html", "edition": 23, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2018-01-16T00:00:00", "title": "openSUSE Security Update : wireshark (openSUSE-2018-32) (Spectre)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-5753", "CVE-2018-5335", "CVE-2018-5334", "CVE-2018-5336", "CVE-2017-17997"], "modified": "2018-01-16T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo", "p-cpe:/a:novell:opensuse:wireshark", "p-cpe:/a:novell:opensuse:wireshark-devel", "p-cpe:/a:novell:opensuse:wireshark-ui-qt", "p-cpe:/a:novell:opensuse:wireshark-debugsource", "p-cpe:/a:novell:opensuse:wireshark-ui-gtk", "cpe:/o:novell:opensuse:42.3", "p-cpe:/a:novell:opensuse:wireshark-ui-gtk-debuginfo", "cpe:/o:novell:opensuse:42.2", "p-cpe:/a:novell:opensuse:wireshark-debuginfo"], "id": "OPENSUSE-2018-32.NASL", "href": "https://www.tenable.com/plugins/nessus/106061", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-32.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106061);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-17997\", \"CVE-2017-5753\", \"CVE-2018-5334\", \"CVE-2018-5335\", \"CVE-2018-5336\");\n script_xref(name:\"IAVA\", value:\"2018-A-0020\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-2018-32) (Spectre)\");\n script_summary(english:\"Check for the openSUSE-2018-32 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for wireshark to version 2.2.12 fixes the following \nissues :\n\n - CVE-2018-5334: IxVeriWave file could crash (boo#1075737)\n\n - CVE-2018-5335: WCP dissector could crash (boo#1075738)\n\n - CVE-2018-5336: Multiple dissector crashes (boo#1075739)\n\n - CVE-2017-17997: MRDISC dissector could crash\n (boo#1074171)\n\nThis release no longers enable the Linux kernel BPF JIT compiler via\nthe net.core.bpf_jit_enable sysctl, as this would make systems more\nvulnerable to Spectre variant 1 CVE-2017-5753 - (boo#1075748)\n\nFurther bug fixes and updated protocol support as listed in:\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.2.12.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1074171\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1075737\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1075738\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1075739\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1075748\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.2.12.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-gtk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/15\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/16\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.2|SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.2 / 42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.2\", reference:\"wireshark-2.2.12-14.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"wireshark-debuginfo-2.2.12-14.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"wireshark-debugsource-2.2.12-14.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"wireshark-devel-2.2.12-14.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"wireshark-ui-gtk-2.2.12-14.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"wireshark-ui-gtk-debuginfo-2.2.12-14.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"wireshark-ui-qt-2.2.12-14.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"wireshark-ui-qt-debuginfo-2.2.12-14.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-2.2.12-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-debuginfo-2.2.12-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-debugsource-2.2.12-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-devel-2.2.12-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-ui-gtk-2.2.12-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-ui-gtk-debuginfo-2.2.12-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-ui-qt-2.2.12-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-ui-qt-debuginfo-2.2.12-32.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-debuginfo / wireshark-debugsource / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T09:38:59", "description": "Kamil Frankowicz and Young found that several parsers of wireshark\ncould be crashed by malformed packets.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n1.12.1+g01b65bf-4+deb8u6~deb7u9.\n\nWe recommend that you upgrade your wireshark packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 21, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2018-01-29T00:00:00", "title": "Debian DLA-1258-1 : wireshark security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5335", "CVE-2018-5334", "CVE-2018-5336"], "modified": "2018-01-29T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:wireshark-doc", "p-cpe:/a:debian:debian_linux:libwireshark-dev", "p-cpe:/a:debian:debian_linux:wireshark", "p-cpe:/a:debian:debian_linux:libwireshark-data", "p-cpe:/a:debian:debian_linux:libwiretap-dev", "p-cpe:/a:debian:debian_linux:libwsutil-dev", "p-cpe:/a:debian:debian_linux:wireshark-dbg", "cpe:/o:debian:debian_linux:7.0", "p-cpe:/a:debian:debian_linux:libwsutil2", "p-cpe:/a:debian:debian_linux:libwireshark2", "p-cpe:/a:debian:debian_linux:libwiretap2", "p-cpe:/a:debian:debian_linux:wireshark-common", "p-cpe:/a:debian:debian_linux:wireshark-dev", "p-cpe:/a:debian:debian_linux:tshark"], "id": "DEBIAN_DLA-1258.NASL", "href": "https://www.tenable.com/plugins/nessus/106408", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1258-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106408);\n script_version(\"3.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-5334\", \"CVE-2018-5335\", \"CVE-2018-5336\");\n\n script_name(english:\"Debian DLA-1258-1 : wireshark security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Kamil Frankowicz and Young found that several parsers of wireshark\ncould be crashed by malformed packets.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n1.12.1+g01b65bf-4+deb8u6~deb7u9.\n\nWe recommend that you upgrade your wireshark packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2018/01/msg00032.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/wireshark\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwireshark-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwireshark-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwireshark2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwiretap-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwiretap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwsutil-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwsutil2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libwireshark-data\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libwireshark-dev\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libwireshark2\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libwiretap-dev\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libwiretap2\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libwsutil-dev\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libwsutil2\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tshark\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"wireshark\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"wireshark-common\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"wireshark-dbg\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"wireshark-dev\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"wireshark-doc\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T01:46:24", "description": "It was discovered that wireshark, a network protocol analyzer,\ncontained several vulnerabilities in the dissectors/file parsers for\nIxVeriWave, WCP, JSON, XML, NTP, XMPP and GDB, which could result in\ndenial of service or the execution of arbitrary code.", "edition": 29, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2018-01-29T00:00:00", "title": "Debian DSA-4101-1 : wireshark - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5335", "CVE-2018-5334", "CVE-2018-5336"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:wireshark", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4101.NASL", "href": "https://www.tenable.com/plugins/nessus/106415", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4101. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(106415);\n script_version(\"3.10\");\n script_cvs_date(\"Date: 2019/03/13 12:13:13\");\n\n script_cve_id(\"CVE-2018-5334\", \"CVE-2018-5335\", \"CVE-2018-5336\");\n script_xref(name:\"DSA\", value:\"4101\");\n\n script_name(english:\"Debian DSA-4101-1 : wireshark - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that wireshark, a network protocol analyzer,\ncontained several vulnerabilities in the dissectors/file parsers for\nIxVeriWave, WCP, JSON, XML, NTP, XMPP and GDB, which could result in\ndenial of service or the execution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/wireshark\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/wireshark\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/wireshark\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4101\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the wireshark packages.\n\nFor the oldstable distribution (jessie), these problems have been\nfixed in version 1.12.1+g01b65bf-4+deb8u13.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 2.2.6+g32dac6a-2+deb9u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libwireshark-data\", reference:\"1.12.1+g01b65bf-4+deb8u13\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwireshark-dev\", reference:\"1.12.1+g01b65bf-4+deb8u13\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwireshark5\", reference:\"1.12.1+g01b65bf-4+deb8u13\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwiretap-dev\", reference:\"1.12.1+g01b65bf-4+deb8u13\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwiretap4\", reference:\"1.12.1+g01b65bf-4+deb8u13\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwsutil-dev\", reference:\"1.12.1+g01b65bf-4+deb8u13\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwsutil4\", reference:\"1.12.1+g01b65bf-4+deb8u13\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tshark\", reference:\"1.12.1+g01b65bf-4+deb8u13\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wireshark\", reference:\"1.12.1+g01b65bf-4+deb8u13\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wireshark-common\", reference:\"1.12.1+g01b65bf-4+deb8u13\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wireshark-dbg\", reference:\"1.12.1+g01b65bf-4+deb8u13\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wireshark-dev\", reference:\"1.12.1+g01b65bf-4+deb8u13\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wireshark-doc\", reference:\"1.12.1+g01b65bf-4+deb8u13\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wireshark-qt\", reference:\"1.12.1+g01b65bf-4+deb8u13\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwireshark-data\", reference:\"2.2.6+g32dac6a-2+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwireshark-dev\", reference:\"2.2.6+g32dac6a-2+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwireshark8\", reference:\"2.2.6+g32dac6a-2+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwiretap-dev\", reference:\"2.2.6+g32dac6a-2+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwiretap6\", reference:\"2.2.6+g32dac6a-2+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwscodecs1\", reference:\"2.2.6+g32dac6a-2+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwsutil-dev\", reference:\"2.2.6+g32dac6a-2+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwsutil7\", reference:\"2.2.6+g32dac6a-2+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"tshark\", reference:\"2.2.6+g32dac6a-2+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark\", reference:\"2.2.6+g32dac6a-2+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark-common\", reference:\"2.2.6+g32dac6a-2+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark-dev\", reference:\"2.2.6+g32dac6a-2+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark-doc\", reference:\"2.2.6+g32dac6a-2+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark-gtk\", reference:\"2.2.6+g32dac6a-2+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark-qt\", reference:\"2.2.6+g32dac6a-2+deb9u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T06:08:56", "description": "This update for wireshark to version 2.2.12 fixes the following \nissues :\n\n - CVE-2018-5334: IxVeriWave file could crash (bsc#1075737)\n\n - CVE-2018-5335: WCP dissector could crash (bsc#1075738)\n\n - CVE-2018-5336: Multiple dissector crashes (bsc#1075739)\n\n - CVE-2017-17935: Incorrect handling of '\\n' in\n file_read_line function could have lead to denial of\n service (bsc#1074171) This release no longer enables the\n Linux kernel BPF JIT compiler via the\n net.core.bpf_jit_enable sysctl, as this would make\n systems more vulnerable to Spectre variant 1\n CVE-2017-5753 - (bsc#1075748) Further bug fixes and\n updated protocol support as listed in:\n https://www.wireshark.org/docs/relnotes/wireshark-2.2.12\n .html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 30, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2018-01-25T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2018:0191-1) (Spectre)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-5753", "CVE-2018-5335", "CVE-2017-17935", "CVE-2018-5334", "CVE-2018-5336"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libwsutil7", "p-cpe:/a:novell:suse_linux:libwiretap6", "p-cpe:/a:novell:suse_linux:libwscodecs1-debuginfo", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:wireshark-debuginfo", "p-cpe:/a:novell:suse_linux:wireshark-gtk-debuginfo", "p-cpe:/a:novell:suse_linux:libwireshark8-debuginfo", "p-cpe:/a:novell:suse_linux:libwscodecs1", "p-cpe:/a:novell:suse_linux:wireshark-debugsource", "p-cpe:/a:novell:suse_linux:libwsutil7-debuginfo", "p-cpe:/a:novell:suse_linux:libwiretap6-debuginfo", "p-cpe:/a:novell:suse_linux:wireshark-gtk", "p-cpe:/a:novell:suse_linux:wireshark", "p-cpe:/a:novell:suse_linux:libwireshark8"], "id": "SUSE_SU-2018-0191-1.NASL", "href": "https://www.tenable.com/plugins/nessus/106342", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:0191-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(106342);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/10 13:51:46\");\n\n script_cve_id(\"CVE-2017-17935\", \"CVE-2017-5753\", \"CVE-2018-5334\", \"CVE-2018-5335\", \"CVE-2018-5336\");\n script_xref(name:\"IAVA\", value:\"2018-A-0020\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2018:0191-1) (Spectre)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for wireshark to version 2.2.12 fixes the following \nissues :\n\n - CVE-2018-5334: IxVeriWave file could crash (bsc#1075737)\n\n - CVE-2018-5335: WCP dissector could crash (bsc#1075738)\n\n - CVE-2018-5336: Multiple dissector crashes (bsc#1075739)\n\n - CVE-2017-17935: Incorrect handling of '\\n' in\n file_read_line function could have lead to denial of\n service (bsc#1074171) This release no longer enables the\n Linux kernel BPF JIT compiler via the\n net.core.bpf_jit_enable sysctl, as this would make\n systems more vulnerable to Spectre variant 1\n CVE-2017-5753 - (bsc#1075748) Further bug fixes and\n updated protocol support as listed in:\n https://www.wireshark.org/docs/relnotes/wireshark-2.2.12\n .html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1074171\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1075737\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1075738\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1075739\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1075748\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-17935/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-5334/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-5335/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-5336/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20180191-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?24f8b47a\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.2.12.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-134=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t\npatch SUSE-SLE-SDK-12-SP2-2018-134=1\n\nSUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t\npatch SUSE-SLE-RPI-12-SP2-2018-134=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-134=1\n\nSUSE Linux Enterprise Server 12-SP2:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2018-134=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-134=1\n\nSUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP2-2018-134=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwscodecs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwscodecs1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-gtk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/25\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP2/3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwireshark8-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwireshark8-debuginfo-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwiretap6-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwiretap6-debuginfo-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwscodecs1-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwscodecs1-debuginfo-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwsutil7-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwsutil7-debuginfo-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-debuginfo-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-debugsource-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-gtk-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-gtk-debuginfo-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwireshark8-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwireshark8-debuginfo-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwiretap6-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwiretap6-debuginfo-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwscodecs1-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwscodecs1-debuginfo-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwsutil7-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwsutil7-debuginfo-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"wireshark-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"wireshark-debuginfo-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"wireshark-debugsource-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"wireshark-gtk-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"wireshark-gtk-debuginfo-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwireshark8-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwireshark8-debuginfo-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwiretap6-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwiretap6-debuginfo-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwscodecs1-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwscodecs1-debuginfo-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwsutil7-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwsutil7-debuginfo-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-debuginfo-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-debugsource-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-gtk-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-gtk-debuginfo-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libwireshark8-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libwireshark8-debuginfo-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libwiretap6-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libwiretap6-debuginfo-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libwscodecs1-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libwscodecs1-debuginfo-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libwsutil7-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libwsutil7-debuginfo-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"wireshark-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"wireshark-debuginfo-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"wireshark-debugsource-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"wireshark-gtk-2.2.12-48.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"wireshark-gtk-debuginfo-2.2.12-48.18.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-20T14:50:18", "description": "This update for wireshark to version 2.2.12 fixes the following \nissues :\n\n - CVE-2018-5334: IxVeriWave file could crash (bsc#1075737)\n\n - CVE-2018-5335: WCP dissector could crash (bsc#1075738)\n\n - CVE-2018-5336: Multiple dissector crashes (bsc#1075739)\n\n - CVE-2017-17935: Incorrect handling of '\\n' in\n file_read_line function could have lead to denial of\n service (bsc#1074171) This release no longer enables the\n Linux kernel BPF JIT compiler via the\n net.core.bpf_jit_enable sysctl, as this would make\n systems more vulnerable to Spectre variant 1\n CVE-2017-5753 - (bsc#1075748) Further bug fixes and\n updated protocol support as listed in:\n https://www.wireshark.org/docs/relnotes/wireshark-2.2.12\n .html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 30, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2018-01-24T00:00:00", "title": "SUSE SLES11 Security Update : wireshark (SUSE-SU-2018:0179-1) (Spectre)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-5753", "CVE-2018-5335", "CVE-2017-17935", "CVE-2018-5334", "CVE-2018-5336"], "modified": "2018-01-24T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libwsutil7", "p-cpe:/a:novell:suse_linux:libwiretap6", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:libwscodecs1", "p-cpe:/a:novell:suse_linux:wireshark-gtk", "p-cpe:/a:novell:suse_linux:wireshark", "p-cpe:/a:novell:suse_linux:libwireshark8"], "id": "SUSE_SU-2018-0179-1.NASL", "href": "https://www.tenable.com/plugins/nessus/106293", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:0179-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106293);\n script_version(\"3.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-17935\", \"CVE-2017-5753\", \"CVE-2018-5334\", \"CVE-2018-5335\", \"CVE-2018-5336\");\n script_xref(name:\"IAVA\", value:\"2018-A-0020\");\n\n script_name(english:\"SUSE SLES11 Security Update : wireshark (SUSE-SU-2018:0179-1) (Spectre)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for wireshark to version 2.2.12 fixes the following \nissues :\n\n - CVE-2018-5334: IxVeriWave file could crash (bsc#1075737)\n\n - CVE-2018-5335: WCP dissector could crash (bsc#1075738)\n\n - CVE-2018-5336: Multiple dissector crashes (bsc#1075739)\n\n - CVE-2017-17935: Incorrect handling of '\\n' in\n file_read_line function could have lead to denial of\n service (bsc#1074171) This release no longer enables the\n Linux kernel BPF JIT compiler via the\n net.core.bpf_jit_enable sysctl, as this would make\n systems more vulnerable to Spectre variant 1\n CVE-2017-5753 - (bsc#1075748) Further bug fixes and\n updated protocol support as listed in:\n https://www.wireshark.org/docs/relnotes/wireshark-2.2.12\n .html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1074171\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1075737\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1075738\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1075739\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1075748\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-17935/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-5334/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-5335/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-5336/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20180179-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f114e3de\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.2.12.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-wireshark-13431=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-wireshark-13431=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-wireshark-13431=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwscodecs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/24\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libwireshark8-2.2.12-40.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libwiretap6-2.2.12-40.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libwscodecs1-2.2.12-40.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libwsutil7-2.2.12-40.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"wireshark-2.2.12-40.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"wireshark-gtk-2.2.12-40.17.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T08:53:01", "description": "According to the version of the wireshark packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - In Wireshark before 2.2.12, the MRDISC dissector\n misuses a NULL pointer and crashes. This was addressed\n in epan/dissectors/packet-mrdisc.c by validating an\n IPv4 address. This vulnerability is similar to\n CVE-2017-9343.(CVE-2017-17997)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2018-02-13T00:00:00", "title": "EulerOS 2.0 SP2 : wireshark (EulerOS-SA-2018-1042)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-9343", "CVE-2017-17997"], "modified": "2018-02-13T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:wireshark", "p-cpe:/a:huawei:euleros:wireshark-gnome", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2018-1042.NASL", "href": "https://www.tenable.com/plugins/nessus/106770", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106770);\n script_version(\"3.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-17997\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : wireshark (EulerOS-SA-2018-1042)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the wireshark packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - In Wireshark before 2.2.12, the MRDISC dissector\n misuses a NULL pointer and crashes. This was addressed\n in epan/dissectors/packet-mrdisc.c by validating an\n IPv4 address. This vulnerability is similar to\n CVE-2017-9343.(CVE-2017-17997)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1042\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e0407c28\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected wireshark package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/02/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/02/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"wireshark-1.10.14-7.h1\",\n \"wireshark-gnome-1.10.14-7.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T08:53:01", "description": "According to the version of the wireshark packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - In Wireshark before 2.2.12, the MRDISC dissector\n misuses a NULL pointer and crashes. This was addressed\n in epan/dissectors/packet-mrdisc.c by validating an\n IPv4 address. This vulnerability is similar to\n CVE-2017-9343.(CVE-2017-17997)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2018-02-13T00:00:00", "title": "EulerOS 2.0 SP1 : wireshark (EulerOS-SA-2018-1041)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-9343", "CVE-2017-17997"], "modified": "2018-02-13T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:wireshark", "p-cpe:/a:huawei:euleros:wireshark-gnome", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2018-1041.NASL", "href": "https://www.tenable.com/plugins/nessus/106769", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106769);\n script_version(\"3.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-17997\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : wireshark (EulerOS-SA-2018-1041)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the wireshark packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - In Wireshark before 2.2.12, the MRDISC dissector\n misuses a NULL pointer and crashes. This was addressed\n in epan/dissectors/packet-mrdisc.c by validating an\n IPv4 address. This vulnerability is similar to\n CVE-2017-9343.(CVE-2017-17997)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1041\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cfabbca6\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected wireshark package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/02/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/02/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"wireshark-1.10.14-7.h1\",\n \"wireshark-gnome-1.10.14-7.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T10:21:08", "description": "Removing dependency on wireshark metapackage from wireshark-cli\n\n----\n\nAdded wireshark-qt to wireshark metapackage\n\n----\n\n - New version 2.4.5\n\n - Contains fixes for CVE-2018-7419, CVE-2018-7418,\n CVE-2018-7417, CVE-2018-7420, CVE-2018-7320,\n CVE-2018-7336, CVE-2018-7337, CVE-2018-7334,\n CVE-2018-7335, CVE-2018-6836, CVE-2018-5335,\n CVE-2018-5334, CVE-2017-6014, CVE-2017-9616,\n CVE-2017-9617, CVE-2017-9766\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 11, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-01-03T00:00:00", "title": "Fedora 28 : 1:wireshark (2018-bfdad62cd6)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7335", "CVE-2018-7336", "CVE-2018-5335", "CVE-2018-7419", "CVE-2017-9617", "CVE-2018-7320", "CVE-2018-7417", "CVE-2017-6014", "CVE-2018-7418", "CVE-2018-5334", "CVE-2018-7420", "CVE-2018-6836", "CVE-2017-9766", "CVE-2018-7334", "CVE-2018-7337", "CVE-2017-9616", "CVE-2017-17997"], "modified": "2019-01-03T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:wireshark", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-BFDAD62CD6.NASL", "href": "https://www.tenable.com/plugins/nessus/120757", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-bfdad62cd6.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120757);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-17997\", \"CVE-2017-6014\", \"CVE-2017-9616\", \"CVE-2017-9617\", \"CVE-2017-9766\", \"CVE-2018-5334\", \"CVE-2018-5335\", \"CVE-2018-6836\", \"CVE-2018-7320\", \"CVE-2018-7334\", \"CVE-2018-7335\", \"CVE-2018-7336\", \"CVE-2018-7337\", \"CVE-2018-7417\", \"CVE-2018-7418\", \"CVE-2018-7419\", \"CVE-2018-7420\");\n script_xref(name:\"FEDORA\", value:\"2018-bfdad62cd6\");\n\n script_name(english:\"Fedora 28 : 1:wireshark (2018-bfdad62cd6)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Removing dependency on wireshark metapackage from wireshark-cli\n\n----\n\nAdded wireshark-qt to wireshark metapackage\n\n----\n\n - New version 2.4.5\n\n - Contains fixes for CVE-2018-7419, CVE-2018-7418,\n CVE-2018-7417, CVE-2018-7420, CVE-2018-7320,\n CVE-2018-7336, CVE-2018-7337, CVE-2018-7334,\n CVE-2018-7335, CVE-2018-6836, CVE-2018-5335,\n CVE-2018-5334, CVE-2017-6014, CVE-2017-9616,\n CVE-2017-9617, CVE-2017-9766\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-bfdad62cd6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 1:wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-6836\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/02/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"wireshark-2.4.5-3.fc28\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:wireshark\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:21:41", "description": "Removing dependency on wireshark metapackage from wireshark-cli\n\n----\n\nAdded wireshark-qt to wireshark metapackage\n\n----\n\n - New version 2.4.5\n\n - Contains fixes for CVE-2018-7419, CVE-2018-7418,\n CVE-2018-7417, CVE-2018-7420, CVE-2018-7320,\n CVE-2018-7336, CVE-2018-7337, CVE-2018-7334,\n CVE-2018-7335, CVE-2018-6836, CVE-2018-5335,\n CVE-2018-5334, CVE-2017-6014, CVE-2017-9616,\n CVE-2017-9617, CVE-2017-9766\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 18, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-03-28T00:00:00", "title": "Fedora 27 : 1:wireshark (2018-cdf3f8e8b0)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7335", "CVE-2018-7336", "CVE-2018-5335", "CVE-2018-7419", "CVE-2017-9617", "CVE-2018-7320", "CVE-2018-7417", "CVE-2017-6014", "CVE-2018-7418", "CVE-2018-5334", "CVE-2018-7420", "CVE-2018-6836", "CVE-2017-9766", "CVE-2018-7334", "CVE-2018-7337", "CVE-2017-9616", "CVE-2017-17997"], "modified": "2018-03-28T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:27", "p-cpe:/a:fedoraproject:fedora:1:wireshark"], "id": "FEDORA_2018-CDF3F8E8B0.NASL", "href": "https://www.tenable.com/plugins/nessus/108674", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-cdf3f8e8b0.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(108674);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-17997\", \"CVE-2017-6014\", \"CVE-2017-9616\", \"CVE-2017-9617\", \"CVE-2017-9766\", \"CVE-2018-5334\", \"CVE-2018-5335\", \"CVE-2018-6836\", \"CVE-2018-7320\", \"CVE-2018-7334\", \"CVE-2018-7335\", \"CVE-2018-7336\", \"CVE-2018-7337\", \"CVE-2018-7417\", \"CVE-2018-7418\", \"CVE-2018-7419\", \"CVE-2018-7420\");\n script_xref(name:\"FEDORA\", value:\"2018-cdf3f8e8b0\");\n\n script_name(english:\"Fedora 27 : 1:wireshark (2018-cdf3f8e8b0)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Removing dependency on wireshark metapackage from wireshark-cli\n\n----\n\nAdded wireshark-qt to wireshark metapackage\n\n----\n\n - New version 2.4.5\n\n - Contains fixes for CVE-2018-7419, CVE-2018-7418,\n CVE-2018-7417, CVE-2018-7420, CVE-2018-7320,\n CVE-2018-7336, CVE-2018-7337, CVE-2018-7334,\n CVE-2018-7335, CVE-2018-6836, CVE-2018-5335,\n CVE-2018-5334, CVE-2017-6014, CVE-2017-9616,\n CVE-2017-9617, CVE-2017-9766\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-cdf3f8e8b0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 1:wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/02/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"wireshark-2.4.5-3.fc27\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:wireshark\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "kaspersky": [{"lastseen": "2020-09-02T12:00:27", "bulletinFamily": "info", "cvelist": ["CVE-2018-5335", "CVE-2018-5334", "CVE-2018-5336", "CVE-2017-17997"], "description": "### *Detect date*:\n01/11/2018\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service.\n\n### *Affected products*:\nWireshark earlier than 2.4.4 \nWireshark earlier than 2.2.12\n\n### *Solution*:\nUpdate to the latest version \n[Get Wireshark](<https://www.wireshark.org/download.html>)\n\n### *Original advisories*:\n[wnpa-sec-2018-02](<https://www.wireshark.org/security/wnpa-sec-2018-02.html>) \n[wnpa-sec-2018-04](<https://www.wireshark.org/security/wnpa-sec-2018-04.html>) \n[wnpa-sec-2018-01](<https://www.wireshark.org/security/wnpa-sec-2018-01.html>) \n[wnpa-sec-2018-03](<https://www.wireshark.org/security/wnpa-sec-2018-03.html>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[Wireshark](<https://threats.kaspersky.com/en/product/Wireshark/>)\n\n### *CVE-IDS*:\n[CVE-2018-5334](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5334>)4.3Warning \n[CVE-2018-5336](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5336>)4.3Warning \n[CVE-2018-5335](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5335>)4.3Warning \n[CVE-2017-17997](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17997>)5.0Critical", "edition": 40, "modified": "2020-05-22T00:00:00", "published": "2018-01-11T00:00:00", "id": "KLA11176", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11176", "title": "\r KLA11176Multiple DoS vulnerabilities in Wireshark ", "type": "kaspersky", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2020-01-29T20:07:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5335", "CVE-2018-5334", "CVE-2018-5336"], "description": "Kamil Frankowicz and Young found that several parsers of wireshark could be crashed by malformed packets.", "modified": "2020-01-29T00:00:00", "published": "2018-01-31T00:00:00", "id": "OPENVAS:1361412562310891258", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891258", "type": "openvas", "title": "Debian LTS: Security Advisory for wireshark (DLA-1258-1)", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891258\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-5334\", \"CVE-2018-5335\", \"CVE-2018-5336\");\n script_name(\"Debian LTS: Security Advisory for wireshark (DLA-1258-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-01-31 00:00:00 +0100 (Wed, 31 Jan 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/01/msg00032.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n\n script_tag(name:\"affected\", value:\"wireshark on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 7 'Wheezy', these problems have been fixed in version\n1.12.1+g01b65bf-4+deb8u6~deb7u9.\n\nWe recommend that you upgrade your wireshark packages.\");\n\n script_tag(name:\"summary\", value:\"Kamil Frankowicz and Young found that several parsers of wireshark could be crashed by malformed packets.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark-data\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark-dev\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark5\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwiretap-dev\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwiretap4\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwsutil-dev\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwsutil4\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"tshark\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-dbg\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-doc\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-qt\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u9\", rls:\"DEB7\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-07-17T14:04:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5335", "CVE-2018-5334", "CVE-2018-5336"], "description": "This host is installed with Wireshark\n and is prone to multiple denial-of-service vulnerabilities.", "modified": "2019-07-16T00:00:00", "published": "2018-01-16T00:00:00", "id": "OPENVAS:1361412562310812633", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812633", "type": "openvas", "title": "Wireshark Security Updates (wnpa-sec-2018-04_wnpa-sec-2018-03_wnpa-sec-2018-01) - Mac OS X", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Wireshark Security Updates (wnpa-sec-2018-04_wnpa-sec-2018-03_wnpa-sec-2018-01) MACOSX\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812633\");\n script_version(\"2019-07-16T15:57:25+0000\");\n script_cve_id(\"CVE-2018-5335\", \"CVE-2018-5334\", \"CVE-2018-5336\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-16 15:57:25 +0000 (Tue, 16 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-01-16 13:14:57 +0530 (Tue, 16 Jan 2018)\");\n script_name(\"Wireshark Security Updates (wnpa-sec-2018-04_wnpa-sec-2018-03_wnpa-sec-2018-01) - Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to multiple denial-of-service vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - The WCP dissector could crash.\n\n - The IxVeriWave file parser could crash.\n\n - The JSON, XML, NTP, XMPP, and GDB dissectors could crash.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this vulnerability\n will allow remote attackers to make wireshark crash.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 2.4.0 to 2.4.3, 2.2.0 to\n 2.2.11 on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 2.4.4 or 2.2.12\n or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-04\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-03\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-01\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_mandatory_keys(\"Wireshark/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:vers, test_version:\"2.4.0\", test_version2:\"2.4.3\")) {\n fix = \"2.4.4\";\n}\n\nelse if(version_in_range(version:vers, test_version:\"2.2.0\", test_version2:\"2.2.11\")) {\n fix = \"2.2.12\";\n}\n\nif(fix) {\n report = report_fixed_ver(installed_version:vers, fixed_version:fix, install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-07-04T18:56:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5335", "CVE-2018-5334", "CVE-2018-5336"], "description": "It was discovered that wireshark, a network protocol analyzer, contained\nseveral vulnerabilities in the dissectors/file parsers for IxVeriWave,\nWCP, JSON, XML, NTP, XMPP and GDB, which could result in denial of\nservice or the execution of arbitrary code.", "modified": "2019-07-04T00:00:00", "published": "2018-01-28T00:00:00", "id": "OPENVAS:1361412562310704101", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704101", "type": "openvas", "title": "Debian Security Advisory DSA 4101-1 (wireshark - security update)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4101-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704101\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-5334\", \"CVE-2018-5335\", \"CVE-2018-5336\");\n script_name(\"Debian Security Advisory DSA 4101-1 (wireshark - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-01-28 00:00:00 +0100 (Sun, 28 Jan 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4101.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(8|9)\");\n script_tag(name:\"affected\", value:\"wireshark on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (jessie), these problems have been fixed\nin version 1.12.1+g01b65bf-4+deb8u13.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2.2.6+g32dac6a-2+deb9u2.\n\nWe recommend that you upgrade your wireshark packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/wireshark\");\n script_tag(name:\"summary\", value:\"It was discovered that wireshark, a network protocol analyzer, contained\nseveral vulnerabilities in the dissectors/file parsers for IxVeriWave,\nWCP, JSON, XML, NTP, XMPP and GDB, which could result in denial of\nservice or the execution of arbitrary code.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark-data\", ver:\"1.12.1+g01b65bf-4+deb8u13\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark-dev\", ver:\"1.12.1+g01b65bf-4+deb8u13\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark5\", ver:\"1.12.1+g01b65bf-4+deb8u13\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwiretap-dev\", ver:\"1.12.1+g01b65bf-4+deb8u13\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwiretap4\", ver:\"1.12.1+g01b65bf-4+deb8u13\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwsutil-dev\", ver:\"1.12.1+g01b65bf-4+deb8u13\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwsutil4\", ver:\"1.12.1+g01b65bf-4+deb8u13\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"tshark\", ver:\"1.12.1+g01b65bf-4+deb8u13\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.12.1+g01b65bf-4+deb8u13\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.12.1+g01b65bf-4+deb8u13\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-dbg\", ver:\"1.12.1+g01b65bf-4+deb8u13\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.12.1+g01b65bf-4+deb8u13\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-doc\", ver:\"1.12.1+g01b65bf-4+deb8u13\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-qt\", ver:\"1.12.1+g01b65bf-4+deb8u13\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark-data\", ver:\"2.2.6+g32dac6a-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark-dev\", ver:\"2.2.6+g32dac6a-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark8\", ver:\"2.2.6+g32dac6a-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwiretap-dev\", ver:\"2.2.6+g32dac6a-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwiretap6\", ver:\"2.2.6+g32dac6a-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwscodecs1\", ver:\"2.2.6+g32dac6a-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwsutil-dev\", ver:\"2.2.6+g32dac6a-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwsutil7\", ver:\"2.2.6+g32dac6a-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"tshark\", ver:\"2.2.6+g32dac6a-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark\", ver:\"2.2.6+g32dac6a-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"2.2.6+g32dac6a-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"2.2.6+g32dac6a-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-doc\", ver:\"2.2.6+g32dac6a-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-gtk\", ver:\"2.2.6+g32dac6a-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-qt\", ver:\"2.2.6+g32dac6a-2+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5335", "CVE-2018-5334", "CVE-2018-5336"], "description": "This host is installed with Wireshark\n and is prone to multiple denial-of-service vulnerabilities.", "modified": "2019-05-17T00:00:00", "published": "2018-01-16T00:00:00", "id": "OPENVAS:1361412562310812632", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812632", "type": "openvas", "title": "Wireshark Security Updates (wnpa-sec-2018-04_wnpa-sec-2018-03_wnpa-sec-2018-01) Windows", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Wireshark Security Updates (wnpa-sec-2018-04_wnpa-sec-2018-03_wnpa-sec-2018-01) Windows\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812632\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2018-5335\", \"CVE-2018-5334\", \"CVE-2018-5336\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-01-16 13:14:57 +0530 (Tue, 16 Jan 2018)\");\n script_name(\"Wireshark Security Updates (wnpa-sec-2018-04_wnpa-sec-2018-03_wnpa-sec-2018-01) Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to multiple denial-of-service vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - The WCP dissector could crash.\n\n - The IxVeriWave file parser could crash.\n\n - The JSON, XML, NTP, XMPP, and GDB dissectors could crash.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this vulnerability\n will allow remote attackers to make wireshark crash.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 2.4.0 to 2.4.3, 2.2.0 to\n 2.2.11 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 2.4.4 or 2.2.12\n or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-04\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-03\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-01\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE )) exit(0);\nwirversion = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:wirversion, test_version:\"2.4.0\", test_version2:\"2.4.3\")){\n fix = \"2.4.4\";\n}\n\nelse if(version_in_range(version:wirversion, test_version:\"2.2.0\", test_version2:\"2.2.11\")){\n fix = \"2.2.12\";\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:wirversion, fixed_version:fix, install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-07-17T14:04:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-17997"], "description": "This host is installed with Wireshark\n and is prone to a denial-of-service vulnerability.", "modified": "2019-07-16T00:00:00", "published": "2018-01-16T00:00:00", "id": "OPENVAS:1361412562310812631", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812631", "type": "openvas", "title": "Wireshark Security Updates (wnpa-sec-2018-02) - Mac OS X", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Wireshark Security Updates (wnpa-sec-2018-02) MACOSX\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812631\");\n script_version(\"2019-07-16T15:57:25+0000\");\n script_cve_id(\"CVE-2017-17997\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-16 15:57:25 +0000 (Tue, 16 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-01-16 13:14:37 +0530 (Tue, 16 Jan 2018)\");\n script_name(\"Wireshark Security Updates (wnpa-sec-2018-02) - Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to a denial-of-service vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists as the MRDISC dissector\n could crash\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this vulnerability\n will allow remote attackers to make Wireshark crash.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 2.2.0 to 2.2.11 on\n Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 2.2.12 or\n later.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-02\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_mandatory_keys(\"Wireshark/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:vers, test_version:\"2.2.0\", test_version2:\"2.2.11\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"2.2.12\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-17997"], "description": "This host is installed with Wireshark\n and is prone to a denial-of-service vulnerability.", "modified": "2019-05-17T00:00:00", "published": "2018-01-16T00:00:00", "id": "OPENVAS:1361412562310812630", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812630", "type": "openvas", "title": "Wireshark Security Updates (wnpa-sec-2018-02) Windows", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Wireshark Security Updates (wnpa-sec-2018-02) Windows\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812630\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2017-17997\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-01-16 13:14:37 +0530 (Tue, 16 Jan 2018)\");\n script_name(\"Wireshark Security Updates (wnpa-sec-2018-02) Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to a denial-of-service vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists as the MRDISC dissector\n could crash\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this vulnerability\n will allow remote attackers to make Wireshark crash.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 2.2.0 to 2.2.11 on\n Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 2.2.12 or\n later.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-02\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE )) exit(0);\nwirversion = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:wirversion, test_version:\"2.2.0\", test_version2:\"2.2.11\"))\n{\n report = report_fixed_ver(installed_version:wirversion, fixed_version:\"2.2.12\", install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:35:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-9343", "CVE-2017-17997"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181042", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181042", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for wireshark (EulerOS-SA-2018-1042)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1042\");\n script_version(\"2020-01-23T11:09:51+0000\");\n script_cve_id(\"CVE-2017-17997\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:09:51 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:09:51 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for wireshark (EulerOS-SA-2018-1042)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1042\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1042\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'wireshark' package(s) announced via the EulerOS-SA-2018-1042 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. This was addressed in epan/dissectors/packet-mrdisc.c by validating an IPv4 address. This vulnerability is similar to CVE-2017-9343.(CVE-2017-17997)\");\n\n script_tag(name:\"affected\", value:\"'wireshark' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.10.14~7.h1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.10.14~7.h1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:33:30", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-9343", "CVE-2017-17997"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181041", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181041", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for wireshark (EulerOS-SA-2018-1041)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1041\");\n script_version(\"2020-01-23T11:09:50+0000\");\n script_cve_id(\"CVE-2017-17997\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:09:50 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:09:50 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for wireshark (EulerOS-SA-2018-1041)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1041\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1041\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'wireshark' package(s) announced via the EulerOS-SA-2018-1041 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. This was addressed in epan/dissectors/packet-mrdisc.c by validating an IPv4 address. This vulnerability is similar to CVE-2017-9343.(CVE-2017-17997)\");\n\n script_tag(name:\"affected\", value:\"'wireshark' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.10.14~7.h1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.10.14~7.h1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:33:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7335", "CVE-2018-7336", "CVE-2018-5335", "CVE-2018-7419", "CVE-2017-9617", "CVE-2018-7320", "CVE-2018-7417", "CVE-2017-6014", "CVE-2018-7418", "CVE-2018-5334", "CVE-2018-7420", "CVE-2018-6836", "CVE-2017-9766", "CVE-2018-7334", "CVE-2018-7337", "CVE-2017-9616", "CVE-2017-17997"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-03-28T00:00:00", "id": "OPENVAS:1361412562310874288", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874288", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2018-cdf3f8e8b0", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_cdf3f8e8b0_wireshark_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for wireshark FEDORA-2018-cdf3f8e8b0\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874288\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-03-28 08:58:33 +0200 (Wed, 28 Mar 2018)\");\n script_cve_id(\"CVE-2018-7419\", \"CVE-2018-7418\", \"CVE-2018-7417\", \"CVE-2018-7420\",\n \"CVE-2018-7320\", \"CVE-2018-7336\", \"CVE-2018-7337\", \"CVE-2018-7334\",\n \"CVE-2018-7335\", \"CVE-2018-6836\", \"CVE-2018-5335\", \"CVE-2018-5334\",\n \"CVE-2017-6014\", \"CVE-2017-9616\", \"CVE-2017-9617\", \"CVE-2017-9766\",\n \"CVE-2017-17997\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for wireshark FEDORA-2018-cdf3f8e8b0\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"wireshark on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"FEDORA\", value:\"2018-cdf3f8e8b0\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2KD7XZZ37MHNPXTQLGQS6XHC754ZQMM6\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~2.4.5~3.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:32:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-11354", "CVE-2018-7335", "CVE-2017-17084", "CVE-2018-7336", "CVE-2018-5335", "CVE-2018-11357", "CVE-2018-7419", "CVE-2018-11359", "CVE-2018-11361", "CVE-2018-11358", "CVE-2017-9617", "CVE-2018-11362", "CVE-2018-7320", "CVE-2018-7417", "CVE-2017-6014", "CVE-2017-17935", "CVE-2018-7418", "CVE-2017-17085", "CVE-2018-5334", "CVE-2017-15189", "CVE-2017-15191", "CVE-2017-13764", "CVE-2017-15190", "CVE-2018-7420", "CVE-2018-11360", "CVE-2017-13765", "CVE-2018-6836", "CVE-2017-9766", "CVE-2018-11356", "CVE-2018-7334", "CVE-2017-15192", "CVE-2017-13766", "CVE-2018-7337", "CVE-2017-15193", "CVE-2017-13767", "CVE-2017-9616", "CVE-2018-11355", "CVE-2017-17083"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-06-06T00:00:00", "id": "OPENVAS:1361412562310874649", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874649", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2018-d1cfa444d2", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_d1cfa444d2_wireshark_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for wireshark FEDORA-2018-d1cfa444d2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874649\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-06-06 10:25:48 +0200 (Wed, 06 Jun 2018)\");\n script_cve_id(\"CVE-2018-7419\", \"CVE-2018-7418\", \"CVE-2018-7417\", \"CVE-2018-7420\",\n \"CVE-2018-7320\", \"CVE-2018-7336\", \"CVE-2018-7337\", \"CVE-2018-7334\",\n \"CVE-2018-7335\", \"CVE-2018-6836\", \"CVE-2018-5335\", \"CVE-2018-5334\",\n \"CVE-2017-6014\", \"CVE-2017-9616\", \"CVE-2017-9617\", \"CVE-2017-9766\",\n \"CVE-2017-17935\", \"CVE-2017-17085\", \"CVE-2017-17084\", \"CVE-2017-17083\",\n \"CVE-2017-15189\", \"CVE-2017-15190\", \"CVE-2017-15191\", \"CVE-2017-15192\",\n \"CVE-2017-15193\", \"CVE-2017-13764\", \"CVE-2017-13765\", \"CVE-2017-13766\",\n \"CVE-2017-13767\", \"CVE-2018-11362\", \"CVE-2018-11361\", \"CVE-2018-11360\",\n \"CVE-2018-11359\", \"CVE-2018-11358\", \"CVE-2018-11357\", \"CVE-2018-11356\",\n \"CVE-2018-11355\", \"CVE-2018-11354\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for wireshark FEDORA-2018-d1cfa444d2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"wireshark on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-d1cfa444d2\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S4TES6EYI77P55Y77OPJQCCKJKZ7EQBY\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~2.6.1~1.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "debian": [{"lastseen": "2020-11-01T13:24:11", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5335", "CVE-2018-5334", "CVE-2018-5336"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4101-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nJanuary 28, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : wireshark\nCVE ID : CVE-2018-5334 CVE-2018-5335 CVE-2018-5336\n\nIt was discovered that wireshark, a network protocol analyzer, contained\nseveral vulnerabilities in the dissectors/file parsers for IxVeriWave,\nWCP, JSON, XML, NTP, XMPP and GDB, which could result in denial of\ndervice or the execution of arbitrary code.\n\nFor the oldstable distribution (jessie), these problems have been fixed\nin version (1.12.1+g01b65bf-4+deb8u13.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2.2.6+g32dac6a-2+deb9u2.\n\nWe recommend that you upgrade your wireshark packages.\n\nFor the detailed security status of wireshark please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/wireshark\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 18, "modified": "2018-01-28T16:20:21", "published": "2018-01-28T16:20:21", "id": "DEBIAN:DSA-4101-1:FD9E6", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2018/msg00023.html", "title": "[SECURITY] [DSA 4101-1] wireshark security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-08-12T00:48:04", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5335", "CVE-2018-5334", "CVE-2018-5336"], "description": "Package : wireshark\nVersion : 1.12.1+g01b65bf-4+deb8u6~deb7u9\nCVE ID : CVE-2018-5334 CVE-2018-5335 CVE-2018-5336\n\n\nKamil Frankowicz and Young found that several parsers of wireshark could \nbe crashed by malformed packets.\n\n\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n1.12.1+g01b65bf-4+deb8u6~deb7u9.\n\nWe recommend that you upgrade your wireshark packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n", "edition": 12, "modified": "2018-01-26T22:21:02", "published": "2018-01-26T22:21:02", "id": "DEBIAN:DLA-1258-1:7E441", "href": "https://lists.debian.org/debian-lts-announce/2018/debian-lts-announce-201801/msg00032.html", "title": "[SECURITY] [DLA 1258-1] wireshark security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-08-12T01:05:23", "bulletinFamily": "unix", "cvelist": ["CVE-2017-11407", "CVE-2018-9268", "CVE-2018-7336", "CVE-2018-9259", "CVE-2018-19626", "CVE-2018-9265", "CVE-2018-11357", "CVE-2018-11359", "CVE-2018-7323", "CVE-2017-7747", "CVE-2018-19625", "CVE-2018-19622", "CVE-2018-7417", "CVE-2017-17935", "CVE-2018-9269", "CVE-2018-7418", "CVE-2018-9270", "CVE-2017-15191", "CVE-2017-7746", "CVE-2018-7420", "CVE-2018-16057", "CVE-2017-13765", "CVE-2018-9256", "CVE-2018-9260", "CVE-2018-9263", "CVE-2017-9766", "CVE-2018-7331", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-16058", "CVE-2017-11409", "CVE-2017-7703", "CVE-2018-11356", "CVE-2017-7700", "CVE-2018-9267", "CVE-2018-9262", "CVE-2017-11406", "CVE-2018-7322", "CVE-2018-7325", "CVE-2018-7324", "CVE-2017-17997"], "description": "Package : wireshark\nVersion : 1.12.1+g01b65bf-4+deb8u16\nCVE ID : CVE-2017-7700 CVE-2017-7703 CVE-2017-7746 CVE-2017-7747\n CVE-2017-9766 CVE-2017-11406 CVE-2017-11407 CVE-2017-11409\n CVE-2017-13765 CVE-2017-15191 CVE-2017-17935 CVE-2017-17997\n CVE-2018-7322 CVE-2018-7323 CVE-2018-7324 CVE-2018-7325\n CVE-2018-7331 CVE-2018-7336 CVE-2018-7417 CVE-2018-7418\n CVE-2018-7420 CVE-2018-9256 CVE-2018-9259 CVE-2018-9260\n CVE-2018-9262 CVE-2018-9263 CVE-2018-9265 CVE-2018-9267\n CVE-2018-9268 CVE-2018-9269 CVE-2018-9270 CVE-2018-11356\n CVE-2018-11357 CVE-2018-11359 CVE-2018-16057 CVE-2018-16058\n CVE-2018-19622 CVE-2018-19623 CVE-2018-19624 CVE-2018-19625\n CVE-2018-19626\n\n\nSeveral issues in wireshark, a tool that captures and analyzes packets \noff the wire, have been found by different people.\nThese are basically issues with length checks or invalid memory access in \ndifferent dissectors. This could result in infinite loops or crashes by \nmalicious packets.\n\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n1.12.1+g01b65bf-4+deb8u16.\n\nWe recommend that you upgrade your wireshark packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n", "edition": 8, "modified": "2019-01-15T19:39:28", "published": "2019-01-15T19:39:28", "id": "DEBIAN:DLA-1634-1:9CB4F", "href": "https://lists.debian.org/debian-lts-announce/2019/debian-lts-announce-201901/msg00010.html", "title": "[SECURITY] [DLA 1634-1] wireshark security update", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2017-17997", "CVE-2017-6014", "CVE-2017-9616", "CVE-2017-9617", "CVE-2017-9766", "CVE-2018-5334", "CVE-2018-5335", "CVE-2018-6836", "CVE-2018-7320", "CVE-2018-7334", "CVE-2018-7335", "CVE-2018-7336", "CVE-2018-7337", "CVE-2018-7417", "CVE-2018-7418", "CVE-2018-7419", "CVE-2018-7420"], "description": "Metapackage with installs wireshark-cli and wireshark-qt. ", "modified": "2018-04-17T00:23:28", "published": "2018-04-17T00:23:28", "id": "FEDORA:A36566002E30", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: wireshark-2.4.5-3.fc28", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2017-17997", "CVE-2017-6014", "CVE-2017-9616", "CVE-2017-9617", "CVE-2017-9766", "CVE-2018-5334", "CVE-2018-5335", "CVE-2018-6836", "CVE-2018-7320", "CVE-2018-7334", "CVE-2018-7335", "CVE-2018-7336", "CVE-2018-7337", "CVE-2018-7417", "CVE-2018-7418", "CVE-2018-7419", "CVE-2018-7420"], "description": "Metapackage with installs wireshark-cli and wireshark-qt. ", "modified": "2018-03-27T20:17:34", "published": "2018-03-27T20:17:34", "id": "FEDORA:BFCC260BDC9A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: wireshark-2.4.5-3.fc27", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2017-13764", "CVE-2017-13765", "CVE-2017-13766", "CVE-2017-15189", "CVE-2017-15190", "CVE-2017-15191", "CVE-2017-15193", "CVE-2017-17083", "CVE-2017-17084", "CVE-2017-17085", "CVE-2017-17935", "CVE-2017-6014", "CVE-2017-9617", "CVE-2017-9766", "CVE-2018-11354", "CVE-2018-11355", "CVE-2018-11356", "CVE-2018-11357", "CVE-2018-11358", "CVE-2018-11359", "CVE-2018-11360", "CVE-2018-11361", "CVE-2018-11362", "CVE-2018-5334", "CVE-2018-5335", "CVE-2018-6836", "CVE-2018-7320", "CVE-2018-7334", "CVE-2018-7336", "CVE-2018-7337", "CVE-2018-7417", "CVE-2018-7418", "CVE-2018-7419"], "description": "Metapackage with installs wireshark-cli and wireshark-qt. ", "modified": "2018-06-05T14:11:28", "published": "2018-06-05T14:11:28", "id": "FEDORA:AA87961AC333", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: wireshark-2.6.1-1.fc27", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2017-13764", "CVE-2017-13765", "CVE-2017-13766", "CVE-2017-15189", "CVE-2017-15190", "CVE-2017-15191", "CVE-2017-15193", "CVE-2017-17083", "CVE-2017-17084", "CVE-2017-17085", "CVE-2017-17935", "CVE-2017-6014", "CVE-2017-9617", "CVE-2017-9766", "CVE-2018-14339", "CVE-2018-14340", "CVE-2018-14341", "CVE-2018-14342", "CVE-2018-14343", "CVE-2018-14344", "CVE-2018-14367", "CVE-2018-14368", "CVE-2018-14369", "CVE-2018-14370", "CVE-2018-5334", "CVE-2018-5335", "CVE-2018-6836", "CVE-2018-7320", "CVE-2018-7334", "CVE-2018-7336", "CVE-2018-7337", "CVE-2018-7417", "CVE-2018-7418", "CVE-2018-7419"], "description": "Metapackage with installs wireshark-cli and wireshark-qt. ", "modified": "2018-08-01T17:56:04", "published": "2018-08-01T17:56:04", "id": "FEDORA:A3BB5642EA04", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: wireshark-2.6.2-1.fc27", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}]}

Wireshark 2.2.x &lt; 2.2.12 / 2.4.x &lt; 2.4.4 DoS Vulnerabilities

Description

The version of Wireshark installed on the remote Windows host is 2.2.x prior to 2.2.12 or 2.4.x prior to 2.4.4. It is, therefore, affected by a denial of service vulnerability.

Wireshark 2.2.x < 2.2.12 / 2.4.x < 2.4.4 DoS Vulnerabilities